Prosím o Preventivní Kontrolu (Pomalé PC a chyby)

[MH20]

Dobrý Večer, vkládám sem log děkuji předem

Logfile of random's system information tool 1.06 (written by random/random)
Run by MH20 at 2010-01-10 20:15:40
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 159 GB (33%) free of 477 GB
Total RAM: 3199 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:15:50, on 10.1.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Keyboard Driver\OEMDriver.exe
C:\Windows\PixArt\PAC207\Monitor.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Steam\Steam.exe
C:\Users\MH20\Program Files\DNA\btdna.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\ICQ6.5\ICQ.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\MagicTune Premium\GammaTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\SEC\Natural Color Pro\NCProTray.exe
C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe
C:\Program Files\Xfire\Xfire.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_1_3_0\RGSC.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Hotspot Shield\bin\openvpntray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Windows\system32\conime.exe
C:\Program Files\MSI\DualCoreCenter\DualCoreCenter.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10d.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\MH20\Desktop\RSIT.exe
C:\Program Files\trend micro\MH20.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
R3 - URLSearchHook: PageRage Toolbar - {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files\PageRage\tbPage.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: PageRage Toolbar - {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files\PageRage\tbPage.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\hssie\HssIE.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Client\YontooIEClient.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: PageRage Toolbar - {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files\PageRage\tbPage.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [KBDriver] C:\Program Files\Keyboard Driver\OEMDriver.exe
O4 - HKLM\..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\MH20\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent
O4 - Startup: ImpulseNow.lnk = C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe
O4 - Startup: reguser.lnk = C:\Windows\System32\reguser.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: DualCoreCenter.lnk = C:\Program Files\MSI\DualCoreCenter\StartUpDualCoreCenter.exe
O4 - Global Startup: GammaTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: NCProTray.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O16 - DPF: {7A0D1738-10EA-47FF-92BE-4E137B5BE1A4} (Stm Class) - https://mpsnare.iesnare.com/StmOCX.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Služba Google Update (gupdate1ca145bff052e4b) (gupdate1ca145bff052e4b) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MagicTuneEngine - Unknown owner - C:\Program Files\MagicTune Premium\MagicTuneEngine.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 13753 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{C9B45C64-ECD0-426B-9FD0-67B0A7DA00B5}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2009-07-31 909040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-07-15 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9565115d-c7d6-46d3-bd63-b67b481a4368}]
PageRage Toolbar - C:\Program Files\PageRage\tbPage.dll [2009-11-09 2331672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-08-04 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
Hotspot Shield Class - C:\Program Files\Hotspot Shield\hssie\HssIE.dll [2009-11-01 218160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
Yontoo Layers - C:\Program Files\Yontoo Layers Client\YontooIEClient.dll [2009-11-20 194912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2009-07-31 159472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-06-12 958712]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-11-24 953800]

{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2009-07-31 909040]
{9565115d-c7d6-46d3-bd63-b67b481a4368} - PageRage Toolbar - C:\Program Files\PageRage\tbPage.dll [2009-11-09 2331672]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-02-13 4915200]
"Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"KBDriver"=C:\Program Files\Keyboard Driver\OEMDriver.exe [2006-07-25 151552]
"Monitor"=C:\Windows\PixArt\PAC207\Monitor.exe [2006-11-03 319488]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
"YSearchProtection"=C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2009-02-23 111856]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-10-28 141600]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-11-04 98304]
"ATICustomerCare"=C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [2009-06-14 307200]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883840]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-02-28 1828136]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-02-26 2289664]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"Steam"=c:\program files\steam\steam.exe [2009-10-24 1217808]
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2009-10-04 306088]
"BitTorrent DNA"=C:\Users\MH20\Program Files\DNA\btdna.exe [2009-10-28 323392]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"ICQ"=C:\Program Files\ICQ6.5\ICQ.exe [2009-11-16 172792]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
DualCoreCenter.lnk - C:\Program Files\MSI\DualCoreCenter\StartUpDualCoreCenter.exe
GammaTray.lnk - C:\Program Files\MagicTune Premium\GammaTray.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
NCProTray.lnk - C:\Program Files\SEC\Natural Color Pro\NCProTray.exe

C:\Users\MH20\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
ImpulseNow.lnk - C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe
reguser.lnk - C:\Windows\System32\reguser.exe
Xfire.lnk - C:\Program Files\Xfire\Xfire.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\system32\wpdshserviceobj.dll [2009-10-01 87552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{911f513a-8044-11de-becd-806e6f6e6963}]
shell\AutoRun\command - D:\autorun.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 2 months======

2010-01-08 22:09:46 ----A---- C:\Windows\system32\aswBoot.exe
2009-12-27 15:25:59 ----D---- C:\Program Files\OpenAL
2009-12-27 15:25:59 ----A---- C:\Windows\system32\wrap_oal.dll
2009-12-27 15:25:59 ----A---- C:\Windows\system32\OpenAL32.dll
2009-12-27 15:10:51 ----D---- C:\Program Files\Kane a Lych
2009-12-25 16:37:03 ----D---- C:\Program Files\Microsoft WSE
2009-12-24 11:36:54 ----D---- C:\Program Files\S.W.A.T. 4
2009-12-23 15:21:22 ----D---- C:\Program Files\Dark Messiah of Might and Magic
2009-12-23 00:59:32 ----A---- C:\Windows\system32\xfcodec.dll
2009-12-22 19:35:37 ----A---- C:\Windows\system32\tsccvid.dll
2009-12-22 19:35:34 ----D---- C:\Windows\system32\QuickTime
2009-12-22 19:34:44 ----D---- C:\Program Files\Common Files\TechSmith Shared
2009-12-20 12:55:16 ----D---- C:\hl2
2009-12-20 12:55:15 ----D---- C:\bin
2009-12-20 12:55:13 ----D---- C:\reslists
2009-12-20 12:55:12 ----D---- C:\platform
2009-12-15 17:21:32 ----A---- C:\Windows\system32\uc_wepic_launching.dll
2009-12-13 10:16:43 ----D---- C:\ProgramData\ATI
2009-12-10 16:03:21 ----A---- C:\Windows\system32\nshhttp.dll
2009-12-10 16:03:18 ----A---- C:\Windows\system32\httpapi.dll
2009-12-09 20:54:21 ----A---- C:\Windows\system32\winhttp.dll
2009-12-09 20:54:06 ----A---- C:\Windows\system32\mshtml.dll
2009-12-09 20:54:04 ----A---- C:\Windows\system32\iertutil.dll
2009-12-09 20:54:04 ----A---- C:\Windows\system32\ieframe.dll
2009-12-09 20:54:03 ----A---- C:\Windows\system32\wininet.dll
2009-12-09 20:54:03 ----A---- C:\Windows\system32\urlmon.dll
2009-12-09 20:54:03 ----A---- C:\Windows\system32\occache.dll
2009-12-09 20:54:03 ----A---- C:\Windows\system32\msfeeds.dll
2009-12-09 20:54:03 ----A---- C:\Windows\system32\iedkcs32.dll
2009-12-09 20:54:02 ----A---- C:\Windows\system32\msfeedssync.exe
2009-12-09 20:54:02 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-12-09 20:54:02 ----A---- C:\Windows\system32\jsproxy.dll
2009-12-09 20:54:02 ----A---- C:\Windows\system32\ieUnatt.exe
2009-12-09 20:54:02 ----A---- C:\Windows\system32\ieui.dll
2009-12-09 20:54:02 ----A---- C:\Windows\system32\iesysprep.dll
2009-12-09 20:54:02 ----A---- C:\Windows\system32\iesetup.dll
2009-12-09 20:54:02 ----A---- C:\Windows\system32\iernonce.dll
2009-12-09 20:54:02 ----A---- C:\Windows\system32\iepeers.dll
2009-12-09 20:54:02 ----A---- C:\Windows\system32\ie4uinit.exe
2009-12-09 20:53:41 ----A---- C:\Windows\system32\rastls.dll
2009-12-05 20:43:01 ----D---- C:\Program Files\Borderlands
2009-12-05 11:43:39 ----A---- C:\Windows\system32\d3dx10_42.dll
2009-12-05 11:43:38 ----A---- C:\Windows\system32\D3DX9_42.dll
2009-12-05 11:43:37 ----A---- C:\Windows\system32\d3dx10_37.dll
2009-12-05 11:43:37 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2009-12-05 11:43:36 ----A---- C:\Windows\system32\xinput1_3.dll
2009-12-05 11:43:36 ----A---- C:\Windows\system32\D3DX9_37.dll
2009-12-01 15:39:45 ----D---- C:\Users\MH20\AppData\Roaming\IMVU
2009-12-01 15:39:06 ----D---- C:\Users\MH20\AppData\Roaming\IMVUClient
2009-11-30 18:02:40 ----A---- C:\Windows\system32\xliveinstall.dll
2009-11-30 18:02:38 ----A---- C:\Windows\system32\xliveinstallhost.exe
2009-11-28 13:28:16 ----D---- C:\ProgramData\Test Drive Unlimited
2009-11-28 10:38:06 ----D---- C:\ProgramData\WindowsSearch
2009-11-26 12:49:42 ----A---- C:\Windows\system32\tzres.dll
2009-11-25 14:47:04 ----A---- C:\Windows\system32\msxml6.dll
2009-11-25 14:47:04 ----A---- C:\Windows\system32\msxml3.dll
2009-11-23 20:44:54 ----D---- C:\Program Files\PageRage
2009-11-23 20:44:54 ----D---- C:\Program Files\Conduit
2009-11-23 20:44:47 ----D---- C:\Program Files\Yontoo Layers Client
2009-11-23 20:44:46 ----D---- C:\ProgramData\Tarma Installer
2009-11-21 11:31:56 ----D---- C:\Program Files\Atari
2009-11-11 17:17:35 ----D---- C:\Users\MH20\AppData\Roaming\OpenOffice.org
2009-11-11 16:24:52 ----A---- C:\Windows\system32\WSDApi.dll

======List of files/folders modified in the last 2 months======

2010-01-10 20:15:50 ----D---- C:\Windows\Prefetch
2010-01-10 20:15:46 ----D---- C:\Windows\temp
2010-01-10 20:15:42 ----D---- C:\Program Files\trend micro
2010-01-10 20:07:34 ----D---- C:\Users\MH20\AppData\Roaming\DNA
2010-01-10 18:19:08 ----SHD---- C:\Windows\Installer
2010-01-10 15:23:03 ----SHD---- C:\System Volume Information
2010-01-10 14:19:10 ----D---- C:\Windows\Tasks
2010-01-10 13:51:02 ----D---- C:\Program Files\Steam
2010-01-09 23:21:53 ----D---- C:\Program Files\Game Cam
2010-01-09 18:08:56 ----D---- C:\Users\MH20\AppData\Roaming\Xfire
2010-01-08 22:10:20 ----D---- C:\Windows\system32\drivers
2010-01-08 22:10:04 ----D---- C:\Windows\System32
2010-01-08 22:05:36 ----D---- C:\Users\MH20\AppData\Roaming\ICQ
2010-01-07 20:43:29 ----D---- C:\Windows\inf
2010-01-07 20:43:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-01-07 14:32:08 ----D---- C:\ProgramData\Xfire
2010-01-05 14:16:57 ----RD---- C:\Users
2010-01-05 13:28:02 ----D---- C:\Program Files\Mozilla Firefox
2010-01-05 13:27:31 ----D---- C:\Program Files\Xfire
2010-01-02 21:51:26 ----D---- C:\Program Files\DriftCity
2010-01-02 21:19:41 ----SD---- C:\Windows\Downloaded Program Files
2010-01-02 18:58:04 ----A---- C:\Windows\NeroDigital.ini
2009-12-30 11:18:48 ----D---- C:\Program Files\ICQ6.5
2009-12-30 11:17:58 ----D---- C:\Program Files\Common Files\Steam
2009-12-29 15:00:49 ----D---- C:\Windows\system32\catroot2
2009-12-27 18:26:10 ----RD---- C:\Program Files
2009-12-25 16:37:08 ----RSD---- C:\Windows\assembly
2009-12-25 16:28:18 ----D---- C:\Program Files\Electronic Arts
2009-12-25 16:28:16 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-24 16:20:51 ----D---- C:\ProgramData\Google Updater
2009-12-22 19:34:44 ----D---- C:\Program Files\Common Files
2009-12-20 15:19:48 ----D---- C:\Users\MH20\AppData\Roaming\U3
2009-12-20 13:44:07 ----D---- C:\Users\MH20\AppData\Roaming\uTorrent
2009-12-16 17:06:34 ----D---- C:\Program Files\TeamViewer
2009-12-16 16:32:16 ----D---- C:\Program Files\Hotspot Shield
2009-12-14 13:50:05 ----D---- C:\Windows\system32\Tasks
2009-12-13 10:18:14 ----D---- C:\Windows
2009-12-13 10:16:43 ----D---- C:\ProgramData
2009-12-11 23:34:56 ----D---- C:\Program Files\ATI
2009-12-11 23:34:23 ----D---- C:\Program Files\ATI Technologies
2009-12-11 23:32:29 ----D---- C:\Windows\system32\catroot
2009-12-10 19:45:05 ----D---- C:\Windows\rescache
2009-12-10 19:41:22 ----D---- C:\Windows\winsxs
2009-12-10 19:10:04 ----D---- C:\Windows\system32\migration
2009-12-10 19:10:04 ----D---- C:\Windows\system32\cs-CZ
2009-12-10 19:10:04 ----D---- C:\Program Files\Windows Mail
2009-12-10 19:10:04 ----D---- C:\Program Files\Internet Explorer
2009-12-05 22:12:34 ----D---- C:\Windows\system32\directx
2009-12-05 22:12:29 ----HD---- C:\Windows\msdownld.tmp
2009-12-05 11:44:35 ----A---- C:\Windows\win.ini
2009-12-05 11:41:33 ----D---- C:\Program Files\Common Files\microsoft shared
2009-12-02 15:59:55 ----D---- C:\Program Files\DAEMON Tools Toolbar
2009-12-01 21:06:19 ----A---- C:\Windows\system32\mrt.exe
2009-12-01 20:21:46 ----A---- C:\Windows\ODBC.INI
2009-11-14 16:12:14 ----D---- C:\Program Files\Rockstar Games
2009-11-12 15:01:24 ----D---- C:\Windows\Debug

