VIRY.CZ

Dobrý den,

asi před 3mi dny mi přišel mail s informacemi od nějaké portugalské tuningové společnosti s tím že potvrzují přijetí objednávky. Když jsem druhý den zapnul svůj notebook, tak na mě vyskočila hláška, že mám zaplatit 100 EURO a s pc nešlo nic dělat. Pak jsem pc zapínal ještě asi po 6ti hodinách a to samé. Druhý den pc naběhlo v pořádku, ale soubory na ploše byli přejmenované a poškozené a také byla vymazána celá historie a hesla v prohlížeči. Teď se notebook zdá v pořádku. Prosím tedy o pomoc a předem moc děkuji za jakékoliv rady.

Log z RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by petr at 2012-05-27 13:33:28
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 227 GB (49%) free of 463 GB
Total RAM: 4061 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:33:41, on 27.5.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files (x86)\Launch Manager\LManager.EXE
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\O2\O2CZ\EMMSN.exe
C:\Program Files (x86)\O2\Nori\Nori.exe
c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
C:\Windows\sysWow64\SearchProtocolHost.exe
C:\Program Files\trend micro\petr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5i44j1u974
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5i44j1u974
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Sony Ericsson PC Companion] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{7DA457A6-8DAC-4D31-ABD2-20B2AF258C63}: NameServer = 160.218.167.5 160.218.161.60
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13874 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe"
c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe
"C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
WLIDSvcM.exe 2408
"C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll", saHooker_Initialize_and_Wait
"C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll", saHooker_Initialize_and_Wait
"C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\x64\saHook.dll", saHooker_Initialize_and_Wait
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000007cc
\??\C:\Windows\system32\conhost.exe "1926717554580583419196727226377816108-20632354216351124852074904054-749198168
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-2549cf31-8787-42b6-979d-da209fa9695f -SystemEventPortName:HostProcess-178ff44e-385d-472f-ae30-a9b8b72d2fd9 -IoCancelEventPortName:HostProcess-ee8fdb78-e8ad-47d7-99b7-a8f147d78591 -NonStateChangingEventPortName:HostProcess-0bcba722-9ba9-4ff3-a1e4-f42f6551cf5f -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:1213f363-4034-49cf-86d2-1b17f27135c7
"C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Windows\PLFSetI.exe"
"C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Launch Manager\LManager.EXE"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\O2\O2CZ\EMMSN.exe"
"C:\Program Files (x86)\O2\Nori\Nori.exe" -Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"c:\PROGRA~2\mcafee\SITEAD~1\saui.exe" -Embedding
"C:\Windows\sysWow64\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1936000234-837052830-3782009221-10004_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1936000234-837052830-3782009221-10004 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Users\petr\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532

======Scheduled tasks folder======

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1936000234-837052830-3782009221-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1936000234-837052830-3782009221-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1936000234-837052830-3782009221-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1936000234-837052830-3782009221-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-03-07 1211776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2012-03-22 253040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2012-02-17 348592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-02-17 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2012-03-22 192112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2012-02-17 281600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-02-17 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2012-02-17 348592]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-03-07 1211776]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2012-03-22 253040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2012-02-17 281600]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2012-03-22 192112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2009-07-20 503864]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-09-17 1842472]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2010-02-26 818720]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-10-03 16395880]
"PLFSetI"=C:\Windows\PLFSetI.exe [2009-12-14 206072]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-04-08 39408]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"Sony PC Companion"=C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [2011-12-07 433872]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-02-29 17148552]
"Sony Ericsson PC Companion"=C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [2011-12-07 433872]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-09-24 825864]
"NortonOnlineBackupReminder"=C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-07-25 588648]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2011-09-23 258512]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-03-07 4241512]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-05-27 13:33:29 ----D---- C:\Program Files\trend micro
2012-05-27 13:33:28 ----D---- C:\rsit
2012-05-27 13:15:33 ----D---- C:\Program Files\CCleaner
2012-05-22 21:38:51 ----D---- C:\Users\petr\AppData\Roaming\Vtnflxe
2012-05-12 15:23:19 ----D---- C:\Program Files\Microsoft Silverlight
2012-05-12 15:23:19 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2012-05-11 07:34:27 ----A---- C:\Windows\system32\DWrite.dll
2012-05-11 07:34:26 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-05-11 07:34:18 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-05-11 07:34:16 ----A---- C:\Windows\system32\win32k.sys
2012-05-11 07:34:14 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-05-11 07:34:13 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-05-11 07:33:32 ----A---- C:\Windows\system32\drivers\partmgr.sys
2012-05-11 07:33:12 ----A---- C:\Windows\system32\drivers\tcpip.sys

======List of files/folders modified in the last 1 month======

2012-05-27 13:33:41 ----D---- C:\Windows\Prefetch
2012-05-27 13:33:39 ----D---- C:\EVENTDB
2012-05-27 13:33:33 ----D---- C:\Windows\Temp
2012-05-27 13:33:29 ----RD---- C:\Program Files
2012-05-27 13:29:16 ----D---- C:\Windows\System32
2012-05-27 13:29:16 ----D---- C:\Windows\inf
2012-05-27 13:29:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-05-27 13:29:03 ----D---- C:\Users\petr\AppData\Roaming\Skype
2012-05-27 13:24:20 ----AD---- C:\Windows
2012-05-27 13:23:16 ----D---- C:\Windows\system32\config
2012-05-27 13:21:41 ----D---- C:\Windows\Panther
2012-05-27 13:21:41 ----D---- C:\Windows\ModemLogs
2012-05-27 13:21:40 ----D---- C:\Windows\Minidump
2012-05-27 13:21:40 ----D---- C:\Windows\Logs
2012-05-27 13:21:40 ----D---- C:\Windows\debug
2012-05-27 12:33:24 ----SHD---- C:\System Volume Information
2012-05-24 23:29:44 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2012-05-22 22:28:52 ----D---- C:\Users\petr\AppData\Roaming\vlc
2012-05-22 22:28:52 ----D---- C:\Users\petr\AppData\Roaming\skypePM
2012-05-22 22:26:53 ----D---- C:\ProgramData\NVIDIA
2012-05-22 22:15:29 ----D---- C:\ProgramData\Arcade Lab
2012-05-22 22:15:28 ----D---- C:\REPORTS
2012-05-22 22:13:49 ----D---- C:\LOGFILES
2012-05-22 22:10:38 ----HD---- C:\OEM
2012-05-22 22:10:37 ----AD---- C:\book
2012-05-21 10:08:48 ----D---- C:\Windows\Microsoft.NET
2012-05-21 10:08:46 ----RSD---- C:\Windows\assembly
2012-05-12 15:25:06 ----SHD---- C:\Windows\Installer
2012-05-12 15:23:19 ----RD---- C:\Program Files (x86)
2012-05-11 23:03:15 ----D---- C:\Windows\winsxs
2012-05-11 23:01:09 ----D---- C:\Windows\SysWOW64
2012-05-11 23:01:04 ----D---- C:\Windows\system32\drivers
2012-05-11 17:07:57 ----A---- C:\Windows\system32\MRT.exe
2012-05-11 17:07:49 ----D---- C:\ProgramData\Microsoft Help
2012-05-11 17:01:57 ----D---- C:\Windows\system32\catroot2
2012-05-11 17:01:57 ----D---- C:\Windows\system32\catroot
2012-05-11 16:54:06 ----D---- C:\Program Files\Windows Journal
2012-05-08 22:40:29 ----RD---- C:\Program Files (x86)\Skype
2012-05-08 22:40:29 ----D---- C:\Program Files (x86)\Common Files
2012-05-08 22:40:17 ----D---- C:\ProgramData\Skype
2012-04-28 07:59:35 ----SD---- C:\Users\petr\AppData\Roaming\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-03-07 53080]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-03-07 819032]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-03-07 337240]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-03-07 59224]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2011-09-18 130760]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2011-09-16 27760]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-03-07 24408]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-03-07 69976]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2011-09-16 97312]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2009-08-11 686080]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-11-13 67072]
R3 NETw5s64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-05 18432]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-09-17 292912]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-05 16896]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-07-01 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2011-12-18 13352]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2011-12-18 27176]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-06-24 216576]
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 AntiVirService;Avira Realtime Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-09-23 110032]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-03-07 44768]
R2 BcmSqlStartupSvc;Služba spouštění serveru SQL Server aplikace Business Contact Manager; C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-17 864032]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-02-26 841248]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 IviRegMgr;IviRegMgr; C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe [2012-01-13 103440]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-10-03 392296]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-02-22 75064]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
R2 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 153440]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-09-23 86224]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-18 135664]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-18 135664]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-04-08 182768]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-01-28 1255736]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

Bohužel původce problémů nemám a poškozené soubory jsem smazal. Zatím jsem odinstaloval McAfee a snažím se odinstalovat Aviru ale nechce se jí.Přikládám logy.

Log z MBRScan:

Kód: Vybrat vše

MBRScan v1.1.1

OS             : Windows 7 Service Pack 1 (64 bit)
PROCESSOR      : Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
BOOT           : Normal Boot
DATE           : 2012/05/27 (ISO 8601) at 15:45:44
________________________________________________________________________________

DISK           : Device\Harddisk0\DR0 __Hitachi HTS545050B9A (PB4O)
BUS_TYPE       : (0x03)  P-ATA
USE_PIO        : NO
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

Device\Harddisk0\DR0	465.8 Go  [Fixed] ==> 7 MBR Code

MBR_MD5   : 661B1A7312004425A3C469B63C2DE8D0
MBR_SHA1  : 97474E0C8BF64F60BD944FF86DE52A8CA6068119

Device\Harddisk0\Partition1	13.67 Go  	0x27 RE Hidden partition 
Device\Harddisk0\Partition2	100.0 Mo  	0x07 NTFS / HPFS __ BOOTABLE __
Device\Harddisk0\Partition3	452.0 Go  	0x07 NTFS / HPFS
________________________________________________________________________________

############################### Additional scan ################################

DRIVER  : C:\Windows\system32\hal.dll => Invisible on the disk
ADDRESS : 0x033FD000
SIZE    : 292.0 Ko

DRIVER  : C:\Windows\system32\kdcom.dll => Invisible on the disk
ADDRESS : 0x00BC0000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\system32\mcupdate_GenuineIntel.dll => Invisible on the disk
ADDRESS : 0x00C71000
SIZE    : 316.0 Ko

DRIVER  : C:\Windows\system32\CLFS.SYS => Invisible on the disk
ADDRESS : 0x00CD4000
SIZE    : 376.0 Ko

DRIVER  : C:\Windows\system32\CI.dll => Invisible on the disk
ADDRESS : 0x00D32000
SIZE    : 768.0 Ko

DRIVER  : C:\Windows\system32\drivers\Wdf01000.sys => Invisible on the disk
ADDRESS : 0x00ECE000
SIZE    : 656.0 Ko

DRIVER  : C:\Windows\system32\drivers\WDFLDR.SYS => Invisible on the disk
ADDRESS : 0x00F72000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\system32\drivers\ACPI.sys => Invisible on the disk
ADDRESS : 0x00F81000
SIZE    : 348.0 Ko

DRIVER  : C:\Windows\system32\drivers\WMILIB.SYS => Invisible on the disk
ADDRESS : 0x00FD8000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\drivers\msisadrv.sys => Invisible on the disk
ADDRESS : 0x00FE1000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\system32\drivers\pci.sys => Invisible on the disk
ADDRESS : 0x00E00000
SIZE    : 204.0 Ko

DRIVER  : C:\Windows\system32\drivers\vdrvroot.sys => Invisible on the disk
ADDRESS : 0x00E33000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\System32\drivers\partmgr.sys => Invisible on the disk
ADDRESS : 0x00E40000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\compbatt.sys => Invisible on the disk
ADDRESS : 0x00E55000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\BATTC.SYS => Invisible on the disk
ADDRESS : 0x00E5E000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\drivers\volmgr.sys => Invisible on the disk
ADDRESS : 0x00E6A000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\System32\drivers\volmgrx.sys => Invisible on the disk
ADDRESS : 0x00C00000
SIZE    : 368.0 Ko

DRIVER  : C:\Windows\System32\drivers\mountmgr.sys => Invisible on the disk
ADDRESS : 0x00E7F000
SIZE    : 104.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\iaStor.sys => Invisible on the disk
ADDRESS : 0x01001000
SIZE    : 1.11 Mo

DRIVER  : C:\Windows\system32\drivers\atapi.sys => Invisible on the disk
ADDRESS : 0x0111D000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\drivers\ataport.SYS => Invisible on the disk
ADDRESS : 0x01126000
SIZE    : 168.0 Ko

DRIVER  : C:\Windows\system32\drivers\amdxata.sys => Invisible on the disk
ADDRESS : 0x01150000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\system32\drivers\fltmgr.sys => Invisible on the disk
ADDRESS : 0x0115B000
SIZE    : 304.0 Ko

DRIVER  : C:\Windows\system32\drivers\fileinfo.sys => Invisible on the disk
ADDRESS : 0x011A7000
SIZE    : 80.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Ntfs.sys => Invisible on the disk
ADDRESS : 0x01254000
SIZE    : 1.64 Mo

DRIVER  : C:\Windows\System32\Drivers\msrpc.sys => Invisible on the disk
ADDRESS : 0x01478000
SIZE    : 376.0 Ko

DRIVER  : C:\Windows\System32\Drivers\ksecdd.sys => Invisible on the disk
ADDRESS : 0x014D6000
SIZE    : 108.0 Ko

DRIVER  : C:\Windows\System32\Drivers\cng.sys => Invisible on the disk
ADDRESS : 0x014F1000
SIZE    : 456.0 Ko

DRIVER  : C:\Windows\System32\drivers\pcw.sys => Invisible on the disk
ADDRESS : 0x01563000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Fs_Rec.sys => Invisible on the disk
ADDRESS : 0x01574000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\system32\drivers\ndis.sys => Invisible on the disk
ADDRESS : 0x01678000
SIZE    : 972.0 Ko

DRIVER  : C:\Windows\system32\drivers\NETIO.SYS => Invisible on the disk
ADDRESS : 0x0176B000
SIZE    : 384.0 Ko

DRIVER  : C:\Windows\System32\Drivers\ksecpkg.sys => Invisible on the disk
ADDRESS : 0x017CB000
SIZE    : 172.0 Ko

DRIVER  : C:\Windows\System32\drivers\tcpip.sys => Invisible on the disk
ADDRESS : 0x018D7000
SIZE    : 2.01 Mo

DRIVER  : C:\Windows\System32\drivers\fwpkclnt.sys => Invisible on the disk
ADDRESS : 0x01ADA000
SIZE    : 296.0 Ko

DRIVER  : C:\Windows\system32\drivers\volsnap.sys => Invisible on the disk
ADDRESS : 0x01B24000
SIZE    : 304.0 Ko

DRIVER  : C:\Windows\System32\Drivers\spldr.sys => Invisible on the disk
ADDRESS : 0x01B70000
SIZE    : 32.0 Ko

DRIVER  : C:\Windows\System32\drivers\rdyboost.sys => Invisible on the disk
ADDRESS : 0x01B78000
SIZE    : 232.0 Ko

DRIVER  : C:\Windows\System32\Drivers\mup.sys => Invisible on the disk
ADDRESS : 0x01BB2000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\System32\drivers\hwpolicy.sys => Invisible on the disk
ADDRESS : 0x01BC4000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\fvevol.sys => Invisible on the disk
ADDRESS : 0x01800000
SIZE    : 232.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\disk.sys => Invisible on the disk
ADDRESS : 0x0183A000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\CLASSPNP.SYS => Invisible on the disk
ADDRESS : 0x01850000
SIZE    : 192.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\cdrom.sys => Invisible on the disk
ADDRESS : 0x02FCD000
SIZE    : 168.0 Ko

DRIVER  : C:\Windows\System32\Drivers\aswSnx.SYS => Invisible on the disk
ADDRESS : 0x03E31000
SIZE    : 820.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Null.SYS => Invisible on the disk
ADDRESS : 0x03EFE000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Beep.SYS => Invisible on the disk
ADDRESS : 0x03F07000
SIZE    : 28.0 Ko

DRIVER  : C:\Windows\System32\drivers\vga.sys => Invisible on the disk
ADDRESS : 0x03F0E000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\drivers\VIDEOPRT.SYS => Invisible on the disk
ADDRESS : 0x03F1C000
SIZE    : 148.0 Ko

DRIVER  : C:\Windows\System32\drivers\watchdog.sys => Invisible on the disk
ADDRESS : 0x03F41000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\RDPCDD.sys => Invisible on the disk
ADDRESS : 0x03F51000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\drivers\rdpencdd.sys => Invisible on the disk
ADDRESS : 0x03F5A000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\drivers\rdprefmp.sys => Invisible on the disk
ADDRESS : 0x03F63000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Msfs.SYS => Invisible on the disk
ADDRESS : 0x03F6C000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Npfs.SYS => Invisible on the disk
ADDRESS : 0x03F77000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\tdx.sys => Invisible on the disk
ADDRESS : 0x03F88000
SIZE    : 136.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\TDI.SYS => Invisible on the disk
ADDRESS : 0x03FAA000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\System32\Drivers\aswTdi.SYS => Invisible on the disk
ADDRESS : 0x03FB7000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\netbt.sys => Invisible on the disk
ADDRESS : 0x02E00000
SIZE    : 276.0 Ko

DRIVER  : C:\Windows\system32\drivers\afd.sys => Invisible on the disk
ADDRESS : 0x040D2000
SIZE    : 548.0 Ko

DRIVER  : C:\Windows\System32\Drivers\aswrdr2.sys => Invisible on the disk
ADDRESS : 0x0415B000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\wfplwf.sys => Invisible on the disk
ADDRESS : 0x0416B000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\pacer.sys => Invisible on the disk
ADDRESS : 0x04174000
SIZE    : 152.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\vwififlt.sys => Invisible on the disk
ADDRESS : 0x0419A000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\netbios.sys => Invisible on the disk
ADDRESS : 0x041B0000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\wanarp.sys => Invisible on the disk
ADDRESS : 0x041BF000
SIZE    : 108.0 Ko

DRIVER  : C:\Windows\system32\drivers\termdd.sys => Invisible on the disk
ADDRESS : 0x041DA000
SIZE    : 80.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rdbss.sys => Invisible on the disk
ADDRESS : 0x04000000
SIZE    : 324.0 Ko

DRIVER  : C:\Windows\system32\drivers\nsiproxy.sys => Invisible on the disk
ADDRESS : 0x04051000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\drivers\mssmbios.sys => Invisible on the disk
ADDRESS : 0x0405D000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\drivers\discache.sys => Invisible on the disk
ADDRESS : 0x04068000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\System32\Drivers\dfsc.sys => Invisible on the disk
ADDRESS : 0x04077000
SIZE    : 120.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\blbdrive.sys => Invisible on the disk
ADDRESS : 0x04095000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\avkmgr.sys => Invisible on the disk
ADDRESS : 0x040A6000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\avipbb.sys => Invisible on the disk
ADDRESS : 0x03FC9000
SIZE    : 152.0 Ko

DRIVER  : C:\Windows\System32\Drivers\aswSP.SYS => Invisible on the disk
ADDRESS : 0x02E45000
SIZE    : 352.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\tunnel.sys => Invisible on the disk
ADDRESS : 0x03E00000
SIZE    : 152.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\CmBatt.sys => Invisible on the disk
ADDRESS : 0x040B0000
SIZE    : 20.0 Ko

DRIVER  : C:\Windows\system32\drivers\wmiacpi.sys => Invisible on the disk
ADDRESS : 0x040B5000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\nvlddmkm.sys => Invisible on the disk
ADDRESS : 0x05831000
SIZE    : 11.14 Mo

DRIVER  : C:\Windows\system32\DRIVERS\nvBridge.kmd => Invisible on the disk
ADDRESS : 0x06355000
SIZE    : 8.0 Ko

DRIVER  : C:\Windows\System32\drivers\dxgkrnl.sys => Invisible on the disk
ADDRESS : 0x03C1F000
SIZE    : 976.0 Ko

DRIVER  : C:\Windows\System32\drivers\dxgmms1.sys => Invisible on the disk
ADDRESS : 0x03D13000
SIZE    : 280.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\usbuhci.sys => Invisible on the disk
ADDRESS : 0x03D59000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\USBPORT.SYS => Invisible on the disk
ADDRESS : 0x03D66000
SIZE    : 344.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\usbehci.sys => Invisible on the disk
ADDRESS : 0x03DBC000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\system32\drivers\HDAudBus.sys => Invisible on the disk
ADDRESS : 0x03DCD000
SIZE    : 144.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\NETw5s64.sys => Invisible on the disk
ADDRESS : 0x04A18000
SIZE    : 6.68 Mo

DRIVER  : C:\Windows\system32\DRIVERS\vwifibus.sys => Invisible on the disk
ADDRESS : 0x050C5000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\L1C62x64.sys => Invisible on the disk
ADDRESS : 0x050D2000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\system32\drivers\i8042prt.sys => Invisible on the disk
ADDRESS : 0x050E7000
SIZE    : 120.0 Ko

DRIVER  : C:\Windows\system32\drivers\kbdclass.sys => Invisible on the disk
ADDRESS : 0x05111000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\SynTP.sys => Invisible on the disk
ADDRESS : 0x05120000
SIZE    : 308.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\USBD.SYS => Invisible on the disk
ADDRESS : 0x0516D000
SIZE    : 8.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mouclass.sys => Invisible on the disk
ADDRESS : 0x0516F000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\system32\drivers\UBHelper.sys => Invisible on the disk
ADDRESS : 0x0517E000
SIZE    : 32.0 Ko

DRIVER  : C:\Windows\system32\drivers\NTIDrvr.sys => Invisible on the disk
ADDRESS : 0x05186000
SIZE    : 32.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\intelppm.sys => Invisible on the disk
ADDRESS : 0x0518E000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\system32\drivers\CompositeBus.sys => Invisible on the disk
ADDRESS : 0x051A4000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\AgileVpn.sys => Invisible on the disk
ADDRESS : 0x051B4000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rasl2tp.sys => Invisible on the disk
ADDRESS : 0x051CA000
SIZE    : 144.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ndistapi.sys => Invisible on the disk
ADDRESS : 0x051EE000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ndiswan.sys => Invisible on the disk
ADDRESS : 0x06357000
SIZE    : 188.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\raspppoe.sys => Invisible on the disk
ADDRESS : 0x03C00000
SIZE    : 108.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\raspptp.sys => Invisible on the disk
ADDRESS : 0x06386000
SIZE    : 132.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rassstp.sys => Invisible on the disk
ADDRESS : 0x063A7000
SIZE    : 104.0 Ko

DRIVER  : C:\Windows\system32\drivers\swenum.sys => Invisible on the disk
ADDRESS : 0x051FA000
SIZE    : 8.0 Ko

DRIVER  : C:\Windows\system32\drivers\ks.sys => Invisible on the disk
ADDRESS : 0x0188E000
SIZE    : 268.0 Ko

DRIVER  : C:\Windows\system32\drivers\umbus.sys => Invisible on the disk
ADDRESS : 0x04A00000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\usbhub.sys => Invisible on the disk
ADDRESS : 0x01600000
SIZE    : 360.0 Ko

DRIVER  : C:\Windows\System32\Drivers\NDProxy.SYS => Invisible on the disk
ADDRESS : 0x063C1000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\system32\drivers\CHDRT64.sys => Invisible on the disk
ADDRESS : 0x0528E000
SIZE    : 688.0 Ko

DRIVER  : C:\Windows\system32\drivers\portcls.sys => Invisible on the disk
ADDRESS : 0x0533A000
SIZE    : 244.0 Ko

DRIVER  : C:\Windows\system32\drivers\drmk.sys => Invisible on the disk
ADDRESS : 0x05377000
SIZE    : 136.0 Ko

DRIVER  : C:\Windows\system32\drivers\ksthunk.sys => Invisible on the disk
ADDRESS : 0x05399000
SIZE    : 24.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\usbccgp.sys => Invisible on the disk
ADDRESS : 0x0539F000
SIZE    : 116.0 Ko

DRIVER  : C:\Windows\System32\Drivers\usbvideo.sys => Invisible on the disk
ADDRESS : 0x053BC000
SIZE    : 184.0 Ko

DRIVER  : C:\Windows\System32\win32k.sys => Invisible on the disk
ADDRESS : 0x00080000
SIZE    : 3.08 Mo

DRIVER  : C:\Windows\System32\drivers\Dxapi.sys => Invisible on the disk
ADDRESS : 0x053EA000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\monitor.sys => Invisible on the disk
ADDRESS : 0x05200000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\TSDDD.dll => Invisible on the disk
ADDRESS : 0x004E0000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\udfs.sys => Invisible on the disk
ADDRESS : 0x0520E000
SIZE    : 340.0 Ko