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2008-07-19 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2008-07-19 78416]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2008-07-19 42912]
R1 NCPro;NCPro; C:\Windows\system32\drivers\MTictwl.sys [2007-12-05 13184]
R1 vmm;Virtual Machine Monitor; \??\C:\Windows\system32\Drivers\vmm.sys [2007-02-18 232816]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 51280]
R3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-09-30 103440]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-11-04 5079040]
R3 DualCoreCenter;DualCoreCenter; \??\C:\Program Files\MSI\DualCoreCenter\NTGLM7X.sys [2008-02-27 28160]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-04-23 26176]
R3 HssDrv;Hotspot Shield Helper Miniport; C:\Windows\system32\DRIVERS\HssDrv.sys [2009-10-02 37376]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-02-14 2061528]
R3 PAC207;i-Look 111; C:\Windows\system32\DRIVERS\PFC027.SYS [2007-06-29 611584]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-02-14 118784]
R3 RushTopDevice2;RushTopDevice2; \??\C:\Program Files\MSI\DualCoreCenter\RushTop.sys [2008-04-23 56320]
R3 taphss;Anchorfree HSS Adapter; C:\Windows\system32\DRIVERS\taphss.sys [2009-10-02 32768]
R3 VPCNetS2;Virtual Machine Network Services Driver; C:\Windows\system32\DRIVERS\VMNetSrv.sys [2007-01-29 59280]
S3 a2wqve86;a2wqve86; C:\Windows\system32\drivers\a2wqve86.sys []
S3 catchme;catchme; \??\C:\Users\MH20\AppData\Local\Temp\catchme.sys []
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MagicTune;MagicTune; C:\Windows\system32\drivers\MTiCtwl.sys [2007-12-05 13184]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 TKFsAc;TKFsAc; \??\C:\Windows\system32\TKFsAc2k.sys []
S3 TKFsAv;TKFsAv; \??\C:\Windows\system32\TKFsAv2k.sys []
S3 TKFsFt;TKFsFt; \??\C:\Windows\system32\TKFsFt2k.sys []
S3 TKRgAc;TKRgAc; \??\C:\Windows\system32\TKRgAc2k.sys []
S3 TKRgFt;TKRgFt; \??\C:\Windows\system32\TKRgFtXp.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 w800bus;Sony Ericsson W800 driver (WDM); C:\Windows\system32\DRIVERS\w800bus.sys [2005-06-13 60768]
S3 w800mgmt;Sony Ericsson W800 USB WMC Device Management Drivers; C:\Windows\system32\DRIVERS\w800mgmt.sys [2005-05-24 79216]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-11-04 172032]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2009-10-29 1074568]
R2 HotspotShieldService;Hotspot Shield Service; C:\Program Files\Hotspot Shield\bin\openvpnas.exe [2009-11-17 224816]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HssSrv;Hotspot Shield Routing Service; C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe [2009-11-12 331824]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-06-10 222456]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-02-26 73728]
R2 MagicTuneEngine;MagicTuneEngine; C:\Program Files\MagicTune Premium\MagicTuneEngine.exe [2007-08-23 45056]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-08-11 75064]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2009-12-16 185640]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R2 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-19 348344]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-10-28 545568]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
R3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-12-29 321320]
S2 gupdate1ca145bff052e4b;Služba Google Update (gupdate1ca145bff052e4b); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-03 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-04 190448]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-08-04 68096]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 fsssvc;Služba Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 HssTrayService;Hotspot Shield Tray Service; C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE [2009-11-17 57640]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2009-11-02 3341224]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------

P.S.
chyby = při startu plochy mám černou obrazovku s okénkem přejete si smazat osobní informace IE dávám ne naběhne plocha a pár chyb se spouštěním skriptů vždy stejné někdy vyjede i hudba tento problém sem tu asi před měsícem možná víc řešily ale nenašlo se řešení , tedy jedno bylo ale nemohlo se uskutečnit , tedy mohlo ale proste sem to nemohl provédst, každopádně prosím jen o preventivku děkuji =)

[MH20]

bez odpovědi?

[motji]

Dobré ranko
Toolbary, které nepoužíváte, doporučuji odinstalovat
ICQToolBar
DAEMON Tools Toolbar
Yahoo! Toolbar

C:\Users\MH20\Program Files\DNA\btdna.exe - také doporučuji dát pryč


Start - ovládací panely - možnosti složky - zobrazení - odkrýt skryté a systémové soubory

Dejte soubor otestovat na http://www.virustotal.com

C:\Program Files\Yontoo Layers Client\YontooIEClient.dll
C:\Windows\System32\reguser.exe
C:\Windows\system32\uc_wepic_launching.dll
C:\Windows\system32\TKRgAc2k.sys

Do okénka zkopírujte cestu k souboru , pokud napíše, že soubor byl už testován, dejte otestovat znovu.
Sem vložte link s výsledky.

tyto složky znáte?
C:\hl2
C:\bin
C:\reslists
C:\platform

[MH20]

Odinstaloval jsem : PageRage Toolbar
ICQ Toolbar
Yahoo Toolbar

složky hl2,bin a platform znám

složku DNA Sem vymazal

-----VirusTotal------
-
Soubor YontooIEClient.dll
0/41
-
Soubor reguser.exe
0/41
-
Soubor uc_wepic_launching.dll
0/41
-
Poslední soubor nebyl nalezen ani přez zobrazení skrytých složek....

[motji]

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

-souhlaste s instalací konzole pro zotavení

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, skopírujte celý jeho obsah sem

[MH20]

před půl hodinou sem spustil combofix stím že se aktualizoval restartoval pc přihlásil sem se a spustil se (pro mě ještě v černém ploše..neřešte) ted tam měli vyběhnout tY něco od 1-49 ale po 20minut nic, vím že předtím se dělala nějaká záloha...mno tak sem to vypl a ¨spustil znovu zase záloha a sken 10min vůbec nci vypl sem to restartoval modem a napsal jsem sem....ten Combofix neodpovídá....

co ted? (prvně divný sken vůbec za celé použití tohoto programu, Combofix sem nikdy nevyužil bez svolení vám.

[motji]

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
- spustte, klikněte na Run Scan
- po skončení skenu sem vložte obsah logů z OTL.Txt a Extras.txt


Stáhněte Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878
- rozbalte a spusťte
-proběhne sken, po skončení se otevře okno s výsledky, klikněte na Save a tím si uložíte log,který sem vložíte

-Podle návodu v odkazu provedete druhý sken a log sem také vložíte.

[MH20]

První log z OTL

OTL logfile created on: 16.1.2010 10:40:08 - Run 1
OTL by OldTimer - Version 3.1.25.1 Folder = C:\Users\MH20\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 38,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 62,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 151,49 Gb Free Space | 32,53% Space Free | Partition Type: NTFS
Drive D: | 6,95 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MH20-PC
Current User Name: MH20
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.01.16 10:34:50 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Users\MH20\Desktop\OTL.exe
PRC - [2010.01.15 15:58:15 | 00,102,400 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
PRC - [2010.01.14 17:14:20 | 00,160,752 | ---- | M] (Google) -- C:\Program Files\Google\Google Updater\GoogleUpdater.exe
PRC - [2009.12.29 13:09:07 | 00,321,320 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe
PRC - [2009.12.23 00:59:28 | 03,192,720 | ---- | M] (Xfire Inc.) -- C:\Program Files\Xfire\Xfire.exe
PRC - [2009.12.16 09:14:52 | 00,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
PRC - [2009.11.21 07:42:38 | 00,638,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009.11.16 16:36:19 | 00,172,792 | ---- | M] (ICQ, LLC.) -- C:\Program Files\ICQ6.5\ICQ.exe
PRC - [2009.11.04 16:45:32 | 00,360,448 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009.11.04 16:45:02 | 00,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009.10.31 20:13:34 | 00,136,176 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe
PRC - [2009.10.29 12:27:54 | 01,074,568 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2009.10.28 20:21:26 | 00,141,600 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009.10.28 20:21:14 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009.10.28 04:31:14 | 00,257,440 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10d.exe
PRC - [2009.10.24 11:36:20 | 01,217,808 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2009.10.04 15:32:56 | 01,457,064 | ---- | M] (Take-Two Interactive Software, Inc.) -- C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_1_3_0\RGSC.exe
PRC - [2009.08.11 18:06:51 | 00,075,064 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe
PRC - [2009.07.29 20:20:35 | 00,365,872 | ---- | M] (Stardock Corporation) -- C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe
PRC - [2009.07.09 11:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009.05.19 10:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009.04.22 17:38:50 | 00,065,536 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
PRC - [2009.04.22 17:37:16 | 00,065,536 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
PRC - [2009.04.11 07:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 07:27:28 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009.03.31 09:39:36 | 00,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2009.03.30 16:28:36 | 01,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009.03.30 16:28:36 | 00,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.02.23 14:05:34 | 00,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2009.02.06 17:21:00 | 00,224,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe
PRC - [2009.02.06 16:07:48 | 00,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2008.12.12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008.11.09 21:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008.07.19 16:38:34 | 00,078,008 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2008.07.19 16:38:28 | 00,147,640 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2008.07.19 16:38:04 | 00,250,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2008.07.19 16:34:56 | 00,348,344 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2008.07.19 16:25:06 | 00,016,056 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008.04.23 09:45:26 | 31,256,576 | ---- | M] () -- C:\Program Files\MSI\DualCoreCenter\DualCoreCenter.exe
PRC - [2008.03.25 19:49:02 | 00,184,320 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
PRC - [2008.03.25 19:49:00 | 00,569,344 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
PRC - [2008.03.25 19:40:42 | 00,214,360 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2008.02.28 16:07:58 | 01,828,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2008.02.28 16:07:48 | 00,529,704 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
PRC - [2008.02.26 13:13:22 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2008.02.26 13:08:32 | 02,289,664 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
PRC - [2008.02.13 06:52:10 | 04,915,200 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.01.21 03:25:33 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2008.01.21 03:23:32 | 01,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008.01.21 03:23:32 | 00,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe
PRC - [2008.01.21 03:23:24 | 00,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe
PRC - [2007.08.23 14:05:18 | 00,045,056 | ---- | M] () -- C:\Program Files\MagicTune Premium\MagicTuneEngine.exe
PRC - [2007.03.11 20:34:40 | 00,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2007.01.15 15:18:00 | 00,036,864 | ---- | M] () -- C:\Program Files\MagicTune Premium\GammaTray.exe
PRC - [2006.11.03 10:01:16 | 00,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\PAC207\Monitor.exe
PRC - [2006.07.25 19:07:30 | 00,151,552 | ---- | M] () -- C:\Program Files\Keyboard Driver\OEMDriver.exe
PRC - [2006.04.10 13:24:20 | 00,049,220 | ---- | M] (Samsung) -- C:\Program Files\SEC\Natural Color Pro\NCProTray.exe


========== Modules (SafeList) ==========

MOD - [2010.01.16 10:34:50 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Users\MH20\Desktop\OTL.exe
MOD - [2009.12.23 00:59:40 | 00,938,384 | ---- | M] (Xfire Inc.) -- C:\Program Files\Xfire\xfire_toucan_40700.dll
MOD - [2009.04.11 07:21:38 | 01,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008.01.21 03:23:45 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll
MOD - [2003.02.21 04:42:22 | 00,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MSVCR71.dll


========== Win32 Services (SafeList) ==========

SRV - [2010.01.14 17:14:24 | 00,194,032 | ---- | M] (Google) [Auto | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009.12.29 13:09:07 | 00,321,320 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009.12.16 09:14:52 | 00,185,640 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2009.11.04 16:45:02 | 00,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.11.02 22:51:00 | 03,341,224 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2009.10.29 12:27:54 | 01,074,568 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2009.10.28 20:21:14 | 00,545,568 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009.09.25 02:27:04 | 00,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.08.11 18:06:51 | 00,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PnkBstrA.exe -- (PnkBstrA)
SRV - [2009.08.05 21:48:42 | 00,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009.08.04 21:57:32 | 00,068,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2009.08.03 18:01:05 | 00,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1ca145bff052e4b) Služba Google Update (gupdate1ca145bff052e4b)
SRV - [2009.07.09 11:22:18 | 00,144,712 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009.05.19 10:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009.03.31 09:39:36 | 00,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009.03.30 16:28:36 | 01,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.02.18 19:38:43 | 00,129,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.12.12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008.11.19 18:23:16 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2008.11.09 21:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008.07.19 16:38:28 | 00,147,640 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2008.07.19 16:38:04 | 00,250,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2008.07.19 16:34:56 | 00,348,344 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2008.07.19 16:25:06 | 00,016,056 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2008.07.18 12:13:20 | 00,053,760 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\System32\HPZipm12.dll -- (Pml Driver HPZ12)
SRV - [2008.07.18 12:13:20 | 00,044,032 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\System32\HPZinw12.dll -- (Net Driver HPZ12)
SRV - [2008.04.07 09:17:30 | 00,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.03.25 20:27:36 | 00,135,168 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2008.02.28 16:07:48 | 00,529,704 | ---- | M] (Nero AG) [On_Demand | Running] -- C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2008.02.26 13:13:22 | 00,073,728 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2008.01.21 03:23:32 | 00,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.21 03:23:24 | 00,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008.01.21 03:23:24 | 00,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007.08.23 14:05:18 | 00,045,056 | ---- | M] () [Auto | Running] -- C:\Program Files\MagicTune Premium\MagicTuneEngine.exe -- (MagicTuneEngine)
SRV - [2006.11.02 13:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2005.04.04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003.07.28 19:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


========== Driver Services (SafeList) ==========

DRV - [2009.11.04 17:16:46 | 05,079,040 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.10.02 00:41:44 | 00,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\taphss.sys -- (taphss)
DRV - [2009.09.30 15:31:46 | 00,103,440 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009.08.05 21:48:42 | 00,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2009.08.05 12:11:02 | 00,344,064 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\TKFsAv.dll -- (TKFsAv)
DRV - [2009.08.05 12:11:02 | 00,155,648 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\TKFsAc.dll -- (TKFsAc)
DRV - [2009.08.05 12:11:02 | 00,147,456 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\TKRgAc.dll -- (TKRgAc)
DRV - [2009.08.05 12:11:02 | 00,143,360 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\TKRgFt.dll -- (TKRgFt)
DRV - [2009.08.05 12:11:02 | 00,143,360 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\TKFsFt.dll -- (TKFsFt)
DRV - [2009.08.03 19:15:55 | 00,721,904 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2009.05.18 13:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009.04.23 10:15:06 | 00,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.04.11 05:42:52 | 00,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2009.03.31 09:39:36 | 00,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.03.20 10:01:26 | 00,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009.03.20 10:01:26 | 00,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009.03.20 10:01:26 | 00,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2008.07.19 16:37:42 | 00,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2008.07.19 16:36:03 | 00,051,280 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2008.07.19 16:35:18 | 00,078,416 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2008.07.19 16:33:42 | 00,023,152 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2008.07.19 16:32:36 | 00,042,912 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2008.04.23 09:38:50 | 00,056,320 | ---- | M] (Your Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\MSI\DualCoreCenter\RushTop.sys -- (RushTopDevice2)
DRV - [2008.02.27 07:08:04 | 00,028,160 | ---- | M] (MICRO-STAR INT'L CO., LTD.) [Kernel | On_Demand | Running] -- C:\Program Files\MSI\DualCoreCenter\NTGLM7X.sys -- (DualCoreCenter)
DRV - [2008.02.14 10:03:10 | 02,061,528 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.02.14 07:56:02 | 00,118,784 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008.01.21 03:23:27 | 00,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008.01.21 03:23:27 | 00,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008.01.21 03:23:27 | 00,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008.01.21 03:23:26 | 00,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008.01.21 03:23:26 | 00,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008.01.21 03:23:26 | 00,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008.01.21 03:23:25 | 00,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008.01.21 03:23:25 | 00,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008.01.21 03:23:24 | 01,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008.01.21 03:23:24 | 00,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008.01.21 03:23:24 | 00,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008.01.21 03:23:23 | 00,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008.01.21 03:23:23 | 00,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008.01.21 03:23:23 | 00,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008.01.21 03:23:23 | 00,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008.01.21 03:23:23 | 00,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008.01.21 03:23:23 | 00,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008.01.21 03:23:22 | 00,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008.01.21 03:23:21 | 00,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008.01.21 03:23:21 | 00,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008.01.21 03:23:21 | 00,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008.01.21 03:23:20 | 00,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008.01.21 03:23:00 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008.01.21 03:23:00 | 00,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008.01.21 03:23:00 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007.12.05 15:01:06 | 00,013,184 | ---- | M] (Samsung Electronics, Inc. ) [Kernel | System | Running] -- C:\Windows\system32\drivers\MTictwl.sys -- (NCPro)
DRV - [2007.12.05 15:01:06 | 00,013,184 | ---- | M] (Samsung Electronics, Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MTiCtwl.sys -- (MagicTune)
DRV - [2007.09.17 15:53:26 | 00,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.06.29 15:32:08 | 00,611,584 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PFC027.SYS -- (PAC207)
DRV - [2007.06.29 13:47:34 | 00,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2007.02.18 00:15:34 | 00,232,816 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VMM.sys -- (vmm)
DRV - [2007.01.29 06:20:34 | 00,059,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV - [2006.11.02 10:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 10:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 10:50:19 | 00,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 10:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 10:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 10:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 10:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 10:50:05 | 00,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 10:50:03 | 00,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 10:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 10:49:56 | 00,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 09:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 09:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 09:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 09:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 09:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 09:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 08:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006.11.02 07:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2005.06.13 09:03:12 | 00,060,768 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\w800bus.sys -- (w800bus) Sony Ericsson W800 driver (WDM)
DRV - [2005.05.24 15:00:56 | 00,079,216 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\w800mgmt.sys -- (w800mgmt)
DRV - [2004.05.07 15:01:14 | 00,020,016 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\PxHelp20.sys -- (PxHelp20)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/def ... earch.html

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {9565115d-c7d6-46d3-bd63-b67b481a4368}:2.4.0.4
FF - prefs.js..extensions.enabledItems: plugin@yontoo.com:1.10.01
FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009.12.22 17:15:27 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009.12.22 17:15:27 | 00,000,000 | ---D | M]