DRIVER  : C:\Windows\System32\Drivers\crashdmp.sys => Invisible on the disk
ADDRESS : 0x05263000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\cdd.dll => Invisible on the disk
ADDRESS : 0x00770000
SIZE    : 156.0 Ko

DRIVER  : C:\Windows\system32\drivers\luafv.sys => Invisible on the disk
ADDRESS : 0x063D6000
SIZE    : 140.0 Ko

DRIVER  : C:\Windows\system32\drivers\aswMonFlt.sys => Invisible on the disk
ADDRESS : 0x0157E000
SIZE    : 220.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\avgntflt.sys => Invisible on the disk
ADDRESS : 0x05800000
SIZE    : 128.0 Ko

DRIVER  : C:\Windows\System32\Drivers\aswFsBlk.SYS => Invisible on the disk
ADDRESS : 0x05284000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\drivers\WudfPf.sys => Invisible on the disk
ADDRESS : 0x01BCD000
SIZE    : 132.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\lltdio.sys => Invisible on the disk
ADDRESS : 0x0165A000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\nwifi.sys => Invisible on the disk
ADDRESS : 0x01400000
SIZE    : 332.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ndisuio.sys => Invisible on the disk
ADDRESS : 0x040BE000
SIZE    : 76.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rspndr.sys => Invisible on the disk
ADDRESS : 0x01453000
SIZE    : 96.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\vwifimp.sys => Invisible on the disk
ADDRESS : 0x053F6000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\system32\drivers\HTTP.sys => Invisible on the disk
ADDRESS : 0x078C5000
SIZE    : 804.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\bowser.sys => Invisible on the disk
ADDRESS : 0x0798E000
SIZE    : 120.0 Ko

DRIVER  : C:\Windows\System32\drivers\mpsdrv.sys => Invisible on the disk
ADDRESS : 0x079AC000
SIZE    : 96.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb.sys => Invisible on the disk
ADDRESS : 0x079C4000
SIZE    : 180.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb10.sys => Invisible on the disk
ADDRESS : 0x07800000
SIZE    : 312.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb20.sys => Invisible on the disk
ADDRESS : 0x0784E000
SIZE    : 144.0 Ko

DRIVER  : C:\Windows\system32\drivers\peauth.sys => Invisible on the disk
ADDRESS : 0x07EA1000
SIZE    : 664.0 Ko

DRIVER  : C:\Windows\System32\Drivers\secdrv.SYS => Invisible on the disk
ADDRESS : 0x07F47000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\srvnet.sys => Invisible on the disk
ADDRESS : 0x07F52000
SIZE    : 196.0 Ko

DRIVER  : C:\Windows\System32\drivers\tcpipreg.sys => Invisible on the disk
ADDRESS : 0x07F83000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\srv2.sys => Invisible on the disk
ADDRESS : 0x07F95000
SIZE    : 420.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\srv.sys => Invisible on the disk
ADDRESS : 0x07E00000
SIZE    : 608.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ewusbdev.sys => Invisible on the disk
ADDRESS : 0x07872000
SIZE    : 112.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ewusbmdm.sys => Invisible on the disk
ADDRESS : 0x0788E000
SIZE    : 116.0 Ko

DRIVER  : C:\Windows\system32\drivers\modem.sys => Invisible on the disk
ADDRESS : 0x078AB000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ewdcsc.sys => Invisible on the disk
ADDRESS : 0x079F1000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\SMCLIB.SYS => Invisible on the disk
ADDRESS : 0x03DF1000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\scfilter.sys => Invisible on the disk
ADDRESS : 0x05820000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\USBSTOR.SYS => Invisible on the disk
ADDRESS : 0x015B5000
SIZE    : 108.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\WUDFRd.sys => Invisible on the disk
ADDRESS : 0x01200000
SIZE    : 196.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\asyncmac.sys => Invisible on the disk
ADDRESS : 0x078BA000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\smss.exe => Invisible on the disk
ADDRESS : 0x47B10000
SIZE    : 128.0 Ko

SystemStartOptions :  NOEXECUTE=OPTIN

________________________________________________________________________________

_______MBR   \Device\Harddisk0\DR0  

0x00000000   33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00   3À.Ð¼.|.À.Ø¾.|¿.
0x00000010   06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00   .¹..üó¤Ph..Ëû¹..
0x00000020   BD BE 07 80 7E 00 00 7C 0B 0F 85 0E 01 83 C5 10   ½¾..~..|......Å.
0x00000030   E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00   âñÍ..V.UÆF..ÆF..
0x00000040   B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09   ´A»ªUÍ.]r..ûUªu.
0x00000050   F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74   ÷Á..t.þF.f`.~..t
0x00000060   26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00   &fh....f.v.h..h.
0x00000070   7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13   |h..h..´B.V..ôÍ.
0x00000080   9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00   ..Ä..ë.¸..».|.V.
0x00000090   8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1C FE   .v..N..n.Í.fas.þ
0x000000A0   4E 11 75 0C 80 7E 00 80 0F 84 8A 00 B2 80 EB 84   N.u..~......².ë.
0x000000B0   55 32 E4 8A 56 00 CD 13 5D EB 9E 81 3E FE 7D 55   U2ä.V.Í.]ë..>þ}U
0x000000C0   AA 75 6E FF 76 00 E8 8D 00 75 17 FA B0 D1 E6 64   ªun.v.è..u.ú°Ñæd
0x000000D0   E8 83 00 B0 DF E6 60 E8 7C 00 B0 FF E6 64 E8 75   è..°ßæ`è|.°.ædèu
0x000000E0   00 FB B8 00 BB CD 1A 66 23 C0 75 3B 66 81 FB 54   .û¸.»Í.f#Àu;f.ûT
0x000000F0   43 50 41 75 32 81 F9 02 01 72 2C 66 68 07 BB 00   CPAu2.ù..r,fh.».
0x00000100   00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66   .fh....fh....fSf
0x00000110   53 66 55 66 68 00 00 00 00 66 68 00 7C 00 00 66   SfUfh....fh.|..f
0x00000120   61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 00 CD   ah...Í.Z2öê.|..Í
0x00000130   18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 32 E4   ..·.ë..¶.ë..µ.2ä
0x00000140   05 00 07 8B F0 AC 3C 00 74 09 BB 07 00 B4 0E CD   ....ð¬<.t.»..´.Í
0x00000150   10 EB F2 F4 EB FD 2B C9 E4 64 EB 00 24 02 E0 F8   .ëòôëý+Éädë.$.àø
0x00000160   24 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69   $.ÃInvalid parti
0x00000170   74 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72   tion table.Error
0x00000180   20 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69    loading operati
0x00000190   6E 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E   ng system.Missin
0x000001A0   67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74   g operating syst
0x000001B0   65 6D 00 00 00 63 7B 9A 5E F5 AC DD 00 00 00 20   em...c{.^õ¬Ý... 
0x000001C0   21 00 27 FE FF FF 00 08 00 00 00 80 B5 01 80 FE   !.'þ........µ..þ
0x000001D0   FF FF 07 FE FF FF 00 88 B5 01 00 20 03 00 00 FE   ...þ....µ.. ...þ
0x000001E0   FF FF 07 FE FF FF 00 A8 B8 01 00 B0 7F 38 00 00   ...þ...¨¸..°.8..
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