[2009.12.01 15:39:47 | 00,000,000 | ---D | M] -- C:\Users\MH20\AppData\Roaming\Mozilla\Extensions
[2009.12.01 15:39:47 | 00,000,000 | ---D | M] -- C:\Users\MH20\AppData\Roaming\Mozilla\Extensions\IMVUClientXUL@imvu.com
[2010.01.14 17:46:47 | 00,000,000 | ---D | M] -- C:\Users\MH20\AppData\Roaming\Mozilla\Firefox\Profiles\rjr6if9x.default\extensions
[2009.11.23 20:44:52 | 00,000,000 | ---D | M] (PageRage Toolbar) -- C:\Users\MH20\AppData\Roaming\Mozilla\Firefox\Profiles\rjr6if9x.default\extensions\{9565115d-c7d6-46d3-bd63-b67b481a4368}
[2009.11.23 20:44:49 | 00,000,000 | ---D | M] -- C:\Users\MH20\AppData\Roaming\Mozilla\Firefox\Profiles\rjr6if9x.default\extensions\plugin@yontoo.com
[2009.08.07 22:40:05 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.07.02 23:34:44 | 00,083,376 | ---- | M] (NHN USA Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
[2009.07.30 23:15:16 | 00,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2009.07.30 23:15:16 | 00,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2009.07.30 23:15:16 | 00,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2009.07.30 23:15:16 | 00,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2009.07.30 23:15:16 | 00,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Client\YontooIEClient.dll (Yontoo Technology, Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Google Updater] C:\Program Files\Google\Google Updater\GoogleUpdater.exe (Google)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [KBDriver] C:\Program Files\Keyboard Driver\OEMDriver.exe ()
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKCU..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
O4 - HKCU..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\MH20\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ImpulseNow.lnk = C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe (Stardock Corporation)
O4 - Startup: C:\Users\MH20\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\reguser.lnk = C:\Windows\System32\reguser.exe (Microsoft Corporation)
O4 - Startup: C:\Users\MH20\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {7A0D1738-10EA-47FF-92BE-4E137B5BE1A4} https://mpsnare.iesnare.com/StmOCX.cab (Stm Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/200 ... ader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\MH20\Documents\Pictures\So Annoyin\techno-utopia.jpg
O24 - Desktop BackupWallPaper: C:\Users\MH20\Documents\Pictures\So Annoyin\techno-utopia.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009.07.07 11:14:20 | 00,193,816 | R--- | M] (CAPCOM CO., LTD.) - D:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2009.06.29 03:01:24 | 00,000,047 | R--- | M] () - D:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{911f513a-8044-11de-becd-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{911f513a-8044-11de-becd-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Install.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.01.16 10:34:40 | 00,547,328 | ---- | C] (OldTimer Tools) -- C:\Users\MH20\Desktop\OTL.exe
[2010.01.16 10:24:38 | 00,000,000 | ---D | C] -- C:\ProgramData\hsswpr
[2010.01.15 23:33:40 | 00,000,000 | --SD | C] -- C:\ComboFix
[2010.01.15 23:33:10 | 00,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010.01.15 23:02:13 | 00,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CF20482.exe
[2010.01.15 23:02:08 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\swsc.exe
[2010.01.15 20:32:57 | 00,000,000 | ---D | C] -- C:\Users\MH20\Documents\My Art
[2010.01.15 16:04:16 | 00,000,000 | ---D | C] -- C:\Users\MH20\Documents\NPS
[2010.01.15 16:03:39 | 00,000,000 | ---D | C] -- C:\Users\MH20\AppData\Roaming\PC Suite
[2010.01.15 16:03:39 | 00,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2010.01.15 15:59:40 | 00,000,000 | ---D | C] -- C:\Program Files\MarkAnyContentSAFER
[2010.01.15 15:30:00 | 00,090,624 | ---- | C] (Nokia) -- C:\Windows\System32\nmwcdcls.dll
[2010.01.15 15:29:57 | 00,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010.01.15 15:29:55 | 00,021,632 | ---- | C] (Nokia) -- C:\Windows\System32\drivers\pccsmcfd.sys
[2010.01.15 15:29:24 | 00,121,856 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bmdm.sys
[2010.01.15 15:29:24 | 00,090,112 | ---- | C] (MCCI) -- C:\Windows\System32\drivers\ss_bbus.sys
[2010.01.15 15:29:24 | 00,014,976 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bmdfl.sys
[2010.01.15 15:29:24 | 00,012,160 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bwhnt.sys
[2010.01.15 15:29:24 | 00,012,160 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bwh.sys
[2010.01.15 15:29:24 | 00,012,160 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bcmnt.sys
[2010.01.15 15:29:24 | 00,012,160 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bcm.sys
[2010.01.15 15:28:40 | 00,000,000 | ---D | C] -- C:\Windows\System32\Samsung_USB_Drivers
[2010.01.15 15:28:07 | 00,233,472 | ---- | C] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
[2010.01.15 15:28:06 | 00,000,000 | ---D | C] -- C:\Users\MH20\Documents\My NPS Files
[2010.01.15 15:27:53 | 00,000,000 | ---D | C] -- C:\Users\MH20\AppData\Roaming\Samsung
[2010.01.15 15:27:21 | 00,000,000 | ---D | C] -- C:\Program Files\MarkAny
[2010.01.15 15:27:18 | 00,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2010.01.15 15:26:42 | 00,000,000 | ---D | C] -- C:\Program Files\Samsung
[2010.01.15 15:21:53 | 00,000,000 | ---D | C] -- C:\Users\MH20\AppData\Local\Downloaded Installations
[2010.01.13 16:53:39 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.01.13 16:53:39 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010.01.08 22:10:20 | 00,023,152 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010.01.08 22:10:19 | 00,042,912 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010.01.08 22:10:04 | 00,094,392 | ---- | C] (ALWIL Software) -- C:\Windows\System32\AvastSS.scr
[2010.01.08 22:10:04 | 00,078,416 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010.01.08 22:10:04 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010.01.08 22:09:46 | 01,163,960 | ---- | C] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2010.01.08 22:09:46 | 00,051,280 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2009.12.27 18:30:53 | 00,000,000 | ---D | C] -- C:\Users\MH20\AppData\Local\kaneandlynch
[2009.12.27 15:25:59 | 00,409,600 | ---- | C] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2009.12.27 15:25:59 | 00,114,688 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll
[2009.12.27 15:25:59 | 00,000,000 | ---D | C] -- C:\Program Files\OpenAL
[2009.12.27 15:10:51 | 00,000,000 | ---D | C] -- C:\Program Files\Kane a Lych
[2009.12.25 19:22:39 | 00,000,000 | ---D | C] -- C:\Users\MH20\Documents\Electronic Arts
[2009.12.25 16:37:03 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft WSE
[2009.12.25 16:02:44 | 00,000,000 | ---D | C] -- C:\Users\MH20\Desktop\the sims 3
[2009.12.24 11:36:54 | 00,000,000 | ---D | C] -- C:\Program Files\S.W.A.T. 4
[2009.12.23 15:21:22 | 00,000,000 | ---D | C] -- C:\Program Files\Dark Messiah of Might and Magic
[2009.12.22 19:35:37 | 00,107,864 | ---- | C] (TechSmith Corporation) -- C:\Windows\System32\tsccvid.dll
[2009.12.22 19:35:34 | 00,000,000 | ---D | C] -- C:\Windows\System32\QuickTime
[2009.12.22 19:34:44 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\TechSmith Shared
[2009.12.20 12:55:16 | 00,000,000 | ---D | C] -- C:\hl2
[2009.12.20 12:55:15 | 00,000,000 | ---D | C] -- C:\bin
[2009.12.20 12:55:13 | 00,000,000 | ---D | C] -- C:\reslists
[2009.12.20 12:55:12 | 00,000,000 | ---D | C] -- C:\platform
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.01.16 10:44:58 | 04,456,448 | -HS- | M] () -- C:\Users\MH20\ntuser.dat
[2010.01.16 10:35:03 | 00,284,915 | ---- | M] () -- C:\Users\MH20\Desktop\gmer.zip
[2010.01.16 10:34:50 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Users\MH20\Desktop\OTL.exe
[2010.01.16 10:25:32 | 00,000,972 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010.01.16 10:23:51 | 00,000,464 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{C9B45C64-ECD0-426B-9FD0-67B0A7DA00B5}.job
[2010.01.16 10:19:55 | 00,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.01.16 10:19:50 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.01.16 10:19:48 | 00,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.01.16 10:19:48 | 00,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.01.16 10:19:42 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.01.16 10:19:39 | 33,546,48576 | -HS- | M] () -- C:\hiberfil.sys
[2010.01.15 23:48:14 | 00,524,288 | -HS- | M] () -- C:\Users\MH20\ntuser.dat{7af6d4f6-c084-11de-ba25-001d9297f0be}.TMContainer00000000000000000001.regtrans-ms
[2010.01.15 23:48:14 | 00,065,536 | -HS- | M] () -- C:\Users\MH20\ntuser.dat{7af6d4f6-c084-11de-ba25-001d9297f0be}.TM.blf
[2010.01.15 23:48:08 | 02,487,832 | -H-- | M] () -- C:\Users\MH20\AppData\Local\IconCache.db
[2010.01.15 23:32:19 | 00,007,836 | ---- | M] () -- C:\Users\MH20\AppData\Local\d3d9caps.dat
[2010.01.15 23:18:00 | 00,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.01.15 23:01:57 | 00,318,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\CF20482.exe
[2010.01.15 20:38:54 | 01,393,902 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.01.15 20:38:54 | 00,600,270 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.01.15 20:38:54 | 00,587,654 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.01.15 20:38:54 | 00,115,502 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.01.15 20:38:54 | 00,101,726 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.01.15 15:57:58 | 00,005,632 | ---- | M] () -- C:\Windows\System32\drivers\StarOpen.sys
[2010.01.12 16:03:42 | 00,000,552 | ---- | M] () -- C:\Users\MH20\AppData\Local\d3d8caps.dat
[2010.01.11 20:30:58 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi_01_00_00.Wdf
[2010.01.09 16:31:25 | 00,845,010 | ---- | M] () -- C:\Users\MH20\Desktop\Lesbianááá xD.wmv
[2010.01.09 15:23:24 | 20,272,08104 | ---- | M] () -- C:\Users\MH20\Desktop\[NGC]Resident Evil Zero[PAL][Multi6][ESPALWii.com].rar
[2010.01.08 22:10:06 | 00,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010.01.08 16:11:58 | 03,745,391 | ---- | M] () -- C:\Users\MH20\Desktop\Miley Cyrus When I look at you me singing.wmv
[2010.01.07 15:44:32 | 00,372,672 | ---- | M] () -- C:\Users\MH20\Documents\BuddyPokeCards1
[2010.01.07 15:43:15 | 00,331,300 | ---- | M] () -- C:\Users\MH20\Documents\BuddyPokeCards.pdf
[2010.01.07 14:42:07 | 00,280,213 | ---- | M] () -- C:\Users\MH20\Desktop\gujfg.jpg
[2010.01.04 13:42:01 | 00,010,895 | -HS- | M] () -- C:\Users\MH20\Desktop\Folder.jpg
[2010.01.04 13:42:01 | 00,010,895 | -HS- | M] () -- C:\Users\MH20\Desktop\AlbumArt_{1023A60E-FCDD-4FFF-888E-F52138203F09}_Large.jpg
[2010.01.04 13:42:01 | 00,002,698 | -HS- | M] () -- C:\Users\MH20\Desktop\AlbumArtSmall.jpg
[2010.01.04 13:42:01 | 00,002,698 | -HS- | M] () -- C:\Users\MH20\Desktop\AlbumArt_{1023A60E-FCDD-4FFF-888E-F52138203F09}_Small.jpg
[2010.01.02 18:58:04 | 00,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010.01.02 16:26:44 | 00,164,864 | ---- | M] () -- C:\Users\MH20\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.01.02 15:41:19 | 05,169,113 | ---- | M] () -- C:\Users\MH20\Desktop\New Yorker TV Spot 2009 Drop Dead Gorgeous.wmv
[2009.12.27 15:25:59 | 00,409,600 | ---- | M] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2009.12.27 15:25:59 | 00,114,688 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll
[2009.12.23 17:30:20 | 11,825,2669 | ---- | M] () -- C:\Users\MH20\Desktop\Timbaland-Presents_Shock_Value_2-2009-DOH.rar
[2009.12.23 00:59:32 | 00,041,872 | ---- | M] () -- C:\Windows\System32\xfcodec.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.01.16 10:35:00 | 00,284,915 | ---- | C] () -- C:\Users\MH20\Desktop\gmer.zip
[2010.01.15 23:07:43 | 00,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010.01.15 15:28:07 | 00,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010.01.15 15:28:07 | 00,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2010.01.11 20:30:58 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi_01_00_00.Wdf
[2010.01.09 16:31:09 | 00,845,010 | ---- | C] () -- C:\Users\MH20\Desktop\Lesbianááá xD.wmv
[2010.01.08 22:09:46 | 00,380,928 | ---- | C] () -- C:\Windows\System32\actskin4.ocx
[2010.01.08 16:11:54 | 03,745,391 | ---- | C] () -- C:\Users\MH20\Desktop\Miley Cyrus When I look at you me singing.wmv
[2010.01.07 15:44:31 | 00,372,672 | ---- | C] () -- C:\Users\MH20\Documents\BuddyPokeCards1
[2010.01.07 15:43:12 | 00,331,300 | ---- | C] () -- C:\Users\MH20\Documents\BuddyPokeCards.pdf
[2010.01.07 14:42:06 | 00,280,213 | ---- | C] () -- C:\Users\MH20\Desktop\gujfg.jpg
[2010.01.04 13:42:02 | 00,010,895 | -HS- | C] () -- C:\Users\MH20\Desktop\AlbumArt_{1023A60E-FCDD-4FFF-888E-F52138203F09}_Large.jpg
[2010.01.04 13:42:02 | 00,002,698 | -HS- | C] () -- C:\Users\MH20\Desktop\AlbumArt_{1023A60E-FCDD-4FFF-888E-F52138203F09}_Small.jpg
[2010.01.02 15:41:06 | 05,169,113 | ---- | C] () -- C:\Users\MH20\Desktop\New Yorker TV Spot 2009 Drop Dead Gorgeous.wmv
[2009.12.23 15:08:17 | 11,825,2669 | ---- | C] () -- C:\Users\MH20\Desktop\Timbaland-Presents_Shock_Value_2-2009-DOH.rar
[2009.12.23 00:59:32 | 00,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2009.11.06 10:58:04 | 00,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009.09.08 16:23:09 | 00,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009.08.11 18:07:18 | 00,139,904 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009.08.11 15:08:31 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.08.08 10:38:40 | 00,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.08.06 19:25:59 | 01,511,424 | ---- | C] () -- C:\Windows\System32\sn3win.dll
[2009.08.05 20:45:21 | 00,000,052 | ---- | C] () -- C:\Users\MH20\AppData\Local\Temp.vbs
[2009.08.03 21:21:05 | 00,164,864 | ---- | C] () -- C:\Users\MH20\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.08.03 19:54:20 | 00,000,552 | ---- | C] () -- C:\Users\MH20\AppData\Local\d3d8caps.dat
[2009.08.03 19:20:59 | 00,000,284 | ---- | C] () -- C:\Windows\System32\Remover.ini
[2009.08.03 18:24:02 | 00,003,842 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2009.08.03 18:03:38 | 00,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.08.03 17:13:59 | 00,009,216 | ---- | C] () -- C:\Windows\System32\drivers\FlashSys.sys
[2009.08.03 17:13:23 | 00,217,088 | ---- | C] () -- C:\Windows\NVGfxOgl.dll
[2009.08.03 17:01:23 | 00,007,836 | ---- | C] () -- C:\Users\MH20\AppData\Local\d3d9caps.dat
[2008.10.07 08:13:30 | 00,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.10.07 08:13:22 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007.10.25 17:26:10 | 00,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2007.06.29 10:07:36 | 00,000,566 | ---- | C] () -- C:\Windows\System32\SP207.ini
[2006.11.02 13:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 08:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2003.04.09 14:38:04 | 00,005,664 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
[1993.07.23 18:31:02 | 00,210,944 | ---- | C] () -- C:\Windows\System32\Msvcrt10.dll

========== Files - Unicode (All) ==========
[2009.12.25 20:21:30 | 37,714,41553 | ---- | M] ()(C:\Users\MH20\Desktop\[????].[PC-GAME][ENG].Kane.and.Lynch.Dead.Men.[RAS][RiP].rar) -- C:\Users\MH20\Desktop\[喋血双雄].[PC-GAME][ENG].Kane.and.Lynch.Dead.Men.[RAS][RiP].rar
[2009.11.28 01:03:00 | 29,842,23623 | ---- | M] ()(C:\Users\MH20\Desktop\[???:??????].Batman.Arkham.Asylum.movies.rar) -- C:\Users\MH20\Desktop\[蝙蝠侠：阿卡姆疯人院].Batman.Arkham.Asylum.movies.rar
[2009.11.08 12:47:16 | 20,793,672 | ---- | M] ()(C:\Users\MH20\Desktop\[???:??????].Batman.Arkham.Asylum.full.rip.rar) -- C:\Users\MH20\Desktop\[蝙蝠侠：阿卡姆疯人院].Batman.Arkham.Asylum.full.rip.rar
[2009.10.26 18:02:07 | 20,793,672 | ---- | C] ()(C:\Users\MH20\Desktop\[???:??????].Batman.Arkham.Asylum.full.rip.rar) -- C:\Users\MH20\Desktop\[蝙蝠侠：阿卡姆疯人院].Batman.Arkham.Asylum.full.rip.rar
[2009.10.26 18:02:04 | 29,842,23623 | ---- | C] ()(C:\Users\MH20\Desktop\[???:??????].Batman.Arkham.Asylum.movies.rar) -- C:\Users\MH20\Desktop\[蝙蝠侠：阿卡姆疯人院].Batman.Arkham.Asylum.movies.rar
[2009.10.09 20:26:25 | 37,714,41553 | ---- | C] ()(C:\Users\MH20\Desktop\[????].[PC-GAME][ENG].Kane.and.Lynch.Dead.Men.[RAS][RiP].rar) -- C:\Users\MH20\Desktop\[喋血双雄].[PC-GAME][ENG].Kane.and.Lynch.Dead.Men.[RAS][RiP].rar

========== Alternate Data Streams ==========

@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:888AFB86
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:9B285B76
< End of report >

tak jak si to čtu já tak vidím že můžete vidět snad vše co mám na ploše =D či co

[MH20]

Druhý log z OTL ( Extras )

OTL Extras logfile created on: 16.1.2010 10:40:08 - Run 1
OTL by OldTimer - Version 3.1.25.1 Folder = C:\Users\MH20\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 38,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 62,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 151,49 Gb Free Space | 32,53% Space Free | Partition Type: NTFS
Drive D: | 6,95 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MH20-PC
Current User Name: MH20
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1720793700-1554441202-2008676704-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0557D02A-803A-42B3-B221-1EE034A4F538}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{18690CAA-4726-45B0-9609-8108C704F7C8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2FA22527-8907-4BCE-A51D-3CFE2376771C}" = rport=10243 | protocol=6 | dir=out | app=system |
"{4AFB4B97-C2D7-43F9-9BF4-D83843088D89}" = lport=2869 | protocol=6 | dir=in | app=system |
"{558509A4-F84D-42FF-8FF9-58C84F2AEB20}" = lport=10243 | protocol=6 | dir=in | app=system |
"{76D18150-BE40-4A4D-A1AA-8BAFBE42F7FF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{87A4A19E-2CA3-4FC1-8617-ECEDC2C4A4C2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{94170589-39B4-4122-BDCC-CE67F1FAC8D4}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B073AD36-FFCF-4422-8A88-1C54D2AEE9A5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{B86A755D-A452-4FBE-BA76-EEB7482D5EC6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{E4FBBD5F-875B-4F7A-9BF9-28022A3DB353}" = lport=2869 | protocol=6 | dir=in | app=system |
"{EDCC109B-9B39-44F0-B94C-D9C05A3E97EB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05428733-1E00-40BB-81D0-8D730D386898}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead\bin\sdklauncher.exe |
"{128C46D8-6E86-44AC-A3B6-3A3F266EFC30}" = protocol=6 | dir=in | app=c:\program files\aeriagames\projecttorque\projecttorque.bin |
"{1458BE14-2C75-4008-9DFF-E542AA146264}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{14A7C36E-0891-494E-841D-DF5DFB755C22}" = protocol=6 | dir=in | app=c:\users\mh20\appdata\local\temp\ijjioptimizer.exe |
"{14CDABA5-A24F-4ED5-9431-B0957E1FBD35}" = protocol=17 | dir=in | app=c:\users\mh20\appdata\local\temp\ijjioptimizer.exe |
"{18CAA7C4-1012-4EC2-9B59-9801CB25FB0D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{19E16E6C-FBF0-4607-9C99-D799B52D6BF7}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{1EF0A3B6-EE37-4B89-B19E-761ADB5B1E5A}" = protocol=6 | dir=in | app=c:\program files\capcom\resident evil 5\re5dx9.exe |
"{2046B602-1F82-4A52-9748-3C6F165DB27A}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{29716899-F352-4556-9B4F-BE30F6F3670F}" = protocol=17 | dir=in | app=c:\program files\aeriagames\projecttorque\projecttorque.bin |
"{2C11A029-86AD-45DF-920D-AB136A501E5E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5515013F-E398-4F2E-8BA3-ABA80739DD8C}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead\srcds.exe |
"{56B81131-7E7B-4EAA-BC35-F144B5A9A84B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5769A3A5-916B-4818-A6B4-58EBA64A0A67}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5A0B070C-7B1E-4F9D-83D7-2B3E4F528EC9}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{5B32E6C1-7A43-4FFB-A540-E17D7541DF20}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{5C9C76F7-C49F-4095-AB9C-03808C674491}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{6D45DBAC-8C10-4A8A-9533-AC6D280A0E30}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{7333DCEA-C431-4E0F-BE63-022066B27149}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{747AD669-09F2-441D-A6F2-4B141AA39464}" = protocol=17 | dir=in | app=c:\program files\capcom\resident evil 5\re5dx10.exe |
"{7A227C1B-08A2-4169-A2BB-238D488C9E05}" = protocol=17 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe |
"{824DEB77-9714-4DBD-84A4-7E6F4AE11716}" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{899B4F4E-27EC-45F0-87DD-F1FF406EFAFD}" = protocol=6 | dir=out | app=system |
"{8E2D81DF-3C53-423A-A7D4-928F5D15FB96}" = protocol=6 | dir=in | app=c:\program files\capcom\resident evil 5\re5dx10.exe |
"{8EC2F629-14BB-4288-9B0E-5E674FFE1C90}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead\bin\sdklauncher.exe |
"{8F88D2F9-E4FC-4D19-ACB5-93E9D68CE1A0}" = protocol=6 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe |
"{91046693-524F-4942-8BE1-DBAE0BAA7CCC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{95130A01-A123-4A2F-A41C-55B77BA79909}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead\left4dead.exe |
"{98FA1814-3426-4B43-AA5E-132212DB4FD3}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead\left4dead.exe |
"{ABE37755-A2FA-485C-98D5-E0D2409CE6F4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B5274D45-0A1A-4380-AB45-86E6C76112B3}" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{B882FF39-9A35-4984-83C8-7590D027115A}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{BAF1967C-DEEB-4807-9B17-D32514C1AC44}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{C182660E-933D-4F25-AD13-59A07E1D5A81}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{C5D4BD3B-C950-4237-B021-32FA64724271}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CA2D19DA-EF8D-4E9F-B125-C62A59684329}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CC245D3D-9572-4F85-B305-3E98E78131B2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CC2D825F-7A6D-4FBF-B2BB-A492A286F5D4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D46FED5A-FAB1-415F-827F-B7768559A332}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DB5DB1DF-4B50-4922-B6D7-5E6D68AA54F3}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{DD8B45BF-B101-48E2-8AEB-45B5935751BF}" = protocol=17 | dir=in | app=c:\program files\capcom\resident evil 5\re5dx9.exe |
"{E1FE6C27-37DF-4EAF-BC91-E6868EEE158E}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{E6528EA6-BC6B-4EF6-AA75-83AFCE352F28}" = protocol=17 | dir=in | app=c:\users\mh20\appdata\local\temp\purplebean.exe |
"{E9D7A511-289D-4C72-94CD-E25BEED99E3E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F0632EEB-E109-4D45-A526-66A86BE00886}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{F2AFDD1E-5649-4573-A781-05F1D6BBB4E0}" = protocol=6 | dir=in | app=c:\users\mh20\appdata\local\temp\purplebean.exe |
"{F60CB0FA-6269-41E4-8C26-44E7CAB24540}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F788D9BF-D458-469D-A0BE-DE57B7DE002C}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead\srcds.exe |
"{FC3B2B83-5E80-404D-B8F1-B508E0067314}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"TCP Query User{0863CE36-0156-4846-9978-9D86F8BF8A76}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{170B23ED-AD54-4CB5-9083-E8D8A2DE02A7}C:\program files\wolfenstein - enemy territory\et.exe" = protocol=6 | dir=in | app=c:\program files\wolfenstein - enemy territory\et.exe |
"TCP Query User{25AB61AC-9CF3-427D-865B-EE8E9C65B28C}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{325EAC42-5ED0-46A0-8053-C809AA0EDDA9}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{39425596-C6EE-46DE-9CF9-8DD9036DBB60}C:\program files\steam\steamapps\common\counter-strike\hl.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\counter-strike\hl.exe |
"TCP Query User{40972F67-1C1B-47F4-88FA-64DD468FFC60}C:\aeriagames\wolfteam\wolfteam.bin" = protocol=6 | dir=in | app=c:\aeriagames\wolfteam\wolfteam.bin |
"TCP Query User{424766F0-F328-45B6-8CF3-49698BAB2D4C}C:\program files\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe |
"TCP Query User{42C0DE79-0113-4673-A703-BCFA8ADFC92F}C:\program files\steam\steamapps\common\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\counter-strike source\hl2.exe |
"TCP Query User{44B5F5E3-62EB-4A81-9BFC-9386244D3245}C:\users\mh20\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\mh20\program files\dna\btdna.exe |
"TCP Query User{4A091EDD-EDD2-49D1-A859-FE765CA84446}C:\program files\atari\test drive unlimited\testdriveunlimited.exe" = protocol=6 | dir=in | app=c:\program files\atari\test drive unlimited\testdriveunlimited.exe |
"TCP Query User{52F63D61-457E-484E-B7BC-D5658405173F}C:\program files\steam\steamapps\mh20cz\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\mh20cz\team fortress 2\hl2.exe |
"TCP Query User{5A3A8061-1777-4526-B4C5-5DA6B14D5F3D}D:\program files\duke nukem - manhattan project\prism3d.exe" = protocol=6 | dir=in | app=d:\program files\duke nukem - manhattan project\prism3d.exe |
"TCP Query User{6BB250A0-AE7C-4993-B2C7-F78A914FEAA0}C:\program files\stardock games\demigod demo\bin\demigod.exe" = protocol=6 | dir=in | app=c:\program files\stardock games\demigod demo\bin\demigod.exe |
"TCP Query User{76EDAE29-EEDB-47C7-AB63-A28AF0063BA5}C:\program files\kane a lych\kaneandlynch.exe" = protocol=6 | dir=in | app=c:\program files\kane a lych\kaneandlynch.exe |
"TCP Query User{7720EA69-CE05-4FB7-91BD-C2B842A85423}C:\program files\steam\steamapps\common\half-life 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\half-life 2\hl2.exe |
"TCP Query User{7A19AB93-E3A2-4A82-BAAB-52DFCDA90BDA}C:\program files\section 8\binaries\s8game-f.exe" = protocol=6 | dir=in | app=c:\program files\section 8\binaries\s8game-f.exe |
"TCP Query User{88E5881A-7CCC-408B-A416-10E18DC75EFA}C:\program files\driftcity\driftcity.exe" = protocol=6 | dir=in | app=c:\program files\driftcity\driftcity.exe |
"TCP Query User{8E1B44BC-BEDF-4A80-9A08-FA954D5B3817}C:\program files\duke nukem - manhattan project\prism3d.exe" = protocol=6 | dir=in | app=c:\program files\duke nukem - manhattan project\prism3d.exe |
"TCP Query User{A88702A5-B2C9-4B49-B354-1CCF38ED10A7}C:\ijji\english\outbound_pul.exe" = protocol=6 | dir=in | app=c:\ijji\english\outbound_pul.exe |
"TCP Query User{C0C6798C-5B98-42FF-AC6E-62E5E2F1B9BF}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{C50D07C8-FFF9-42CA-9CF9-0783DF225450}C:\program files\red faction guerrilla\rfg.exe" = protocol=6 | dir=in | app=c:\program files\red faction guerrilla\rfg.exe |
"TCP Query User{D70B5352-3406-434F-B835-EAD05A5598D6}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{E3C1779E-AB6D-4226-A2AD-AE179AF4A320}C:\program files\ijji\ijji reactor\outbound_pul.exe" = protocol=6 | dir=in | app=c:\program files\ijji\ijji reactor\outbound_pul.exe |
"TCP Query User{E77AB2F2-A02B-4348-8E63-E1CF4DAA9BF4}C:\program files\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=c:\program files\borderlands\binaries\borderlands.exe |
"TCP Query User{F38E70D8-46F4-43C4-99F2-246907B30E1B}C:\program files\xfire\dppm_source.exe" = protocol=6 | dir=in | app=c:\program files\xfire\dppm_source.exe |
"TCP Query User{FE7A6C8D-BF21-4124-8F72-4010C1200C6F}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"UDP Query User{029C0308-8C24-4176-8F28-6C55C6D69DC7}D:\program files\duke nukem - manhattan project\prism3d.exe" = protocol=17 | dir=in | app=d:\program files\duke nukem - manhattan project\prism3d.exe |
"UDP Query User{0523052A-37FE-4D74-88B9-FE86E0AF4812}C:\program files\atari\test drive unlimited\testdriveunlimited.exe" = protocol=17 | dir=in | app=c:\program files\atari\test drive unlimited\testdriveunlimited.exe |
"UDP Query User{195DD0F7-06D5-4CFF-BBC8-E9668E7D5CAF}C:\program files\ijji\ijji reactor\outbound_pul.exe" = protocol=17 | dir=in | app=c:\program files\ijji\ijji reactor\outbound_pul.exe |
"UDP Query User{1CACD79F-D60E-4225-9004-EA05D4315B02}C:\program files\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=c:\program files\borderlands\binaries\borderlands.exe |
"UDP Query User{1F84392E-BCA9-4F76-B58D-D01C5575B1E7}C:\users\mh20\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\mh20\program files\dna\btdna.exe |
"UDP Query User{28E7700F-36C1-439B-B458-952061F3560D}C:\aeriagames\wolfteam\wolfteam.bin" = protocol=17 | dir=in | app=c:\aeriagames\wolfteam\wolfteam.bin |
"UDP Query User{2A966414-AC34-4974-B811-E5AE4871CF76}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{38A09D1A-1E71-4170-B93E-396EA3CD7057}C:\program files\driftcity\driftcity.exe" = protocol=17 | dir=in | app=c:\program files\driftcity\driftcity.exe |
"UDP Query User{459A9060-3D2E-4C38-9052-EE8BF6FAFC0F}C:\program files\red faction guerrilla\rfg.exe" = protocol=17 | dir=in | app=c:\program files\red faction guerrilla\rfg.exe |
"UDP Query User{50642B61-A86B-4936-9EF8-2E483F972EFB}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{55DC4B95-E707-4609-AF32-D3FD814465F3}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
"UDP Query User{5BBF2F1E-42F8-4DC1-B72E-9F76DF42670A}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{673DD45A-6B01-4FAB-9149-D680697665F7}C:\program files\wolfenstein - enemy territory\et.exe" = protocol=17 | dir=in | app=c:\program files\wolfenstein - enemy territory\et.exe |
"UDP Query User{6F7AFD67-AF80-4DFA-9F35-69AB84262E2E}C:\program files\duke nukem - manhattan project\prism3d.exe" = protocol=17 | dir=in | app=c:\program files\duke nukem - manhattan project\prism3d.exe |
"UDP Query User{7F26635F-D7B1-4EE7-B10D-C8E1057CD236}C:\program files\xfire\dppm_source.exe" = protocol=17 | dir=in | app=c:\program files\xfire\dppm_source.exe |
"UDP Query User{873F75A7-610B-4C0C-B82E-1D9ACD0D00B1}C:\program files\stardock games\demigod demo\bin\demigod.exe" = protocol=17 | dir=in | app=c:\program files\stardock games\demigod demo\bin\demigod.exe |
"UDP Query User{8B3CF0DD-34AF-4A7C-81F7-16E56CC4B102}C:\program files\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe |
"UDP Query User{A0ADE4A1-7CAB-4B28-AA38-EE0888497CC6}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{AB9A1ACA-4488-4C85-B53C-CAE6F095B41A}C:\ijji\english\outbound_pul.exe" = protocol=17 | dir=in | app=c:\ijji\english\outbound_pul.exe |
"UDP Query User{AE975D58-1A2F-405B-810F-520484D14E4B}C:\program files\steam\steamapps\common\counter-strike\hl.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\counter-strike\hl.exe |
"UDP Query User{AF0A9BC9-941C-4673-9187-E269379369DE}C:\program files\steam\steamapps\common\half-life 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\half-life 2\hl2.exe |
"UDP Query User{B00AD955-95A7-4DF5-B7FC-2B9DBB3D7FD0}C:\program files\steam\steamapps\mh20cz\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\mh20cz\team fortress 2\hl2.exe |
"UDP Query User{B12FDD8F-443C-44E4-8887-2E88C106E94C}C:\program files\section 8\binaries\s8game-f.exe" = protocol=17 | dir=in | app=c:\program files\section 8\binaries\s8game-f.exe |
"UDP Query User{D5B10F5D-B155-4A30-B1BA-06E6F13A7B4E}C:\program files\steam\steamapps\common\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\counter-strike source\hl2.exe |
"UDP Query User{F193BC7D-61A0-4853-8725-C88AE3A0E19F}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{F880AADF-6F30-434C-9847-5BF785C28F52}C:\program files\kane a lych\kaneandlynch.exe" = protocol=17 | dir=in | app=c:\program files\kane a lych\kaneandlynch.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{04634A14-619B-4F53-88B3-2A48FB3A99C6}" = TwelveSky2
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{067EC517-9731-43FD-B4D5-296EE0027BBB}" = LogMeIn Hamachi
"{068B46A0-8858-4CEB-80BC-A4AE787A05FC}" = Windows Live Sync
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{07B739FD-DD3E-5060-6DF2-1D0A6448C192}" = Catalyst Control Center Graphics Full Existing
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0F31532A-16F1-4812-8B7B-D321A4CE91A6}" = Sony Vegas Pro 8.0
"{101C938A-B723-97FB-A065-EDFD782E5978}" = Catalyst Control Center Graphics Light
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Pomocník pro přihlášení ke službě Windows Live ID
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{19DDEE14-1A97-196F-B33B-5F069C929ACA}" = HydraVision
"{1D097338-B4FA-4F29-9C43-8D7A970A007E}" = Windows Live Fotogalerie
"{1F61E0B1-1AB8-F15E-07C4-46D100A1D3F7}" = Borderlands
"{1FF713E1-FE5E-4AD0-9C8C-B2E877846B45}" = Catalyst Control Center - Branding
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24557DC0-0839-496f-82F9-C4EB72EFE4FA}" = HP Deskjet All-In-One Software 8.0
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2EE90F26-20B3-4423-81DE-E57E5D2E4FEF}" = Zoner GIF Animator 5
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{36787A11-7848-3C1C-17E3-667A9FFB0E9C}" = Catalyst Control Center Core Implementation
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{39CB30DB-27F8-4dd4-A294-CB4AE3B584FD}" = Copy
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{479A749B-1684-4881-8266-BF8DD22251E7}" = Windows Live Writer
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4DFAEE3E-3489-5236-9028-1A5B9B359CD0}" = Catalyst Control Center Graphics Full New
"{4F62B1AE-E778-49E2-9C57-C1C65A122098}" = Zoner Callisto 5
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{553B20C6-59CD-4C2F-BE37-16ABF32064BF}" = aTube Catcher 1.0
"{564D0000-547B-4ED8-8070-85286CC8C9BF}" = OpenOffice.org 3.0
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{582287DA-0806-4AC0-BF19-C15E3A466034}" = LightScribe System Software 1.12.33.2
"{5977A284-6ADB-4CC1-BEC5-1CDE7908ACA3}" = Vista Manager
"{5E992B43-7F22-59E9-4BCF-FD5157F221F9}" = ATI AVIVO Codecs
"{5FE82A80-8985-082F-9B61-7EEDB1FCB461}" = ccc-core-static
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{657F8B33-CBBB-45F4-9087-274F22C89400}" = DJ_AIO_ProductContext
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{6E257F26-57FA-4BC9-AE3B-D50AF937DA7F}" = Windows Live Toolbar
"{71E40B32-5173-4538-8996-5822DD18E8D4}" = Windows Live Messenger
"{72651B0D-1313-4F03-96B7-47A04E2F24E1}" = i-Look 111
"{72736F5F-520D-472A-88CC-7B02872FD34E}" = ATI Catalyst Registration
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75548950-70C2-45F2-A99E-88C157AF9666}" = nProtect Security Platform 2007
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78610B4D-3157-9EA6-905E-64F144EC1E30}" = Catalyst Control Center Graphics Previews Common
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{80CCA55B-FCA8-47E2-9BFE-A24CDEE51029}" = SecurDisc Viewer
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{83F81F91-7BE9-44D1-98AF-2B87E0B8710C}" = AMD Fusion for Gaming
"{86CE1746-9EFF-3C9C-8755-81EA8903AC34}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Client 1.10.01
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8A7CAA24-7B23-410B-A7C3-F994B0944160}" = Microsoft Virtual PC 2007
"{8B9336DB-8D04-4325-BAFC-C7141D8E6CA1}" = Duke Nukem - Manhattan Project
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = ijji REACTOR
"{9074AFC0-CFDA-11DE-B484-005056806466}" = Google Earth
"{94118D5F-2D5D-4BF5-9F84-11FB8A97B566}" = 2d3 SteadyMove for Adobe Premiere Pro
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96FF1134-84D4-8E51-0C1D-1798C6EED45E}" = Catalyst Control Center Graphics Previews Vista
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{99D3379A-4741-FC40-5E63-E47DD31560D2}" = CCC Help English
"{9B0A1878-5E40-499D-911A-3AF784BB7F69}" = i-Look 111
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9ECB4705-B9CB-405A-B6D4-33BDF707308E}" = DJ_AIO_Software
"{A0F66FCA-8206-9034-9B67-D1F50DA2DDAC}" = Catalyst Control Center HydraVision Full
"{A14F7508-B784-40B8-B11A-E0E2EEB7229F}" = Adobe Premiere Pro 1.5
"{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A548C254-03BB-22F8-1064-899487B3CF85}" = Catalyst Control Center InstallProxy
"{A589DA26-51BD-475D-8C32-E19E34145842}" = Camtasia Studio 6
"{A8BBAA6B-71BE-4AA2-A9DE-76BF38473E5F}" = ATI AVIVO Codecs
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AB06254A-9A28-F8AD-236E-FB5C3108FE85}" = ATI Catalyst Install Manager
"{AC08BBA0-96B9-431A-A7D0-D8598E493775}" = RESIDENT EVIL 5
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AEDBD563-24BB-4EE3-8366-A654DAC2D988}" = Mirror's Edge
"{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B0490CEE-D5ED-431A-88EB-772D9DB70C0C}" = Windows Live Movie Maker
"{B2C61EBB-F47C-48ba-B375-27A40F8F48F7}" = HP Deskjet All-In-One Driver Software 9.0.A Corporate Edition
"{B2D1B6C2-B70A-4217-B5D7-36C846FD8E9E}" = HolyBeast
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B4F35A00-24FD-4fb3-BF5E-413D5423434D}" = DJ_AIO_Software_min
"{B607C354-CD79-4D22-86D1-92DC94153F42}" = Apple Application Support
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed SHIFT
"{BC6D5EAF-D314-4f47-8951-42CF14CB7316}" = dj_aio_corporate
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}" = Test Drive Unlimited
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C69405BB-27AF-4940-B3DA-04910B4DFD23}_is1" = aTube Catcher 1.0
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{CA50045C-5119-48e7-9BA7-6B317379857A}" = DJ_AIO_Software
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}" = iTunes
"{D6044256-A309-43B5-9833-D3FAFE2AD24D}" = MagicTune Premium
"{DC83F417-8068-4074-BA2F-C4F8AB872556}" = DJ_AIO_Software_min
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DD9AA626-0FB1-43D6-90FE-BF906F7B6FBF}" = Multimedia Keyboard Driver 1.0
"{E14B8A08-42B3-4676-9E91-1D39F8158DA1}" = HP Print Diagnostic Utility
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E3F328E4-EB9F-4ABF-8FF3-5AD0472743D8}" = Windows Live Essentials
"{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}" = Windows Live Mail
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{EA450D5D-95EA-4FD0-B8B0-6D8E68FBE2C7}" = Impulse
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EFE1AB94-5466-4B6E-BE31-FF4C115FD25D}" = Max Payne 2
"{F0AAE3C5-D70C-4F3C-8B6A-EC3992921029}" = Nero 8 Essentials
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F6124436-F906-7B89-7009-50BB8CD7CA93}" = ccc-utility
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{F86AD773-5BC0-499B-9F48-4E0D5FED759D}" = Windows Live Zabezpečení rodiny
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone Configuration Utility
"{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}" = HP Deskjet All-In-One Software 9.0
"{FC2C7405-BC58-4E11-8F51-29671BEAC06B}" = Natural Color Pro
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"µTorrent CZ_is1" = µTorrent CZ 1.8.3 (build 15772)
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Balíček ovladače systému Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"ASIO4ALL" = ASIO4ALL
"AV Music Morpher Gold" = AV Music Morpher Gold
"avast!" = avast! Antivirus
"BFG-Brain Challenge" = Brain Challenge
"BFGC" = Big Fish Games Client
"CCleaner" = CCleaner
"Collab" = Collab
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Deckadance" = Deckadance
"Demigod Demo" = Demigod Demo
"DriftCity" = Drift City
"DualCoreCenter_is1" = DualCoreCenter
"DVD Shrink_is1" = DVD Shrink 3.2
"EADM" = EA Download Manager
"eMule" = eMule
"Firefox Windows Media Player XPI" = Firefox Windows Media Player XPI
"FL Studio 8" = FL Studio 8
"FL Studio 9" = FL Studio 9
"GameParkClient_is1" = GamePark
"Google Updater" = Google Updater
"Hardcore" = Hardcore
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"IL Download Manager" = IL Download Manager
"Impulse" = Impulse
"InstallShield_{8B9336DB-8D04-4325-BAFC-C7141D8E6CA1}" = Duke Nukem - Manhattan Project
"InstallShield_{9B0A1878-5E40-499D-911A-3AF784BB7F69}" = i-Look 111
"InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.6)" = Mozilla Firefox (3.5.6)
"MSI Live Update 3" = MSI Live Update 3
"OpenAL" = OpenAL
"PhotoScape" = PhotoScape
"PoiZone" = PoiZone
"Project Torque" = Project Torque
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"Sawer" = Sawer
"Steam App 220" = Half-Life 2
"Steam App 340" = Half-Life 2: Lost Coast
"Steam App 380" = Half-Life 2: Episode One
"Steam App 400" = Portal
"Steam App 420" = Half-Life 2: Episode Two
"Steam App 440" = Team Fortress 2
"Steam App 500" = Left 4 Dead
"Steam App 510" = Left 4 Dead Dedicated Server
"Steam App 513" = Left 4 Dead Authoring Tools
"TeamViewer 5" = TeamViewer 5
"The KMPlayer" = The KMPlayer (remove only)
"Total Video Converter 3.50_is1" = Total Video Converter 3.50
"Toxic Biohazard" = Toxic Biohazard
"Undelete Plus_is1" = Undelete Plus 2.93
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Wolfenstein - Enemy Territory" = Wolfenstein - Enemy Territory
"WolfTeam" = WolfTeam
"Xfire" = Xfire (remove only)
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
"Zoner 3D Photo Maker_is1" = Zoner 3D Photo Maker