__________________________16_BIT_ASM_CODE
   
0x0000    33c0            XOR AX, AX   
0x0002    8ed0            MOV SS, AX   
0x0004    bc 007c         MOV SP, 0x7c00   
0x0007    8ec0            MOV ES, AX   
0x0009    8ed8            MOV DS, AX   
0x000B    be 007c         MOV SI, 0x7c00   
0x000E    bf 0006         MOV DI, 0x600   
0x0011    b9 0002         MOV CX, 0x200   
0x0014    fc              CLD   
0x0015    f3 a4           REP MOVSB   
0x0017    50              PUSH AX   
0x0018    68 1c06         PUSH 0x61c   
0x001B    cb              RETF   
0x001C    fb              STI   
0x001D    b9 0400         MOV CX, 0x4   
0x0020    bd be07         MOV BP, 0x7be   
0x0023    807e 00 00      CMP BYTE [BP+0x0], 0x0   
0x0027    7c 0b           JL 0x34   
0x0029    0f85 0e01       JNZ 0x13b   
0x002D    83c5 10         ADD BP, 0x10   
0x0030    e2 f1           LOOP 0x23   
0x0032    cd 18           INT 0x18   
0x0034    8856 00         MOV [BP+0x0], DL   
0x0037    55              PUSH BP   
0x0038    c646 11 05      MOV BYTE [BP+0x11], 0x5   
0x003C    c646 10 00      MOV BYTE [BP+0x10], 0x0   
0x0040    b4 41           MOV AH, 0x41   
0x0042    bb aa55         MOV BX, 0x55aa   
0x0045    cd 13           INT 0x13   
0x0047    5d              POP BP   
0x0048    72 0f           JB 0x59   
0x004A    81fb 55aa       CMP BX, 0xaa55   
0x004E    75 09           JNZ 0x59   
0x0050    f7c1 0100       TEST CX, 0x1   
0x0054    74 03           JZ 0x59   
0x0056    fe46 10         INC BYTE [BP+0x10]   
0x0059    66 60           PUSHAD   
0x005B    807e 10 00      CMP BYTE [BP+0x10], 0x0   
0x005F    74 26           JZ 0x87   
0x0061    66 68 00000000  PUSH 0x0   
0x0067    66 ff76 08      PUSH DWORD [BP+0x8]   
0x006B    68 0000         PUSH 0x0   
0x006E    68 007c         PUSH 0x7c00   
0x0071    68 0100         PUSH 0x1   
0x0074    68 1000         PUSH 0x10   
0x0077    b4 42           MOV AH, 0x42   
0x0079    8a56 00         MOV DL, [BP+0x0]   
0x007C    8bf4            MOV SI, SP   
0x007E    cd 13           INT 0x13   
0x0080    9f              LAHF   
0x0081    83c4 10         ADD SP, 0x10   
0x0084    9e              SAHF   
0x0085    eb 14           JMP 0x9b   
0x0087    b8 0102         MOV AX, 0x201   
0x008A    bb 007c         MOV BX, 0x7c00   
0x008D    8a56 00         MOV DL, [BP+0x0]   
0x0090    8a76 01         MOV DH, [BP+0x1]   
0x0093    8a4e 02         MOV CL, [BP+0x2]   
0x0096    8a6e 03         MOV CH, [BP+0x3]   
0x0099    cd 13           INT 0x13   
0x009B    66 61           POPAD   
0x009D    73 1c           JAE 0xbb   
0x009F    fe4e 11         DEC BYTE [BP+0x11]   
0x00A2    75 0c           JNZ 0xb0   
0x00A4    807e 00 80      CMP BYTE [BP+0x0], 0x80   
0x00A8    0f84 8a00       JZ 0x136   
0x00AC    b2 80           MOV DL, 0x80   
0x00AE    eb 84           JMP 0x34   
0x00B0    55              PUSH BP   
0x00B1    32e4            XOR AH, AH   
0x00B3    8a56 00         MOV DL, [BP+0x0]   
0x00B6    cd 13           INT 0x13   
0x00B8    5d              POP BP   
0x00B9    eb 9e           JMP 0x59   
0x00BB    813e fe7d 55aa  CMP WORD [0x7dfe], 0xaa55   
0x00C1    75 6e           JNZ 0x131   
0x00C3    ff76 00         PUSH WORD [BP+0x0]   
0x00C6    e8 8d00         CALL 0x156   
0x00C9    75 17           JNZ 0xe2   
0x00CB    fa              CLI   
0x00CC    b0 d1           MOV AL, 0xd1   
0x00CE    e6 64           OUT 0x64, AL   
0x00D0    e8 8300         CALL 0x156   
0x00D3    b0 df           MOV AL, 0xdf   
0x00D5    e6 60           OUT 0x60, AL   
0x00D7    e8 7c00         CALL 0x156   
0x00DA    b0 ff           MOV AL, 0xff   
0x00DC    e6 64           OUT 0x64, AL   
0x00DE    e8 7500         CALL 0x156   
0x00E1    fb              STI   
0x00E2    b8 00bb         MOV AX, 0xbb00   
0x00E5    cd 1a           INT 0x1a   
0x00E7    66 23c0         AND EAX, EAX   
0x00EA    75 3b           JNZ 0x127   
0x00EC    66 81fb 54435041CMP EBX, 0x41504354   
0x00F3    75 32           JNZ 0x127   
0x00F5    81f9 0201       CMP CX, 0x102   
0x00F9    72 2c           JB 0x127   
0x00FB    66 68 07bb0000  PUSH 0xbb07   
0x0101    66 68 00020000  PUSH 0x200   
0x0107    66 68 08000000  PUSH 0x8   
0x010D    66 53           PUSH EBX   
0x010F    66 53           PUSH EBX   
0x0111    66 55           PUSH EBP   
0x0113    66 68 00000000  PUSH 0x0   
0x0119    66 68 007c0000  PUSH 0x7c00   
0x011F    66 61           POPAD   
0x0121    68 0000         PUSH 0x0   
0x0124    07              POP ES   
0x0125    cd 1a           INT 0x1a   
0x0127    5a              POP DX   
0x0128    32f6            XOR DH, DH   
0x012A    ea 007c 0000    JMP FAR 0x0:0x7c00   
0x012F    cd 18           INT 0x18   
0x0131    a0 b707         MOV AL, [0x7b7]   
0x0134    eb 08           JMP 0x13e   
0x0136    a0 b607         MOV AL, [0x7b6]   
0x0139    eb 03           JMP 0x13e   
0x013B    a0 b507         MOV AL, [0x7b5]   
0x013E    32e4            XOR AH, AH   
0x0140    05 0007         ADD AX, 0x700   
0x0143    8bf0            MOV SI, AX   
0x0145    ac              LODSB   
0x0146    3c 00           CMP AL, 0x0   
0x0148    74 09           JZ 0x153   
0x014A    bb 0700         MOV BX, 0x7   
0x014D    b4 0e           MOV AH, 0xe   
0x014F    cd 10           INT 0x10   
0x0151    eb f2           JMP 0x145   
0x0153    f4              HLT   
0x0154    eb fd           JMP 0x153   
0x0156    2bc9            SUB CX, CX   
0x0158    e4 64           IN AL, 0x64   
0x015A    eb 00           JMP 0x15c   
0x015C    24 02           AND AL, 0x2   
0x015E    e0 f8           LOOPNZ 0x158   
0x0160    24 02           AND AL, 0x2   
0x0162    c3              RET   
0x0163    49              DEC CX   
0x0164    6e              OUTSB   
0x0165    76 61           JBE 0x1c8   
0x0167    6c              INSB   
0x0168    6964 20 7061    IMUL SP, [SI+0x20], 0x6170   
0x016D    72 74           JB 0x1e3   
0x016F    6974 69 6f6e    IMUL SI, [SI+0x69], 0x6e6f   
0x0174    2074 61         AND [SI+0x61], DH   
0x0177    626c 65         BOUND BP, [SI+0x65]   
0x017A    0045 72         ADD [DI+0x72], AL   
0x017D    72 6f           JB 0x1ee   
0x017F    72 20           JB 0x1a1   
0x0181    6c              INSB   
0x0182    6f              OUTSW   
0x0183    61              POPA   
0x0184    64 696e 67 206f IMUL BP, FS:[BP+0x67], 0x6f20   
0x018A    70 65           JO 0x1f1   
0x018C    72 61           JB 0x1ef   
0x018E    74 69           JZ 0x1f9   
0x0190    6e              OUTSB   
0x0191    67 2073 79      AND [EBX+0x79], DH   
0x0195    73 74           JAE 0x20b   
0x0197    65 6d           INS WORD GS:[DI], DX   
0x0199    004d 69         ADD [DI+0x69], CL   
0x019C    73 73           JAE 0x211   
0x019E    696e 67 206f    IMUL BP, [BP+0x67], 0x6f20   
0x01A3    70 65           JO 0x20a   
0x01A5    72 61           JB 0x208   
0x01A7    74 69           JZ 0x212   
0x01A9    6e              OUTSB   
0x01AA    67 2073 79      AND [EBX+0x79], DH   
0x01AE    73 74           JAE 0x224   
0x01B0    65 6d           INS WORD GS:[DI], DX   
0x01B2    0000            ADD [BX+SI], AL   
0x01B4    0063 7b         ADD [BP+DI+0x7b], AH   
0x01B7    9a 5ef5 acdd    CALL FAR 0xddac:0xf55e   
0x01BC    0000            ADD [BX+SI], AL   
0x01BE    0020            ADD [BX+SI], AH   
0x01C0    2100            AND [BX+SI], AX   
0x01C2    27              DAA   
0x01C3    fe              DB 0xfe   
0x01C4    ff              DB 0xff   
0x01C5    ff00            INC WORD [BX+SI]   
0x01C7    0800            OR [BX+SI], AL   
0x01C9    0000            ADD [BX+SI], AL   
0x01CB    80b5 0180 fe    XOR BYTE [DI-0x7fff], 0xfe   
0x01D0    ff              DB 0xff   
0x01D1    ff07            INC WORD [BX]   
0x01D3    fe              DB 0xfe   
0x01D4    ff              DB 0xff   
0x01D5    ff00            INC WORD [BX+SI]   
0x01D7    88b5 0100       MOV [DI+0x1], DH   
0x01DB    2003            AND [BP+DI], AL   
0x01DD    0000            ADD [BX+SI], AL   
0x01DF    fe              DB 0xfe   
0x01E0    ff              DB 0xff   
0x01E1    ff07            INC WORD [BX]   
0x01E3    fe              DB 0xfe   
0x01E4    ff              DB 0xff   
0x01E5    ff00            INC WORD [BX+SI]   
0x01E7    a8 b8           TEST AL, 0xb8   
0x01E9    0100            ADD [BX+SI], AX   
0x01EB    b0 7f           MOV AL, 0x7f   
0x01ED    3800            CMP [BX+SI], AL   
0x01EF    0000            ADD [BX+SI], AL   
0x01F1    0000            ADD [BX+SI], AL   
0x01F3    0000            ADD [BX+SI], AL   
0x01F5    0000            ADD [BX+SI], AL   
0x01F7    0000            ADD [BX+SI], AL   
0x01F9    0000            ADD [BX+SI], AL   
0x01FB    0000            ADD [BX+SI], AL   
0x01FD    0055 aa         ADD [DI-0x56], DL

LOG z MBRCheck:

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: Acer
BIOS Manufacturer: Phoenix
System Manufacturer: Acer
System Product Name: Extensa 5635G
Logical Drives Mask: 0x0000001c

Kernel Drivers (total 199):
0x02E15000 \SystemRoot\system32\ntoskrnl.exe
0x033FD000 \SystemRoot\system32\hal.dll
0x00BC0000 \SystemRoot\system32\kdcom.dll
0x00C71000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00CC0000 \SystemRoot\system32\PSHED.dll
0x00CD4000 \SystemRoot\system32\CLFS.SYS
0x00D32000 \SystemRoot\system32\CI.dll
0x00ECE000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00F72000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00F81000 \SystemRoot\system32\drivers\ACPI.sys
0x00FD8000 \SystemRoot\system32\drivers\WMILIB.SYS
0x00FE1000 \SystemRoot\system32\drivers\msisadrv.sys
0x00E00000 \SystemRoot\system32\drivers\pci.sys
0x00E33000 \SystemRoot\system32\drivers\vdrvroot.sys
0x00E40000 \SystemRoot\System32\drivers\partmgr.sys
0x00E55000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00E5E000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00E6A000 \SystemRoot\system32\drivers\volmgr.sys
0x00C00000 \SystemRoot\System32\drivers\volmgrx.sys
0x00E7F000 \SystemRoot\System32\drivers\mountmgr.sys
0x01001000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x0111D000 \SystemRoot\system32\drivers\atapi.sys
0x01126000 \SystemRoot\system32\drivers\ataport.SYS
0x01150000 \SystemRoot\system32\drivers\amdxata.sys
0x0115B000 \SystemRoot\system32\drivers\fltmgr.sys
0x011A7000 \SystemRoot\system32\drivers\fileinfo.sys
0x01254000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01478000 \SystemRoot\System32\Drivers\msrpc.sys
0x014D6000 \SystemRoot\System32\Drivers\ksecdd.sys
0x014F1000 \SystemRoot\System32\Drivers\cng.sys
0x01563000 \SystemRoot\System32\drivers\pcw.sys
0x01574000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x01678000 \SystemRoot\system32\drivers\ndis.sys
0x0176B000 \SystemRoot\system32\drivers\NETIO.SYS
0x017CB000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x018D7000 \SystemRoot\System32\drivers\tcpip.sys
0x01ADA000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01B24000 \SystemRoot\system32\drivers\volsnap.sys
0x01B70000 \SystemRoot\System32\Drivers\spldr.sys
0x01B78000 \SystemRoot\System32\drivers\rdyboost.sys
0x01BB2000 \SystemRoot\System32\Drivers\mup.sys
0x01BC4000 \SystemRoot\System32\drivers\hwpolicy.sys
0x01800000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x0183A000 \SystemRoot\system32\DRIVERS\disk.sys
0x01850000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x02FCD000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x03E31000 \SystemRoot\System32\Drivers\aswSnx.SYS
0x03EFE000 \SystemRoot\System32\Drivers\Null.SYS
0x03F07000 \SystemRoot\System32\Drivers\Beep.SYS
0x03F0E000 \SystemRoot\System32\drivers\vga.sys
0x03F1C000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x03F41000 \SystemRoot\System32\drivers\watchdog.sys
0x03F51000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x03F5A000 \SystemRoot\system32\drivers\rdpencdd.sys
0x03F63000 \SystemRoot\system32\drivers\rdprefmp.sys
0x03F6C000 \SystemRoot\System32\Drivers\Msfs.SYS
0x03F77000 \SystemRoot\System32\Drivers\Npfs.SYS
0x03F88000 \SystemRoot\system32\DRIVERS\tdx.sys
0x03FAA000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x03FB7000 \SystemRoot\System32\Drivers\aswTdi.SYS
0x02E00000 \SystemRoot\System32\DRIVERS\netbt.sys
0x040D2000 \SystemRoot\system32\drivers\afd.sys
0x0415B000 \SystemRoot\System32\Drivers\aswrdr2.sys
0x0416B000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x04174000 \SystemRoot\system32\DRIVERS\pacer.sys
0x0419A000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x041B0000 \SystemRoot\system32\DRIVERS\netbios.sys
0x041BF000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x041DA000 \SystemRoot\system32\drivers\termdd.sys
0x04000000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x04051000 \SystemRoot\system32\drivers\nsiproxy.sys
0x0405D000 \SystemRoot\system32\drivers\mssmbios.sys
0x04068000 \SystemRoot\System32\drivers\discache.sys
0x04077000 \SystemRoot\System32\Drivers\dfsc.sys
0x04095000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x040A6000 \SystemRoot\system32\DRIVERS\avkmgr.sys
0x03FC9000 \SystemRoot\system32\DRIVERS\avipbb.sys
0x02E45000 \SystemRoot\System32\Drivers\aswSP.SYS
0x03E00000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x040B0000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x040B5000 \SystemRoot\system32\drivers\wmiacpi.sys
0x05831000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x06355000 \SystemRoot\system32\DRIVERS\nvBridge.kmd
0x03C1F000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x03D13000 \SystemRoot\System32\drivers\dxgmms1.sys
0x03D59000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x03D66000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x03DBC000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x03DCD000 \SystemRoot\system32\drivers\HDAudBus.sys
0x04A18000 \SystemRoot\system32\DRIVERS\NETw5s64.sys
0x050C5000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x050D2000 \SystemRoot\system32\DRIVERS\L1C62x64.sys
0x050E7000 \SystemRoot\system32\drivers\i8042prt.sys
0x05105000 \SystemRoot\SysWOW64\Drivers\DKbFltr.sys
0x05111000 \SystemRoot\system32\drivers\kbdclass.sys
0x05120000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x0516D000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x0516F000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x0517E000 \??\C:\Windows\system32\drivers\UBHelper.sys
0x05186000 \??\C:\Windows\system32\drivers\NTIDrvr.sys
0x0518E000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x051A4000 \SystemRoot\system32\drivers\CompositeBus.sys
0x051B4000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x051CA000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x051EE000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x06357000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x03C00000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x06386000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x063A7000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x051FA000 \SystemRoot\system32\drivers\swenum.sys
0x0188E000 \SystemRoot\system32\drivers\ks.sys
0x04A00000 \SystemRoot\system32\drivers\umbus.sys
0x01600000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x063C1000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x0528E000 \SystemRoot\system32\drivers\CHDRT64.sys
0x0533A000 \SystemRoot\system32\drivers\portcls.sys
0x05377000 \SystemRoot\system32\drivers\drmk.sys
0x05399000 \SystemRoot\system32\drivers\ksthunk.sys
0x0539F000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x053BC000 \SystemRoot\System32\Drivers\usbvideo.sys
0x00080000 \SystemRoot\System32\win32k.sys
0x053EA000 \SystemRoot\System32\drivers\Dxapi.sys
0x05200000 \SystemRoot\system32\DRIVERS\monitor.sys
0x004E0000 \SystemRoot\System32\TSDDD.dll
0x0520E000 \SystemRoot\system32\DRIVERS\udfs.sys
0x05263000 \SystemRoot\System32\Drivers\crashdmp.sys
0x02E9D000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x05271000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x00770000 \SystemRoot\System32\cdd.dll
0x063D6000 \SystemRoot\system32\drivers\luafv.sys
0x0157E000 \??\C:\Windows\system32\drivers\aswMonFlt.sys
0x05800000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0x05284000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0x01BCD000 \SystemRoot\system32\drivers\WudfPf.sys
0x0165A000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x01400000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x040BE000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x01453000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x053F6000 \SystemRoot\system32\DRIVERS\vwifimp.sys
0x078C5000 \SystemRoot\system32\drivers\HTTP.sys
0x0798E000 \SystemRoot\system32\DRIVERS\bowser.sys
0x079AC000 \SystemRoot\System32\drivers\mpsdrv.sys
0x079C4000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x07800000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x0784E000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x07EA1000 \SystemRoot\system32\drivers\peauth.sys
0x07F47000 \SystemRoot\System32\Drivers\secdrv.SYS
0x07F52000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x07F83000 \SystemRoot\System32\drivers\tcpipreg.sys
0x07F95000 \SystemRoot\System32\DRIVERS\srv2.sys
0x07E00000 \SystemRoot\System32\DRIVERS\srv.sys
0x07872000 \SystemRoot\system32\DRIVERS\ewusbdev.sys
0x0788E000 \SystemRoot\system32\DRIVERS\ewusbmdm.sys
0x078AB000 \SystemRoot\system32\drivers\modem.sys
0x079F1000 \SystemRoot\system32\DRIVERS\ewdcsc.sys
0x03DF1000 \SystemRoot\system32\DRIVERS\SMCLIB.SYS
0x05820000 \SystemRoot\System32\DRIVERS\scfilter.sys
0x015B5000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x01200000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0x078BA000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0x779F0000 \Windows\System32\ntdll.dll
0x47B10000 \Windows\System32\smss.exe
0xFFD10000 \Windows\System32\apisetschema.dll
0xFF380000 \Windows\System32\autochk.exe
0xFFBF0000 \Windows\System32\msctf.dll
0x77BC0000 \Windows\System32\psapi.dll
0x778F0000 \Windows\System32\user32.dll
0xFFB90000 \Windows\System32\Wldap32.dll
0xFFB40000 \Windows\System32\ws2_32.dll
0xFFAA0000 \Windows\System32\msvcrt.dll
0xFFA90000 \Windows\System32\lpk.dll
0x77BB0000 \Windows\System32\normaliz.dll
0xFFA20000 \Windows\System32\gdi32.dll
0xFFA00000 \Windows\System32\imagehlp.dll
0x776E0000 \Windows\System32\iertutil.dll
0xFF820000 \Windows\System32\setupapi.dll
0xFF750000 \Windows\System32\usp10.dll
0x775C0000 \Windows\System32\kernel32.dll
0xFF670000 \Windows\System32\oleaut32.dll
0xFF460000 \Windows\System32\ole32.dll
0xFF430000 \Windows\System32\imm32.dll
0xFF3B0000 \Windows\System32\shlwapi.dll
0xFE620000 \Windows\System32\shell32.dll
0xFE600000 \Windows\System32\sechost.dll
0xFE560000 \Windows\System32\comdlg32.dll
0x77470000 \Windows\System32\urlmon.dll
0xFE430000 \Windows\System32\rpcrt4.dll
0xFE420000 \Windows\System32\nsi.dll
0xFE3A0000 \Windows\System32\difxapi.dll
0x77310000 \Windows\System32\wininet.dll
0xFE2C0000 \Windows\System32\advapi32.dll
0xFE220000 \Windows\System32\clbcatq.dll
0xFE1B0000 \Windows\System32\KernelBase.dll
0xFE190000 \Windows\System32\devobj.dll
0xFE020000 \Windows\System32\crypt32.dll
0xFDFE0000 \Windows\System32\cfgmgr32.dll
0xFDF40000 \Windows\System32\comctl32.dll
0xFDF00000 \Windows\System32\wintrust.dll
0xFDEF0000 \Windows\System32\msasn1.dll

Processes (total 91):
0 System Idle Process
4 System
348 C:\Windows\System32\smss.exe
456 csrss.exe
516 csrss.exe
524 C:\Windows\System32\wininit.exe
576 C:\Windows\System32\services.exe
600 C:\Windows\System32\winlogon.exe
628 C:\Windows\System32\lsass.exe
636 C:\Windows\System32\lsm.exe
728 C:\Windows\System32\svchost.exe
820 C:\Windows\System32\nvvsvc.exe
860 C:\Windows\System32\svchost.exe
956 C:\Windows\System32\svchost.exe
996 C:\Windows\System32\svchost.exe
1020 C:\Windows\System32\svchost.exe
744 C:\Windows\System32\svchost.exe
1084 C:\Windows\System32\svchost.exe
1248 C:\Windows\System32\nvvsvc.exe
1332 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
1568 C:\Windows\System32\spoolsv.exe
1620 C:\Windows\System32\svchost.exe
1916 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1944 C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
1964 C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
1996 C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
2044 C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
1104 C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
1544 C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
1304 C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
1220 C:\Windows\SysWOW64\PnkBstrA.exe
2056 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
2084 C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
2104 C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
2184 C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
2216 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
2260 C:\Windows\System32\svchost.exe
2304 C:\Program Files\Acer\Acer Updater\UpdaterService.exe
2352 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
2376 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
2412 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
2700 C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
2708 C:\Windows\System32\conhost.exe
3044 C:\Windows\System32\taskhost.exe
1896 C:\Windows\System32\dwm.exe
2788 C:\Windows\explorer.exe
3024 C:\Windows\System32\rundll32.exe
3092 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
3120 C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
3132 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
3148 C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
3220 C:\Windows\PLFSetI.exe
3236 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
3248 C:\Program Files\Windows Sidebar\sidebar.exe
3308 C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
3624 C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
3652 C:\Windows\System32\svchost.exe
3664 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
3724 C:\Windows\System32\wbem\unsecapp.exe
3836 WmiPrvSE.exe
4012 C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe
3112 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
3192 C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
3212 C:\Windows\System32\SearchIndexer.exe
940 C:\Program Files (x86)\Launch Manager\LManager.EXE
3004 C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
3632 C:\Program Files\AVAST Software\Avast\AvastUI.exe
3640 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
5012 C:\Windows\System32\svchost.exe
5068 C:\Program Files\Windows Media Player\wmpnetwk.exe
3084 C:\Windows\System32\audiodg.exe
4624 C:\Program Files (x86)\O2\O2CZ\EMMSN.exe
4704 C:\Program Files (x86)\O2\Nori\Nori.exe
3476 WUDFHost.exe
3280 C:\Users\petr\AppData\Local\Google\Chrome\Application\chrome.exe
2168 C:\Users\petr\AppData\Local\Google\Chrome\Application\chrome.exe
4884 C:\Users\petr\AppData\Local\Google\Chrome\Application\chrome.exe
3492 C:\Windows\System32\svchost.exe
3448 C:\Users\petr\AppData\Local\Google\Chrome\Application\chrome.exe
4808 C:\Users\petr\AppData\Local\Google\Chrome\Application\chrome.exe
4836 C:\Users\petr\AppData\Local\Google\Chrome\Application\chrome.exe
4860 C:\Windows\SysWOW64\rundll32.exe
3500 C:\Users\petr\AppData\Local\Google\Chrome\Application\chrome.exe
6132 C:\Windows\System32\SearchProtocolHost.exe
2408 C:\Windows\System32\SearchFilterHost.exe
2492 C:\Windows\System32\taskeng.exe
5144 C:\Windows\SysWOW64\ctfmon.exe
5328 dllhost.exe
5368 dllhost.exe
5400 C:\Users\petr\Desktop\MBRCheck.exe
5312 C:\Windows\System32\conhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000003`71500000 (NTFS)

PhysicalDrive0 Model Number: HitachiHTS545050B9A300, Rev: PB4OC60F

Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79

Done!

Děkuji.

A ještě prikládám LOG ze ZHPDiag:

Rapport de ZHPDiag v1.31.095 par Nicolas Coolman, Update du 24/05/2012
Run by petr at 27.5.2012 15:51:29
Web site : http://www.premiumorange.com/zeb-help-p ... pdiag.html
Web site : http://nicolascoolman.skyrock.com/
State : Your version is update.

---\\ Web Browser
MSIE: Internet Explorer v

---\\ Windows Product Information
~ Langage: Anglais
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Information
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4060 MB (63% free)
System Restore: Inconnu (Unknown)
System drive C: has 221 GB (48%) free of 452 GB

---\\ Logged in mode
~ Computer Name: PETR-PC
~ User Name: petr
~ All Users Names: petr, HomeGroupUser$, Guest, Administrator,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\petr\AppData\Roaming\
~ %Desktop% : C:\Users\petr\Desktop\
~ %Favorites% : C:\Users\petr\Favorites\
~ %LocalAppData% : C:\Users\petr\AppData\Local\
~ %StartMenu% : C:\Users\petr\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 221 Go of 452 Go)
D:\ CD-ROM drive (Free 0 Go of 2 Go)
E:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

---\\ Security Center & Tools Informations
~ Scan Security Center in 00mn 00s

---\\ Search Generic System Files
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Průzkumník Windows.) (.25.2.2011 - 7:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Windows Start-Up Application.) (.14.7.2009 - 2:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.228443FF3A1FB0B974D278F7C6403FAD] - (.Microsoft Corporation - Internet Extensions for Win32.) (.28.2.2012 - 7:49:56.) -- C:\Windows\System32\wininet.dll [1390080]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Windows Logon Application.) (.20.11.2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Knihovna licencování softwaru.) (.20.11.2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28.12.2011 - 4:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14.7.2009 - 2:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14.7.2009 - 0:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20.11.2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20.11.2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20.11.2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - i8042 Port Driver.) (.14.7.2009 - 0:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14.7.2009 - 1:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27.4.2011 - 3:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20.11.2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - NT File System Driver.) (.11.3.2011 - 7:41:34.) -- C:\Windows\system32\Drivers\ntfs.sys [1659776]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Parallel Port Driver.) (.14.7.2009 - 1:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20.11.2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14.7.2009 - 1:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20.11.2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Volume Shadow Copy Driver.) (.20.11.2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Scan Generic Processes in 00mn 00s

---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 1/436
~ Mes musiques (My Musics) : 1/1981
~ Mes Videos (My Videos) : 1/278
~ Mes Favoris (My Favorites) : 1/17
~ Mes Documents (My Documents) : 1/1123
~ Mon Bureau (My Desktop) : 1/6
~ Menu demarrer (Programs) : 1/30
~ Scan Hidden Files in 00mn 03s

---\\ Running Processes
[MD5.5AF1E9600E3FF841E522703A4993ED0C] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904] [PID.3092]
[MD5.7BCB2FF8E1C78A591626960C86C91A47] - (.Unknown owner - DefaultSettingEXE MFC Application.) -- C:\Windows\PLFSetI.exe [206072] [PID.3220]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.]
[MD5.52746337E41C97E8CB5F846F973BB3C4] - (.Sony Ericsson - Sony Ericsson PC Companion.) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [433872] [PID.3308]
[MD5.322640D2A69831A182DE6BC937C1828E] - (.Acer Incorporated - Acer VCM.) -- C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe [704032] [PID.3624]
[MD5.FF2F087A24373FE1C6F756B99B6D5936] - (...) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe [74960] [PID.4012]
[MD5.478515FA22E17C4CA7177B3305630FA4] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [258512] [PID.3004]
[MD5.782FEF655DBF8653C9F2722BEBF7A8A6] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4241512] [PID.3632]
[MD5.98A078F838A70F84E1BD490D7C7675F4] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696] [PID.3640]
[MD5.8E19A656DE8429B9F3BD8DA73AC5E7E1] - (.Telefónica I+D - Escritorio movistar for CZ.) -- C:\Program Files (x86)\O2\O2CZ\EMMSN.exe [4050632] [PID.4624]
[MD5.D379ABFD3E1C454CC7DB0A0BCFA1616E] - (.Telefónica I+D - Nori server.) -- C:\Program Files (x86)\O2\Nori\Nori.exe [347272] [PID.4704]
[MD5.A7F80FD4BA188EE39735FFA90D338ABA] - (.Google Inc. - Google Chrome.) -- C:\Users\petr\AppData\Local\Google\Chrome\Application\chrome.exe [1240048] [PID.3280]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ysWOW64\rundll32.exe [0] [PID.3024]
[MD5.CC926B0811C3FA2363C98711410FEF24] - (...) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [4540928] [PID.5792]
~ Scan Processes Running in 00mn 00s