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"IMVU Avatar chat client software BETA" = IMVU Avatar Chat Software
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 12.10.2009 15:50:05 | Computer Name = MH20-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of D:\_SC_0223.JPG failed, 00000015.

Error - 12.10.2009 15:50:06 | Computer Name = MH20-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of D:\_SC_0224.JPG failed, 00000015.

Error - 12.10.2009 15:50:07 | Computer Name = MH20-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of D:\_SC_0225.JPG failed, 00000015.

Error - 12.10.2009 15:50:08 | Computer Name = MH20-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of D:\_SC_0226.JPG failed, 00000015.

Error - 3.11.2009 15:53:15 | Computer Name = MH20-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of D:\P7080171.JPG failed, 00000015.

Error - 3.11.2009 15:55:31 | Computer Name = MH20-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of D:\P1000331.JPG failed, 00000015.

Error - 3.11.2009 16:00:29 | Computer Name = MH20-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of D:\_SC_0234.JPG failed, 00000015.

Error - 3.11.2009 16:35:08 | Computer Name = MH20-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of D:\IMG_3343.JPG failed, 00000015.

Error - 4.11.2009 17:38:59 | Computer Name = MH20-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of D:\P1070649.JPG failed, 00000015.

Error - 9.1.2010 5:26:05 | Computer Name = MH20-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\MH20\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RQFFTQYO\2467[2].jpg
failed, 00000005.

[ Application Events ]
Error - 15.1.2010 16:54:30 | Computer Name = MH20-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.18865, časové razítko
0x4b077416, chybující modul Flash10d.ocx, verze 10.0.42.34, časové razítko 0x4ae7baed,
kód výjimky 0xc0000005, posun chyby 0x0023f03a, ID procesu 0x740c, čas spuštění
aplikace 0x01ca961f1d62e82e.

Error - 15.1.2010 17:23:17 | Computer Name = MH20-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.18865, časové razítko
0x4b077416, chybující modul msidcrl40.dll, verze 5.0.810.6, časové razítko 0x48d19fc2,
kód výjimky 0x40000015, posun chyby 0x000cbe40, ID procesu 0x5dfc, čas spuštění
aplikace 0x01ca962525d5ffe0.