---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2)
C:\Users\petr\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] chrome://newtab/
G1 - GCS: Preference [User Data\Default] None
~ Scan Google Browser in 00mn 00s

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (...) -- C:\Users\petr\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (.not file.)
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (...) -- C:\Users\petr\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (.not file.)
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (...) -- C:\Users\petr\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (.not file.)
P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (...) -- C:\Users\petr\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (.not file.)
~ Scan Firefox Browser in 00mn 00s

---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R3 - URLSearchHook: (no name) [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (...) (No version) -- (.not file.)
~ Scan IE Browser in 00mn 00s

---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s

---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 0

---\\ Auto loading programs from Registry and folders (O4)
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [Sony PC Companion] . (.Sony Ericsson - Sony Ericsson PC Companion.) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKCU\..\Run: [Sony Ericsson PC Companion] . (.Sony Ericsson - Sony Ericsson PC Companion.) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
~ Scan Application in 00mn 00s

---\\ Other User Links (O4)
O4 - Global Startup: C:\Users\petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\petr\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Users\petr\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\petr\Desktop\KMPlayer.lnk . (.Pandora.TV.) -- C:\Program Files (x86)\The KMPlayer\KMPlayer.exe
O4 - Global Startup: C:\Users\petr\Desktop\Obrázky – zástupce.lnk . (...) -- C:\Users\petr\AppData\Roaming\Microsoft\Windows\Libraries\Obrázky.library-ms
O4 - Global Startup: C:\Users\petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GameSpy Arcade.lnk . (.GameSpy Industries, Inc..) -- C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
O4 - Global Startup: C:\Users\petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
~ Scan Global Startup in 00mn 00s

---\\ Windows Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s

---\\ Task Planned Automatically(039)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1936000234-837052830-3782009221-1000Core.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1936000234-837052830-3782009221-1000UA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1936000234-837052830-3782009221-1000Core.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1936000234-837052830-3782009221-1000UA.job
[MD5.00000000000000000000000000000000] [APT] [FacebookUpdateTaskUserS-1-5-21-1936000234-837052830-3782009221-1000Core] (...) -- C:\Users\petr\AppData\Local\Facebook\Update\FacebookUpdate.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [FacebookUpdateTaskUserS-1-5-21-1936000234-837052830-3782009221-1000UA] (...) -- C:\Users\petr\AppData\Local\Facebook\Update\FacebookUpdate.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskUserS-1-5-21-1936000234-837052830-3782009221-1000Core] (...) -- C:\Users\petr\AppData\Local\Google\Update\GoogleUpdate.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskUserS-1-5-21-1936000234-837052830-3782009221-1000UA] (...) -- C:\Users\petr\AppData\Local\Google\Update\GoogleUpdate.exe (.not file.)
[MD5.ABD4A097232E0CD77C6B1D738F554072] [APT] [{4489EF6D-610A-42C7-9AB5-EB8C3DA51429}] (.Avira Operations GmbH & Co. KG.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe
[MD5.B6080F3A1CA495190D1583C2202CAA61] [APT] [{5B3741AC-52B2-4A7D-8C46-50193C7BD5DA}] (.Skype Technologies S.A..) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
[MD5.61AE54DBEAEC29754B04D50EE1BF8B72] [APT] [{980AC5A5-22C4-40F4-8059-CC6B3EFCA8B3}] (.Telefónica.) -- C:\Program Files (x86)\O2\O2CZ\Uninstall.exe
[MD5.B6080F3A1CA495190D1583C2202CAA61] [APT] [{A7F8DC7B-6EB2-4F3B-8B42-72FFB944BFF1}] (.Skype Technologies S.A..) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
[MD5.B6080F3A1CA495190D1583C2202CAA61] [APT] [{C7D6DEB3-87FE-40B0-88FB-FB9B98DE1D47}] (.Skype Technologies S.A..) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
[MD5.B6080F3A1CA495190D1583C2202CAA61] [APT] [{DCD32CA3-B475-4DCF-B0E1-ABFB01DF3077}] (.Skype Technologies S.A..) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
[MD5.2FAA8520058538E54C0A0D17A7167C16] [APT] [{E4648003-9BCF-4570-98B2-DE874EAF745B}] (.Pandora.TV.) -- C:\Program Files (x86)\The KMPlayer\KMPlayer.exe
~ Scan Scheduled Task in 00mn 04s

---\\ ActiveSetup Installed Components (O40) (None)

---\\ Contents of the Common Files folders (O43)
O43 - CFD: 18.1.2011 - 11:14:13 - [60,837] ----D C:\Program Files (x86)\Acer
O43 - CFD: 22.6.2011 - 15:02:28 - [828,388] ----D C:\Program Files (x86)\Acer GameZone
O43 - CFD: 5.1.2012 - 15:46:39 - [115,180] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 9.12.2011 - 0:35:34 - [159,865] ----D C:\Program Files (x86)\Avira
O43 - CFD: 27.5.2012 - 15:33:45 - [386,217] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 30.9.2011 - 14:26:09 - [595,157] ----D C:\Program Files (x86)\EA GAMES
O43 - CFD: 22.2.2012 - 17:37:27 - [208,919] ----D C:\Program Files (x86)\Electronic Arts
O43 - CFD: 8.4.2010 - 17:10:30 - [20,905] ----D C:\Program Files (x86)\eSobi
O43 - CFD: 30.9.2011 - 14:32:42 - [15,920] ----D C:\Program Files (x86)\GameSpy Arcade
O43 - CFD: 19.3.2012 - 13:47:12 - [23,182] ----D C:\Program Files (x86)\Google
O43 - CFD: 27.1.2011 - 0:32:40 - [1,590] ----D C:\Program Files (x86)\ICQ6Toolbar
O43 - CFD: 12.4.2012 - 16:58:22 - [109,505] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 8.4.2010 - 16:41:37 - [58,956] ----D C:\Program Files (x86)\Intel
O43 - CFD: 12.4.2012 - 8:35:24 - [4,913] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 8.4.2010 - 17:23:39 - [170,334] ----D C:\Program Files (x86)\InterVideo
O43 - CFD: 17.2.2012 - 23:13:30 - [85,003] ----D C:\Program Files (x86)\Java
O43 - CFD: 8.4.2010 - 16:41:00 - [5,859] ----D C:\Program Files (x86)\Launch Manager
O43 - CFD: 27.9.2011 - 14:41:29 - [1326,574] ----D C:\Program Files (x86)\LEGO Software
O43 - CFD: 27.5.2012 - 15:33:44 - [0] ----D C:\Program Files (x86)\McAfee
O43 - CFD: 25.3.2011 - 8:54:58 - [19,751] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 29.6.2011 - 14:50:28 - [726,468] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 8.4.2010 - 17:08:21 - [7,431] ----D C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
O43 - CFD: 12.5.2012 - 15:23:24 - [40,838] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 18.1.2011 - 11:36:49 - [30,815] ----D C:\Program Files (x86)\Microsoft Small Business
O43 - CFD: 29.3.2011 - 23:00:46 - [30,922] ----D C:\Program Files (x86)\Microsoft SQL Server
O43 - CFD: 18.1.2011 - 11:30:17 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 8.4.2010 - 17:03:27 - [0,014] ----D C:\Program Files (x86)\Microsoft Visual Studio
O43 - CFD: 18.1.2011 - 11:32:35 - [0,509] ----D C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 20.1.2011 - 2:32:28 - [3,554] ----D C:\Program Files (x86)\Microsoft Works
O43 - CFD: 20.1.2011 - 10:45:49 - [8,782] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 14.7.2009 - 7:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 20.1.2011 - 2:33:52 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 8.4.2010 - 17:21:16 - [1152,805] ----D C:\Program Files (x86)\NewTech Infosystems
O43 - CFD: 11.11.2011 - 10:45:59 - [25,802] ----D C:\Program Files (x86)\O2
O43 - CFD: 8.4.2010 - 16:38:10 - [8,035] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14.7.2009 - 7:32:38 - [37,229] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 8.5.2012 - 22:40:29 - [32,858] R---D C:\Program Files (x86)\Skype
O43 - CFD: 11.3.2012 - 22:55:51 - [59,573] ----D C:\Program Files (x86)\Sony
O43 - CFD: 11.3.2012 - 22:58:19 - [75,134] ----D C:\Program Files (x86)\Sony Ericsson
O43 - CFD: 8.4.2010 - 17:27:20 - [2,100] ----D C:\Program Files (x86)\Symantec
O43 - CFD: 24.2.2011 - 10:48:36 - [48,488] ----D C:\Program Files (x86)\The KMPlayer
O43 - CFD: 14.7.2009 - 6:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 22.6.2011 - 14:48:19 - [80,379] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 18.1.2011 - 20:03:33 - [0,491] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 30.3.2011 - 10:40:59 - [177,478] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 9.6.2011 - 14:23:12 - [5,843] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 9.6.2011 - 14:23:12 - [4,782] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14.7.2009 - 7:32:38 - [11,630] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 9.6.2011 - 14:23:12 - [4,209] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 9.6.2011 - 14:23:12 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 9.6.2011 - 14:23:12 - [5,716] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 27.5.2012 - 15:50:51 - [13,541] ----D C:\Program Files (x86)\ZHPDiag
O43 - CFD: 5.1.2012 - 15:46:43 - [3,651] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 8.4.2010 - 17:26:00 - [30,315] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 8.4.2010 - 17:03:27 - [0,089] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 30.9.2011 - 14:24:07 - [1,885] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 8.4.2010 - 17:23:39 - [0,171] ----D C:\Program Files (x86)\Common Files\InterVideo
O43 - CFD: 17.2.2012 - 23:14:32 - [1,201] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 29.3.2012 - 8:56:12 - [260,220] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 8.4.2010 - 16:53:52 - [0,338] ----D C:\Program Files (x86)\Common Files\Oberon Media
O43 - CFD: 8.4.2010 - 17:23:39 - [1,577] ----D C:\Program Files (x86)\Common Files\Protexis
O43 - CFD: 14.7.2009 - 5:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 8.5.2012 - 22:40:29 - [2,056] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 14.7.2009 - 5:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 16.11.2011 - 19:44:31 - [45,512] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 18.1.2011 - 11:28:29 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 8.4.2010 - 17:13:20 - [0,897] ----D C:\ProgramData\Acer
O43 - CFD: 11.1.2012 - 12:41:35 - [140,248] ----D C:\ProgramData\Adobe
O43 - CFD: 17.2.2011 - 20:47:26 - [3,077] ----D C:\ProgramData\Alwil Software
O43 - CFD: 14.7.2009 - 7:08:56 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 22.5.2012 - 22:15:29 - [0,002] ----D C:\ProgramData\Arcade Lab
O43 - CFD: 26.10.2011 - 14:56:26 - [0] ----D C:\ProgramData\Ask
O43 - CFD: 6.1.2012 - 22:36:52 - [6,509] ----D C:\ProgramData\AVAST Software
O43 - CFD: 9.12.2011 - 0:35:34 - [56,104] ----D C:\ProgramData\Avira
O43 - CFD: 2.4.2012 - 23:08:04 - [0,302] ----D C:\ProgramData\AWEM
O43 - CFD: 3.2.2011 - 20:13:53 - [48,939] ----D C:\ProgramData\Corel
O43 - CFD: 18.1.2011 - 11:19:58 - [0] --H-D C:\ProgramData\Data aplikací
O43 - CFD: 14.7.2009 - 7:08:56 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 14.7.2009 - 7:08:56 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 18.1.2011 - 11:19:58 - [0] --H-D C:\ProgramData\Dokumenty
O43 - CFD: 8.4.2010 - 17:10:37 - [0,000] ----D C:\ProgramData\eSobi
O43 - CFD: 14.7.2009 - 7:08:56 - [0] --H-D C:\ProgramData\Favorites
O43 - CFD: 10.5.2011 - 15:08:13 - [0,002] ----D C:\ProgramData\Friends Games
O43 - CFD: 8.4.2010 - 17:15:51 - [0,514] ----D C:\ProgramData\Google
O43 - CFD: 27.1.2011 - 0:32:39 - [0,209] ----D C:\ProgramData\ICQ
O43 - CFD: 27.5.2012 - 15:33:45 - [0,049] ----D C:\ProgramData\McAfee
O43 - CFD: 27.5.2011 - 9:53:23 - [34,786] -S--D C:\ProgramData\Microsoft
O43 - CFD: 11.5.2012 - 17:07:49 - [0,117] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 11.6.2011 - 23:42:22 - [134,979] ----D C:\ProgramData\MumboJumbo
O43 - CFD: 18.1.2011 - 11:19:58 - [0] --H-D C:\ProgramData\Nabídka Start
O43 - CFD: 22.5.2012 - 22:26:53 - [0,244] ----D C:\ProgramData\NVIDIA
O43 - CFD: 8.4.2010 - 17:00:30 - [31,768] ----D C:\ProgramData\OberonGameConsole
O43 - CFD: 18.1.2011 - 11:19:58 - [0] --H-D C:\ProgramData\Oblíbené položky
O43 - CFD: 18.1.2011 - 11:22:48 - [0,002] ----D C:\ProgramData\OEM
O43 - CFD: 17.2.2011 - 20:43:42 - [0,001] ----D C:\ProgramData\Partner
O43 - CFD: 20.5.2011 - 22:37:50 - [0] ----D C:\ProgramData\PlayFirst
O43 - CFD: 18.1.2011 - 11:19:58 - [0] --H-D C:\ProgramData\Plocha
O43 - CFD: 18.1.2012 - 18:42:59 - [0,215] ----D C:\ProgramData\Sandlot Games
O43 - CFD: 8.5.2012 - 22:40:17 - [105,515] ----D C:\ProgramData\Skype
O43 - CFD: 6.7.2011 - 0:24:07 - [5,074] ----D C:\ProgramData\Skype Extras
O43 - CFD: 11.3.2012 - 22:55:51 - [5,976] ----D C:\ProgramData\Sony
O43 - CFD: 13.1.2012 - 22:17:59 - [182,504] ----D C:\ProgramData\Sony Ericsson
O43 - CFD: 14.7.2009 - 7:08:56 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 24.1.2011 - 15:21:31 - [0,000] ----D C:\ProgramData\Sun
O43 - CFD: 8.4.2010 - 17:27:20 - [0,001] ----D C:\ProgramData\Symantec
O43 - CFD: 3.4.2012 - 17:18:43 - [0] ---AD C:\ProgramData\TEMP
O43 - CFD: 14.7.2009 - 7:08:56 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 18.1.2011 - 11:19:58 - [0] --H-D C:\ProgramData\Šablony
O43 - CFD: 5.1.2012 - 17:52:43 - [7,462] ----D C:\Users\petr\AppData\Roaming\Adobe
O43 - CFD: 9.12.2011 - 0:36:07 - [0] ----D C:\Users\petr\AppData\Roaming\Avira
O43 - CFD: 3.2.2011 - 20:13:50 - [0,418] ----D C:\Users\petr\AppData\Roaming\Corel
O43 - CFD: 18.1.2011 - 11:54:42 - [0] ----D C:\Users\petr\AppData\Roaming\Google
O43 - CFD: 18.1.2011 - 11:22:23 - [0] ----D C:\Users\petr\AppData\Roaming\Identities
O43 - CFD: 18.1.2011 - 11:27:29 - [0] ----D C:\Users\petr\AppData\Roaming\InstallShield
O43 - CFD: 3.2.2011 - 20:14:19 - [0] ----D C:\Users\petr\AppData\Roaming\InterVideo
O43 - CFD: 18.1.2011 - 11:22:49 - [0,001] ----D C:\Users\petr\AppData\Roaming\Macromedia
O43 - CFD: 14.7.2009 - 9:44:38 - [0] ----D C:\Users\petr\AppData\Roaming\Media Center Programs
O43 - CFD: 28.4.2012 - 7:59:35 - [17,858] -S--D C:\Users\petr\AppData\Roaming\Microsoft
O43 - CFD: 27.1.2011 - 0:32:36 - [0,000] ----D C:\Users\petr\AppData\Roaming\Mozilla
O43 - CFD: 20.5.2011 - 22:37:50 - [0,001] ----D C:\Users\petr\AppData\Roaming\PlayFirst
O43 - CFD: 27.5.2012 - 15:43:00 - [10,275] ----D C:\Users\petr\AppData\Roaming\Skype
O43 - CFD: 22.5.2012 - 22:28:52 - [0,010] ----D C:\Users\petr\AppData\Roaming\skypePM
O43 - CFD: 11.11.2011 - 10:46:40 - [0,564] ----D C:\Users\petr\AppData\Roaming\Telefónica Móviles
O43 - CFD: 25.12.2011 - 23:03:42 - [0,003] ----D C:\Users\petr\AppData\Roaming\Unity
O43 - CFD: 22.5.2012 - 22:28:52 - [0,081] ----D C:\Users\petr\AppData\Roaming\vlc
O43 - CFD: 23.5.2012 - 14:22:57 - [0] ----D C:\Users\petr\AppData\Roaming\Vtnflxe
O43 - CFD: 30.1.2011 - 14:17:42 - [0] ----D C:\Users\petr\AppData\Roaming\Windows Live Writer
O43 - CFD: 5.1.2012 - 15:46:11 - [14,426] ----D C:\Users\petr\AppData\Local\Adobe
O43 - CFD: 18.1.2011 - 12:52:50 - [2,667] ----D C:\Users\petr\AppData\Local\Apps
O43 - CFD: 18.1.2011 - 11:24:26 - [0] ----D C:\Users\petr\AppData\Local\Broadcom
O43 - CFD: 27.9.2011 - 0:27:50 - [0] ----D C:\Users\petr\AppData\Local\Chromium
O43 - CFD: 18.1.2011 - 11:20:04 - [0] ----D C:\Users\petr\AppData\Local\Data aplikací
O43 - CFD: 19.3.2012 - 13:48:56 - [0] ----D C:\Users\petr\AppData\Local\Deployment
O43 - CFD: 9.5.2012 - 23:27:04 - [0] ----D C:\Users\petr\AppData\Local\Diagnostics
O43 - CFD: 8.4.2011 - 16:18:09 - [0] ----D C:\Users\petr\AppData\Local\ElevatedDiagnostics
O43 - CFD: 6.12.2011 - 0:25:03 - [7,334] ----D C:\Users\petr\AppData\Local\Facebook
O43 - CFD: 22.3.2012 - 16:09:51 - [702,979] ----D C:\Users\petr\AppData\Local\Google
O43 - CFD: 18.1.2011 - 11:20:04 - [0] ----D C:\Users\petr\AppData\Local\History
O43 - CFD: 27.9.2011 - 15:11:14 - [0,088] ----D C:\Users\petr\AppData\Local\LEGO Software
O43 - CFD: 28.4.2012 - 7:59:33 - [284,051] ----D C:\Users\petr\AppData\Local\Microsoft
O43 - CFD: 18.1.2012 - 12:45:44 - [1,704] ----D C:\Users\petr\AppData\Local\Microsoft Games
O43 - CFD: 18.1.2011 - 11:32:16 - [0] ----D C:\Users\petr\AppData\Local\Microsoft Help
O43 - CFD: 10.5.2011 - 23:07:35 - [0,000] ----D C:\Users\petr\AppData\Local\Oberon Games
O43 - CFD: 23.2.2012 - 1:14:12 - [2,354] ----D C:\Users\petr\AppData\Local\PunkBuster
O43 - CFD: 27.5.2012 - 15:50:53 - [0,851] ----D C:\Users\petr\AppData\Local\Temp
O43 - CFD: 18.1.2011 - 11:20:04 - [0] ----D C:\Users\petr\AppData\Local\Temporary Internet Files
O43 - CFD: 25.12.2011 - 22:57:06 - [0,075] ----D C:\Users\petr\AppData\Local\Unity
O43 - CFD: 30.9.2011 - 14:39:05 - [3,775] ----D C:\Users\petr\AppData\Local\VirtualStore
O43 - CFD: 10.12.2011 - 14:38:35 - [0,086] ----D C:\Users\petr\AppData\Local\Windows Live
O43 - CFD: 1.2.2011 - 19:21:24 - [0,620] ----D C:\Users\petr\AppData\Local\Windows Live Writer
O43 - CFD: 2.6.2011 - 22:59:04 - [0] ----D C:\Users\petr\AppData\Local\{35C2B04A-FCD6-4EF5-89D2-3C380C0BFC81}
O43 - CFD: 30.4.2011 - 22:05:20 - [0] ----D C:\Users\petr\AppData\Local\{49BDBC81-3DA5-4CB7-A5D3-ED9D19377027}
O43 - CFD: 20.6.2011 - 14:59:35 - [0] ----D C:\Users\petr\AppData\Local\{6745725D-8875-4A63-A404-60D3892D9939}
O43 - CFD: 25.1.2012 - 16:20:27 - [0] ----D C:\Users\petr\AppData\Local\{70ADA731-62FC-4708-ABFE-D5A16BEA1948}
O43 - CFD: 31.10.2011 - 11:42:07 - [0] ----D C:\Users\petr\AppData\Local\{7CC47D84-F659-4688-93D6-0835A563E53A}
O43 - CFD: 19.4.2012 - 22:02:40 - [0] ----D C:\Users\petr\AppData\Local\{88151BE8-A6FC-4B5F-AF48-E30A7D9262CB}
O43 - CFD: 10.12.2011 - 14:38:35 - [0] ----D C:\Users\petr\AppData\Local\{B941E6E4-9AFB-43FB-9DFD-1ACC878FFD22}
O43 - CFD: 18.7.2011 - 22:53:31 - [0] ----D C:\Users\petr\AppData\Local\{FF1F2D3D-F341-42A3-A719-B7DC6BD32457}
O43 - CFD: 14.7.2009 - 6:54:32 - [0,014] R---D C:\Users\petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 22.6.2011 - 15:01:28 - [0] ----D C:\Users\petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Acer GameZone
O43 - CFD: 17.2.2012 - 23:46:01 - [0,000] R---D C:\Users\petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 30.9.2011 - 14:44:26 - [0,000] ----D C:\Users\petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 19.3.2012 - 13:50:05 - [0,005] ----D C:\Users\petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 14.7.2009 - 6:49:38 - [0,001] R---D C:\Users\petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 17.2.2012 - 23:46:01 - [0,000] R---D C:\Users\petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 24.2.2011 - 10:48:04 - [0,003] ----D C:\Users\petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
O43 - CFD: 18.1.2011 - 11:14:13 - [60,837] ----D C:\Program Files (x86)\Acer
O43 - CFD: 22.6.2011 - 15:02:28 - [828,388] ----D C:\Program Files (x86)\Acer GameZone
O43 - CFD: 5.1.2012 - 15:46:39 - [115,180] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 9.12.2011 - 0:35:34 - [159,865] ----D C:\Program Files (x86)\Avira
O43 - CFD: 27.5.2012 - 15:33:45 - [386,217] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 30.9.2011 - 14:26:09 - [595,157] ----D C:\Program Files (x86)\EA GAMES
O43 - CFD: 22.2.2012 - 17:37:27 - [208,919] ----D C:\Program Files (x86)\Electronic Arts
O43 - CFD: 8.4.2010 - 17:10:30 - [20,905] ----D C:\Program Files (x86)\eSobi
O43 - CFD: 30.9.2011 - 14:32:42 - [15,920] ----D C:\Program Files (x86)\GameSpy Arcade
O43 - CFD: 19.3.2012 - 13:47:12 - [23,182] ----D C:\Program Files (x86)\Google
O43 - CFD: 27.1.2011 - 0:32:40 - [1,590] ----D C:\Program Files (x86)\ICQ6Toolbar
O43 - CFD: 12.4.2012 - 16:58:22 - [109,505] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 8.4.2010 - 16:41:37 - [58,956] ----D C:\Program Files (x86)\Intel
O43 - CFD: 12.4.2012 - 8:35:24 - [4,913] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 8.4.2010 - 17:23:39 - [170,334] ----D C:\Program Files (x86)\InterVideo
O43 - CFD: 17.2.2012 - 23:13:30 - [85,003] ----D C:\Program Files (x86)\Java
O43 - CFD: 8.4.2010 - 16:41:00 - [5,859] ----D C:\Program Files (x86)\Launch Manager
O43 - CFD: 27.9.2011 - 14:41:29 - [1326,574] ----D C:\Program Files (x86)\LEGO Software
O43 - CFD: 27.5.2012 - 15:33:44 - [0] ----D C:\Program Files (x86)\McAfee
O43 - CFD: 25.3.2011 - 8:54:58 - [19,751] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 29.6.2011 - 14:50:28 - [726,468] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 8.4.2010 - 17:08:21 - [7,431] ----D C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
O43 - CFD: 12.5.2012 - 15:23:24 - [40,838] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 18.1.2011 - 11:36:49 - [30,815] ----D C:\Program Files (x86)\Microsoft Small Business
O43 - CFD: 29.3.2011 - 23:00:46 - [30,922] ----D C:\Program Files (x86)\Microsoft SQL Server
O43 - CFD: 18.1.2011 - 11:30:17 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 8.4.2010 - 17:03:27 - [0,014] ----D C:\Program Files (x86)\Microsoft Visual Studio
O43 - CFD: 18.1.2011 - 11:32:35 - [0,509] ----D C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 20.1.2011 - 2:32:28 - [3,554] ----D C:\Program Files (x86)\Microsoft Works
O43 - CFD: 20.1.2011 - 10:45:49 - [8,782] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 14.7.2009 - 7:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 20.1.2011 - 2:33:52 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 8.4.2010 - 17:21:16 - [1152,805] ----D C:\Program Files (x86)\NewTech Infosystems
O43 - CFD: 11.11.2011 - 10:45:59 - [25,802] ----D C:\Program Files (x86)\O2
O43 - CFD: 8.4.2010 - 16:38:10 - [8,035] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14.7.2009 - 7:32:38 - [37,229] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 8.5.2012 - 22:40:29 - [32,858] R---D C:\Program Files (x86)\Skype
O43 - CFD: 11.3.2012 - 22:55:51 - [59,573] ----D C:\Program Files (x86)\Sony
O43 - CFD: 11.3.2012 - 22:58:19 - [75,134] ----D C:\Program Files (x86)\Sony Ericsson
O43 - CFD: 8.4.2010 - 17:27:20 - [2,100] ----D C:\Program Files (x86)\Symantec
O43 - CFD: 24.2.2011 - 10:48:36 - [48,488] ----D C:\Program Files (x86)\The KMPlayer
O43 - CFD: 14.7.2009 - 6:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 22.6.2011 - 14:48:19 - [80,379] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 18.1.2011 - 20:03:33 - [0,491] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 30.3.2011 - 10:40:59 - [177,478] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 9.6.2011 - 14:23:12 - [5,843] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 9.6.2011 - 14:23:12 - [4,782] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14.7.2009 - 7:32:38 - [11,630] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 9.6.2011 - 14:23:12 - [4,209] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 9.6.2011 - 14:23:12 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 9.6.2011 - 14:23:12 - [5,716] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 27.5.2012 - 15:50:51 - [13,541] ----D C:\Program Files (x86)\ZHPDiag
O43 - CFD: 5.1.2012 - 15:46:43 - [3,651] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 8.4.2010 - 17:26:00 - [30,315] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 8.4.2010 - 17:03:27 - [0,089] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 30.9.2011 - 14:24:07 - [1,885] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 8.4.2010 - 17:23:39 - [0,171] ----D C:\Program Files (x86)\Common Files\InterVideo
O43 - CFD: 17.2.2012 - 23:14:32 - [1,201] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 29.3.2012 - 8:56:12 - [260,220] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 8.4.2010 - 16:53:52 - [0,338] ----D C:\Program Files (x86)\Common Files\Oberon Media
O43 - CFD: 8.4.2010 - 17:23:39 - [1,577] ----D C:\Program Files (x86)\Common Files\Protexis
O43 - CFD: 14.7.2009 - 5:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 8.5.2012 - 22:40:29 - [2,056] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 14.7.2009 - 5:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 16.11.2011 - 19:44:31 - [45,512] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 18.1.2011 - 11:28:29 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
~ Scan Program Folder in 00mn 18s