Error - 15.1.2010 17:28:34 | Computer Name = MH20-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.18865, časové razítko
0x4b077416, chybující modul ntdll.dll, verze 6.0.6002.18005, časové razítko 0x49e03821,
kód výjimky 0xc0000005, posun chyby 0x00041e3c, ID procesu 0x7340, čas spuštění
aplikace 0x01ca96299b134ef8.

Error - 15.1.2010 17:28:55 | Computer Name = MH20-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.18865, časové razítko
0x4b077416, chybující modul SkypeIEPlugin.dll_unloaded, verze 0.0.0.0, časové razítko
0x4a5c7a42, kód výjimky 0xc0000005, posun chyby 0x061a4294, ID procesu 0x58c8, čas
spuštění aplikace 0x01ca9629b23ec878.

Error - 15.1.2010 17:32:58 | Computer Name = MH20-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.18865, časové razítko
0x4b077416, chybující modul SkypeIEPlugin.dll_unloaded, verze 0.0.0.0, časové razítko
0x4a5c7a42, kód výjimky 0xc0000005, posun chyby 0x07c08e20, ID procesu 0x54d4, čas
spuštění aplikace 0x01ca9629bec954af.

Error - 15.1.2010 17:54:59 | Computer Name = MH20-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.18865, časové razítko
0x4b077416, chybující modul unknown, verze 0.0.0.0, časové razítko 0x00000000,
kód výjimky 0xc0000005, posun chyby 0x071befff, ID procesu 0x7b0, čas spuštění aplikace
0x01ca95fffb1a0f91.

Error - 15.1.2010 18:07:04 | Computer Name = MH20-PC | Source = WinMgmt | ID = 10
Description =

Error - 15.1.2010 18:32:29 | Computer Name = MH20-PC | Source = MsiInstaller | ID = 11706
Description =

Error - 15.1.2010 18:34:58 | Computer Name = MH20-PC | Source = Perflib | ID = 1008
Description =

Error - 16.1.2010 5:21:20 | Computer Name = MH20-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 21.10.2009 10:04:46 | Computer Name = MH20-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 21.10.2009 10:05:52 | Computer Name = MH20-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 21.10.2009 10:06:55 | Computer Name = MH20-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 21.10.2009 10:08:10 | Computer Name = MH20-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 22.10.2009 5:58:43 | Computer Name = MH20-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 22.10.2009 6:03:43 | Computer Name = MH20-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 22.10.2009 6:04:38 | Computer Name = MH20-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 22.10.2009 6:05:34 | Computer Name = MH20-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 22.10.2009 6:06:52 | Computer Name = MH20-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 22.10.2009 9:42:45 | Computer Name = MH20-PC | Source = Service Control Manager | ID = 7022
Description =


< End of report >

[MH20]

Když sem sputil gmer tak se mi udělal první rychlý test snad mám log

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-01-16 10:53:30
Windows 6.0.6002 Service Pack 2
Running: gmer.exe; Driver: C:\Users\MH20\AppData\Local\Temp\kxldypog.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

---- EOF - GMER 1.0.15 ----

a při tom hlavním se mi asi snad u konce freezla obrazovka rozmazala a nastalo modré okno a pc se restartoval snad nějaká chyba...mám gmer sken provést znovu?

[motji]

Zkuste ho spustit v nouzovém režimu

[MH20]

Tak
prvně mi to přestalo odpovídat ale po druhé už to bylo v poho vkládám log

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-01-17 20:06:59
Windows 6.0.6002 Service Pack 2
Running: gmer.exe; Driver: C:\Users\MH20\AppData\Local\Temp\kxldypog.sys


---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\Explorer.EXE[1124] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [73EC7817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1124] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [73F1A86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1124] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [73ECBB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1124] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [73EBF695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1124] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [73EC75E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1124] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [73EBE7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1124] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [73EF8395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1124] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [73ECDA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1124] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [73EBFFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1124] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [73EBFF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1124] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [73EB71CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1124] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [73F4CAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1124] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [73EEC8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1124] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [73EBD968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1124] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [73EB6853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1124] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [73EB687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1124] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [73EC2AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xBC 0x27 0xFE 0x96 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x59 0x8F 0xA6 0x20 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xA3 0x2F 0xF5 0x51 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\Config@FrequencyCorrectRate 4
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\Config@PollAdjustFactor 5
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\Config@LargePhaseOffset 50000000
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\Config@SpikeWatchPeriod 900
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\Config@LocalClockDispersion 10
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\Config@HoldPeriod 5
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\Config@PhaseCorrectRate 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\Config@UpdateInterval 360000
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\Config@EventLogFlags 2
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\Config@AnnounceFlags 10
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\Config@TimeJumpAuditOffset 28800
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\Config@MinPollInterval 10
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\Config@MaxPollInterval 15
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\Config@MaxNegPhaseCorrection 54000
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\Config@MaxPosPhaseCorrection 54000
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\Config@MaxAllowedPhaseOffset 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient@DllName %systemroot%\system32\w32time.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient@Enabled 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient@InputProvider 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient@AllowNonstandardModeCombinations 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient@CrossSiteSyncFlags 2
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient@ResolvePeerBackoffMinutes 15
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient@ResolvePeerBackoffMaxTimes 7
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient@CompatibilityFlags -2147483648
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient@EventLogFlags 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient@LargeSampleSkew 3
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient@SpecialPollInterval 604800
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient@SpecialPollTimeRemaining time.windows.com,7b1a380???????????
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer@DllName %systemroot%\system32\w32time.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer@Enabled 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer@InputProvider 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer@AllowNonstandardModeCombinations 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer@EventLogFlags 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer@ChainEntryTimeout 16
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer@ChainMaxEntries 128
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer@ChainMaxHostEntries 4
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer@ChainDisable 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer@ChainLoggingRate 30
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xBC 0x27 0xFE 0x96 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x59 0x8F 0xA6 0x20 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xA3 0x2F 0xF5 0x51 ...
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\Config@FrequencyCorrectRate 4
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\Config@PollAdjustFactor 5
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\Config@LargePhaseOffset 50000000
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\Config@SpikeWatchPeriod 900
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\Config@LocalClockDispersion 10
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\Config@HoldPeriod 5
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\Config@PhaseCorrectRate 1
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\Config@UpdateInterval 360000
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\Config@EventLogFlags 2
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\Config@AnnounceFlags 10
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\Config@TimeJumpAuditOffset 28800
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\Config@MinPollInterval 10
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\Config@MaxPollInterval 15
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\Config@MaxNegPhaseCorrection 54000
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\Config@MaxPosPhaseCorrection 54000
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\Config@MaxAllowedPhaseOffset 1
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\TimeProviders\NtpClient (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\TimeProviders\NtpClient@DllName %systemroot%\system32\w32time.dll
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\TimeProviders\NtpClient@Enabled 1
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\TimeProviders\NtpClient@InputProvider 1
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\TimeProviders\NtpClient@AllowNonstandardModeCombinations 1
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\TimeProviders\NtpClient@CrossSiteSyncFlags 2
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\TimeProviders\NtpClient@ResolvePeerBackoffMinutes 15
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\TimeProviders\NtpClient@ResolvePeerBackoffMaxTimes 7
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\TimeProviders\NtpClient@CompatibilityFlags -2147483648
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\TimeProviders\NtpClient@EventLogFlags 1
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\TimeProviders\NtpClient@LargeSampleSkew 3
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\TimeProviders\NtpClient@SpecialPollInterval 604800
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\TimeProviders\NtpClient@SpecialPollTimeRemaining time.windows.com,7b1a380???????????
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\TimeProviders\NtpServer (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\TimeProviders\NtpServer@DllName %systemroot%\system32\w32time.dll
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\TimeProviders\NtpServer@Enabled 0
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\TimeProviders\NtpServer@InputProvider 0
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\TimeProviders\NtpServer@AllowNonstandardModeCombinations 1
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\TimeProviders\NtpServer@EventLogFlags 0
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\TimeProviders\NtpServer@ChainEntryTimeout 16
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\TimeProviders\NtpServer@ChainMaxEntries 128
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\TimeProviders\NtpServer@ChainMaxHostEntries 4
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\TimeProviders\NtpServer@ChainDisable 0
Reg HKLM\SYSTEM\ControlSet003\Services\W32Time\TimeProviders\NtpServer@ChainLoggingRate 30

---- EOF - GMER 1.0.15 ----

[motji]

Stáhněte
http://rootrepeal.googlepages.com/RootRepeal.zip
-Stáhněte,rozbalte a spusťte
-vyberte záložku drivers, pak Files, klikněte na Scan,
-proběhne sken, po něm klikněte na Save Report , tím se uloží log, který zkopírujete sem

[MH20]

ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/01/18 14:20
Program Version: Version 1.3.5.0
Windows Version: Windows Vista SP2
==================================================

Hidden/Locked Files
-------------------
Path: C:\hiberfil.sys
Status: Locked to the Windows API!

Path: C:\System Volume Information\{02F5E~1
Status: Locked to the Windows API!

Path: C:\System Volume Information\{02f5e3d6-fec5-11de-8f98-001d9297f0be}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{057d6695-034c-11df-a6fa-001d9297f0be}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{1958507c-01d7-11df-b6a8-001d9297f0be}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{19585088-01d7-11df-b6a8-001d9297f0be}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{1958508c-01d7-11df-b6a8-001d9297f0be}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{19585092-01d7-11df-b6a8-001d9297f0be}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{1958509e-01d7-11df-b6a8-001d9297f0be}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{32a079d6-f9f5-11de-bc4d-001d9297f0be}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{3a476707-005a-11df-9ad8-001d9297f0be}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{46a8e09b-0286-11df-9503-001d9297f0be}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{46a8e0cd-0286-11df-9503-001d9297f0be}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{5B38E~1
Status: Locked to the Windows API!

Path: C:\System Volume Information\{b208158c-fadf-11de-9d2a-001d9297f0be}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{d54fd378-fc4b-11de-a462-001d9297f0be}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{d54fd37f-fc4b-11de-a462-001d9297f0be}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{f4096e4c-011c-11df-8924-001d9297f0be}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{8d411afc-fd00-11de-83c0-001d9297f0be}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{8d411b05-fd00-11de-83c0-001d9297f0be}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{8d411c2f-fd00-11de-83c0-001d9297f0be}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{8d411c5a-fd00-11de-83c0-001d9297f0be}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{92ab164a-fa1d-11de-a8f6-001d9297f0be}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{88f38d95-fb90-11de-97f7-001d9297f0be}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\Users\MH20\Documents\Filmy
Status: Locked to the Windows API!

Path: C:\Users\MH20\Documents\Hudba
Status: Locked to the Windows API!

Path: C:\Users\MH20\Documents\Obrázky
Status: Locked to the Windows API!

Path: C:\Windows\inf\.NET CLR Data\_DATAP~1.H
Status: Locked to the Windows API!

Path: C:\Windows\inf\.NET Data Provider for SqlServer\_DATAP~2.H
Status: Locked to the Windows API!