---\\ Last modified or created files under Windows and System32 (O44)
O44 - LFC:[MD5.CEF56F4EECC75D9745906AECE1C20EA0] - 11.5.2012 - 22:02:32 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [413512]
O44 - LFC:[MD5.E9766131EEADE40A27DC27D2D68FBA9C] - 17.3.2012 - 8:58:57 . (...) -- C:\Windows\System32\Drivers\partmgr.sys []
O44 - LFC:[MD5.30EEF27C483CEC201FB9C9A7DFEFB172] - 27.5.2012 - 12:22:55 ---A- . (...) -- C:\cc_20120527_132233.reg [172968]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 27.5.2012 - 12:24:20 ---A- . (...) -- C:\Windows\setuperr.log [0]
O44 - LFC:[MD5.DDA54CF10454B923D962D513A1FE9E9A] - 27.5.2012 - 14:01:43 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1601472]
O44 - LFC:[MD5.E3E75729C263128F9EC9C3B6E470130F] - 27.5.2012 - 14:01:43 ---A- . (...) -- C:\Windows\SysNative\perfc005.dat [139670]
O44 - LFC:[MD5.D0E7A7A63E02C30644FEA63D2A1585BE] - 27.5.2012 - 14:01:43 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [124144]
O44 - LFC:[MD5.ED78121C4D35E72FCD9CE67343E84A18] - 27.5.2012 - 14:01:43 ---A- . (...) -- C:\Windows\SysNative\perfh005.dat [678234]
O44 - LFC:[MD5.CE6096C2EDF5DBBC8381C25DDF28F482] - 27.5.2012 - 14:01:43 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [662950]
O44 - LFC:[MD5.DDA54CF10454B923D962D513A1FE9E9A] - 27.5.2012 - 14:01:43 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1601472]
O44 - LFC:[MD5.9EDD449DEF3AEB16A1FE0F5A3C640C4C] - 27.5.2012 - 14:29:19 ---A- . (...) -- C:\Windows\ntbtlog.txt [60922]
O44 - LFC:[MD5.47B0209B51C80547D21DBA05B59329CC] - 27.5.2012 - 14:33:12 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.9982DE5B241F4776F71698EB4D4FC7E9] - 27.5.2012 - 14:33:13 ---A- . (...) -- C:\Windows\setupact.log [168]
O44 - LFC:[MD5.93911953B34A12687B5E505C35D26397] - 27.5.2012 - 14:44:14 ---A- . (...) -- C:\Windows\WindowsUpdate.log [2061214]
O44 - LFC:[MD5.ACB82BDA8F46C84F465C1AFA517DC4B9] - 30.3.2012 - 12:35:47 . (...) -- C:\Windows\System32\Drivers\tcpip.sys []]
O44 - LFC:[MD5.F4C456F9235ED440B81107E951555411] - 31.3.2012 - 4:10:03 . (...) -- C:\Windows\System32\win32k.sys [1601472]]
~ Scan Files in 00mn 42s

---\\ Safe Boot Control (O49) (None)

---\\ MountPoints2 Shell Key (MPKS) (O51)
O51 - MPSK:{69e39a6e-22e2-11e0-a062-806e6f6e6963}\AutoRun\command. (.Unknown owner - Autorun MFC Application.) -- D:\Autorun.exe
O51 - MPSK:{de092f5a-fba8-11e0-9dc0-00269eeb0b1d}\AutoRun\command. (...) -- F:\Startme.exe (.not file.)
O51 - MPSK:{e333a6e4-000e-11e1-9886-00269eeb0b1d}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
~ Scan Keys in 00mn 05s

---\\ ShareTools MSconfig StartupReg (SMSR) (O53) (None)

---\\ System Drivers List (SDL) (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14.7.2009 - 2:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:[MD5.D5BCB77BE83CF99F508943945D46343D] - 26.3.2009 - 4:16:08 ---A- . (.Dritek System Inc. - Dritek 64-bit PS/2 Keyboard Filter Driver.) -- C:\Windows\SysWOW64\drivers\DKbFltr.sys [25608]
~ Scan Drivers in 00mn 00s

---\\ List all tools cleaner (LATC) (O63)
O63 - Logiciel: RSIT - (.random/random.)
~ Scan ADS in 00mn 00s

---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\petr\AppData\Local\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\petr\AppData\Local\Google\Chrome\Application\chrome.exe
~ Scan Keys in 00mn 00s

---\\ Start Menu Internet (SMI) (O68) (None)

---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6552C7DD-90A4-4387-B795-F8F96747DE19} - (ICQ Search) - http://search.icq.com
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} [DefaultScope] - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
~ Scan Keys in 00mn 00s

---\\ Search Svchost Services (SSS) (O83) (None)

---\\ Search Particular Root Folder (SPRF) (O84)
[MD5.BC5FBC4D317A7929C18F2B94870E6564] [SPRF][26.1.2011] (...) -- C:\ProgramData\ezsidmv.dat [56]
[MD5.6ACBD475647D7A160657CB3E460F0F35] [SPRF][27.1.2010] (...) -- C:\ProgramData\FullRemove.exe [131472]
[MD5.CB7231288232F9ADBEED5177E18401D5] [SPRF][20.10.2011] (...) -- C:\ProgramData\KGyGaAvL.sys [952]
[MD5.7EF3382F66FDE3628CB5B33513601A07] [SPRF][27.1.2012] (.McAfee, Inc. - McAfee Installer.) -- C:\Users\petr\AppData\Local\Temp\0076801338124484mcinst.exe [827456]
[MD5.CB2D120A4B72422A8141192831B1F500] [SPRF][27.5.2012] (...) -- C:\Users\petr\Desktop\MBRCheck.exe [80384]
~ Scan Files in 00mn 00s

---\\ Additionnal Scan (O88)
Database Version : 9170 - (24/05/2012)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 2
Fichiers trouvés (Files found) : 0

C:\Program Files (x86)\ICQ6Toolbar =>Toolbar.Agent
~ Scan Additionnel in 00mn 11s

End of the scan (533 lines in 01mn 42s)(0)

Děkuji.

O2CZ znám to je mobilní připojení k internetu. Je to prográmek přes který se připojuji.

To druhé jdu hned udělat.

Děkuji moc za Vaší pomoc.

LOG:

RogueKiller V7.5.0 [05/24/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v: Normální režim
Uživatel: petr [Práva správce]
Mód: Kontrola -- Datum: 05/27/2012 16:20:34

¤¤¤ Škodlivé procesy: 0 ¤¤¤

¤¤¤ Záznamy Registrů: 3 ¤¤¤
[DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{7DA457A6-8DAC-4D31-ABD2-20B2AF258C63} : NameServer (160.218.167.5 160.218.161.60) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač: [NENAHRÁNO] ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS545050B9A300 +++++
--- User ---
[MBR] 661b1a7312004425a3c469b63c2de8d0
[BSP] 2db006947ca13453a9f03ded5ba9a734 : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 14000 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 28674048 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 28878848 | Size: 462838 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1].txt >>
RKreport[1].txt

našlo to nějaké dvě věci a doporučuje je to smazat. Zatím jsem nic neprovedl.

Logy z OLT

Jinak Wincheck vytvořil soubor report.txt ale byl prázdný.

Děkuji za uklidnění. Určitě se za 14 dní ozvu. Přesně tak

přišel od LucieP. Ona ho ale určitě nijak neotevírala ale jen mi ho přeposlala protože si myslela, že se jedná o nějakou německou reklamu z obchodu kde jsem kupoval TV. Takže je v tom v podstatě nevině

Kdyby pc začalo zlobit tak se ozvu dřív.

Ještě jednou děkuji a přeji hezký zbytek dne.

VIRY.CZ

Asi trojský kůň (zaplaťte 100 EURO)

Asi trojský kůň (zaplaťte 100 EURO)

Re: Asi trojský kůň (zaplaťte 100 EURO)

Re: Asi trojský kůň (zaplaťte 100 EURO)

Re: Asi trojský kůň (zaplaťte 100 EURO)

Re: Asi trojský kůň (zaplaťte 100 EURO)

Re: Asi trojský kůň (zaplaťte 100 EURO)

Re: Asi trojský kůň (zaplaťte 100 EURO)

Re: Asi trojský kůň (zaplaťte 100 EURO)