Path: C:\Windows\PLA\Reports\REPORT~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\PLA\Rules\RULESS~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\PLA\System\WIRELE~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.91_none_54c1279468b7b84b.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1801_none_d088a2ec442ef17b.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.762_none_abac38a907ee8801.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_60a5df56e60dc5df.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_dcc7eae99ad0d9cf.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.4053_none_6b86c0e9b0196766.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.91_none_db5f5c9d98cb161f.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_4ddfc6cd11929a02.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.21022.8_none_5d1777c2e857a23b.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2r_6bd6b9abf345378f_4.1.0.0_none_3658456fda6654f6.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.91_none_5c400d5e63e93b68.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.42_none_db5f52fb98cb24ad.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.4053_none_3b0e32bdc9afe437.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_c905be8887838ff2.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_f0efb442f8a0f46c.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9870.0_none_b7e00e6c7b30b69b.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.21022.8_none_b59bae9d65014b98.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9818.0_none_b7e811947b297f6d.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_516e2e610f48bda6.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_9193a620671dde41.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_49ef489714173a89.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_51ca66a2bbe76806.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.4.20.microsoft.msxml2_6bd6b9abf345378f_4.20.9876.0_none_a6e4a7980e9b18a2.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_8a14c0566bec5b24.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1801_none_516953ad0f4d16c4.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.91_none_58b1a5ca663317c4.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.21022.8_none_b81d038aaf540e86.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_8dd7dea5d5a7a18a.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.1_none_81c25f21d3d46d84.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.1_none_e29d1181971ae11e.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_818f59bf601aa775.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.91_none_0e9c342f74fd2e58.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.91_none_588445e3d272feb1.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.4.20.microsoft.msxml2_6bd6b9abf345378f_4.20.9870.0_none_a6dea5dc0ea08098.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.21022.8_none_5ce47260749ddc2c.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_8e053e8c6967ba9d.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.1.0.0_none_6c030d6fdc86522c.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2r_6bd6b9abf345378f_4.1.1.0_none_365945b9da656e4d.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.4.1.microsoft.msxml2r_6bd6b9abf345378f_4.1.1.0_none_8b7b15c031cda6db.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.21022.8_none_5926f98ceadc42c2.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.21022.8_none_ecdf8c290e547f39.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_4db266e67dd280ef.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_11ecb0ab9b2caf3c.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.42_none_5c4003bc63e949f6.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.91_none_d6c3f1519bae0514.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.21022.8_none_bdf22a22ab9e15d5.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9876.0_none_b7e610287b2b4ea5.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\amd64_policy.8.0.microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_49e66f4952a1b53b.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.21022.8_none_7ab8cc63a6e4c2a3.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_8550c6b5d18a9128.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.762_none_7b33aa7d218504d2.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_10b2f55f9bffb8f8.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.91_none_dc9917e997f80c63.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_7dd1e0ebd6590e0b.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-csc_exe_config_b03f5f7f11d50a3a_6.0.6000.16720_none_879a188098bde787\CSCEXE~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-csc_exe_config_b03f5f7f11d50a3a_6.0.6000.20883_none_70d22f24b2602c7a\CSCEXE~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-csc_exe_config_b03f5f7f11d50a3a_6.0.6001.18111_none_8774fd36990ff428\CSCEXE~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-installutil_exe_config_rtm_31bf3856ad364e35_6.0.6001.18111_none_c4d43609b70547f3\INSTAL~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_policy.1.2.microsof..op.security.azroles_31bf3856ad364e35_6.0.6000.16386_none_ea83414c2e75b887\Microsoft.Interop.Security.AzRoles.config
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_smsvchost_perf_c_h_31bf3856ad364e35_6.0.6000.16708_none_4180b46a5c473b6d\_SMSVC~1.H
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_smsvchost_perf_c_h_31bf3856ad364e35_6.0.6000.20864_none_41c5708575991d81\_SMSVC~1.H
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_smsvchost_perf_c_h_31bf3856ad364e35_6.0.6001.18096_none_4303a14a59b89802\_SMSVC~1.H
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_smsvchost_perf_c_h_31bf3856ad364e35_6.0.6001.22208_none_43f08fdb728b6c28\_SMSVC~1.H
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_smsvchost_perf_c_ini_31bf3856ad364e35_6.0.6000.16708_none_325856a50f01ab0d\_SMSVC~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_smsvchost_perf_c_ini_31bf3856ad364e35_6.0.6000.20864_none_329d12c028538d21\_SMSVC~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_smsvchost_perf_c_ini_31bf3856ad364e35_6.0.6001.18096_none_33db43850c7307a2\_SMSVC~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_smsvchost_perf_c_ini_31bf3856ad364e35_6.0.6001.22208_none_34c832162545dbc8\_SMSVC~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_ini_31bf3856ad364e35_6.0.6001.18096_none_ca623c938da19f1b\_SERVI~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_ini_31bf3856ad364e35_6.0.6001.18096_none_ca623c938da19f1b\_SERVI~2.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_ini_31bf3856ad364e35_6.0.6001.22208_none_cb4f2b24a6747341\_SERVI~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_ini_31bf3856ad364e35_6.0.6001.22208_none_cb4f2b24a6747341\_SERVI~2.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_ini_31bf3856ad364e35_6.0.6002.18005_none_cca9032f8a7fd6e4\_SERVI~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_ini_31bf3856ad364e35_6.0.6002.18005_none_cca9032f8a7fd6e4\_SERVI~2.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_reg_31bf3856ad364e35_6.0.6000.16708_none_c4f661e592b1c88e\_SERVI~1.REG
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_reg_31bf3856ad364e35_6.0.6000.20864_none_c53b1e00ac03aaa2\_SERVI~1.REG
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_reg_31bf3856ad364e35_6.0.6001.18096_none_c6794ec590232523\_SERVI~1.REG
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_reg_31bf3856ad364e35_6.0.6001.22208_none_c7663d56a8f5f949\_SERVI~1.REG
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_vrg_31bf3856ad364e35_6.0.6000.16708_none_cab9e41b8efd69ed\_SERVI~1.VRG
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_vrg_31bf3856ad364e35_6.0.6000.20864_none_cafea036a84f4c01\_SERVI~1.VRG
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_vrg_31bf3856ad364e35_6.0.6001.18096_none_cc3cd0fb8c6ec682\_SERVI~1.VRG
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_smsvchost_perf_c_vrg_31bf3856ad364e35_6.0.6001.18096_none_35b5d7ed0b402f09\_SMSVC~1.VRG
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_vrg_31bf3856ad364e35_6.0.6001.22208_none_cd29bf8ca5419aa8\_SERVI~1.VRG
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_op_perf_c_reg_31bf3856ad364e35_6.0.6001.18096_none_c7643be32cc49731\_SERVI~1.REG
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wwfcorecomp.resources_31bf3856ad364e35_6.0.6000.16730_cs-cz_76065d223d804830\5515D1~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wwfcorecomp.resources_31bf3856ad364e35_6.0.6000.20895_cs-cz_76541bd756ca0e53\5515D1~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wwfcorecomp.resources_31bf3856ad364e35_6.0.6001.18121_cs-cz_77f86bfe3a9dd687\5515D1~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6000.16730_cs-cz_5b6d660d55709964\5FFB58~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-msbuild_data_files_b03f5f7f11d50a3a_6.0.6001.18111_none_7c8b5cbf426fb0d2\MICROS~1.TAS
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-msbuild_data_files_b03f5f7f11d50a3a_6.0.6001.22230_none_65bfcd5b5c1529e5\MICROS~1.TAS
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-installutil_exe_config_rtm_31bf3856ad364e35_6.0.6001.22230_none_c54732b2d0340648\INSTAL~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-msbuild_core_schema__b03f5f7f11d50a3a_6.0.6000.16720_none_b462fc0cbe880bcb\MICROS~1.XSD
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-msbuild_core_schema__b03f5f7f11d50a3a_6.0.6000.20883_none_9d9b12b0d82a50be\MICROS~1.XSD
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-msbuild_core_schema__b03f5f7f11d50a3a_6.0.6001.18111_none_b43de0c2beda186c\MICROS~1.XSD
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-msbuild_core_schema__b03f5f7f11d50a3a_6.0.6001.22230_none_9d72515ed87f917f\MICROS~1.XSD
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-msbuild_data_files_b03f5f7f11d50a3a_6.0.6000.16720_none_7cb07809421da431\MICROS~1.TAS
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-msbuild_data_files_b03f5f7f11d50a3a_6.0.6000.20883_none_65e88ead5bbfe924\MICROS~1.TAS
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-installutil_exe_config_rtm_31bf3856ad364e35_6.0.6000.16720_none_c2e2272db9e7b99c\INSTAL~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-installutil_exe_config_rtm_31bf3856ad364e35_6.0.6000.20883_none_c32de54ed3334d11\INSTAL~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-dv_aspnetmmc_chm_res_b03f5f7f11d50a3a_6.0.6000.16720_none_f49cbb9015dc43b3\DV_ASP~1.CHM
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-dv_aspnetmmc_chm_res_b03f5f7f11d50a3a_6.0.6000.20883_none_ddd4d2342f7e88a6\DV_ASP~1.CHM
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-dv_aspnetmmc_chm_res_b03f5f7f11d50a3a_6.0.6001.18111_none_f477a046162e5054\DV_ASP~1.CHM
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-dv_aspnetmmc_chm_res_b03f5f7f11d50a3a_6.0.6001.22230_none_ddac10e22fd3c967\DV_ASP~1.CHM
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-data_perf_h_b03f5f7f11d50a3a_6.0.6000.16720_none_ea4958dde0dcb61b\_DATAP~1.H
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-data_perf_h_b03f5f7f11d50a3a_6.0.6000.16720_none_ea4958dde0dcb61b\_DATAP~2.H
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-data_perf_h_b03f5f7f11d50a3a_6.0.6000.20883_none_d3816f81fa7efb0e\_DATAP~1.H
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-data_perf_h_b03f5f7f11d50a3a_6.0.6000.20883_none_d3816f81fa7efb0e\_DATAP~2.H
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-data_perf_h_b03f5f7f11d50a3a_6.0.6001.18111_none_ea243d93e12ec2bc\_DATAP~1.H
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-data_perf_h_b03f5f7f11d50a3a_6.0.6001.18111_none_ea243d93e12ec2bc\_DATAP~2.H
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-data_perf_h_b03f5f7f11d50a3a_6.0.6001.22230_none_d358ae2ffad43bcf\_DATAP~1.H
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-data_perf_h_b03f5f7f11d50a3a_6.0.6001.22230_none_d358ae2ffad43bcf\_DATAP~2.H
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-csc_exe_config_b03f5f7f11d50a3a_6.0.6001.22230_none_70a96dd2b2b56d3b\CSCEXE~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-config_files_.._gacutil_exe_config_31bf3856ad364e35_6.0.6000.16720_none_9b01a5fdd9371aff\GACUTI~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-config_files_.._gacutil_exe_config_31bf3856ad364e35_6.0.6000.20883_none_9b4d641ef282ae74\GACUTI~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-config_files_.._gacutil_exe_config_31bf3856ad364e35_6.0.6001.18111_none_9cf3b4d9d654a956\GACUTI~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-config_files_.._gacutil_exe_config_31bf3856ad364e35_6.0.6001.22230_none_9d66b182ef8367ab\GACUTI~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_op_perf_c_reg_31bf3856ad364e35_6.0.6001.22208_none_c8512a7445976b57\_SERVI~1.REG
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_smsvchost_perf_c_vrg_31bf3856ad364e35_6.0.6001.22208_none_36a2c67e2413032f\_SMSVC~1.VRG
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_op_perf_c_h_31bf3856ad364e35_6.0.6000.16708_none_f87832f6f02b1a0c\_SERVI~1.H
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_op_perf_c_h_31bf3856ad364e35_6.0.6000.20864_none_f8bcef12097cfc20\_SERVI~1.H
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_op_perf_c_h_31bf3856ad364e35_6.0.6001.18096_none_f9fb1fd6ed9c76a1\_SERVI~1.H
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_op_perf_c_h_31bf3856ad364e35_6.0.6001.22208_none_fae80e68066f4ac7\_SERVI~1.H
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_op_perf_c_ini_31bf3856ad364e35_6.0.6000.16708_none_c1843fad322b4004\_SERVI~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_op_perf_c_ini_31bf3856ad364e35_6.0.6000.16708_none_c1843fad322b4004\_SERVI~2.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_op_perf_c_ini_31bf3856ad364e35_6.0.6000.20864_none_c1c8fbc84b7d2218\_SERVI~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_op_perf_c_ini_31bf3856ad364e35_6.0.6000.20864_none_c1c8fbc84b7d2218\_SERVI~2.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_op_perf_c_ini_31bf3856ad364e35_6.0.6001.18096_none_c3072c8d2f9c9c99\_SERVI~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_op_perf_c_ini_31bf3856ad364e35_6.0.6001.18096_none_c3072c8d2f9c9c99\_SERVI~2.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_op_perf_c_ini_31bf3856ad364e35_6.0.6001.22208_none_c3f41b1e486f70bf\_SERVI~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_op_perf_c_ini_31bf3856ad364e35_6.0.6001.22208_none_c3f41b1e486f70bf\_SERVI~2.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_op_perf_c_ini_31bf3856ad364e35_6.0.6002.18005_none_c54df3292c7ad462\_SERVI~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_op_perf_c_ini_31bf3856ad364e35_6.0.6002.18005_none_c54df3292c7ad462\_SERVI~2.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_op_perf_c_reg_31bf3856ad364e35_6.0.6000.16708_none_c5e14f032f533a9c\_SERVI~1.REG
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_op_perf_c_reg_31bf3856ad364e35_6.0.6000.20864_none_c6260b1e48a51cb0\_SERVI~1.REG
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_smsvchost_perf_c_reg_31bf3856ad364e35_6.0.6000.16708_none_2e6f68d711833115\_SMSVC~1.REG
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_smsvchost_perf_c_reg_31bf3856ad364e35_6.0.6000.20864_none_2eb424f22ad51329\_SMSVC~1.REG
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_smsvchost_perf_c_reg_31bf3856ad364e35_6.0.6001.18096_none_2ff255b70ef48daa\_SMSVC~1.REG
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_smsvchost_perf_c_reg_31bf3856ad364e35_6.0.6001.22208_none_30df444827c761d0\_SMSVC~1.REG
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_smsvchost_perf_c_vrg_31bf3856ad364e35_6.0.6000.16708_none_3432eb0d0dced274\_SMSVC~1.VRG
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_smsvchost_perf_c_vrg_31bf3856ad364e35_6.0.6000.20864_none_3477a7282720b488\_SMSVC~1.VRG
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-netfx3-core_31bf3856ad364e35_6.0.6000.16708_none_65c29499dcf31c4e\FRAMEW~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-netfx3-core_31bf3856ad364e35_6.0.6000.20864_none_660750b4f644fe62\FRAMEW~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-netfx3-core_31bf3856ad364e35_6.0.6001.18096_none_67458179da6478e3\FRAMEW~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_h_31bf3856ad364e35_6.0.6000.16708_none_23cb592eb6e076f6\_SERVI~1.H
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_h_31bf3856ad364e35_6.0.6000.20864_none_24101549d032590a\_SERVI~1.H
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_h_31bf3856ad364e35_6.0.6001.18096_none_254e460eb451d38b\_SERVI~1.H
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_h_31bf3856ad364e35_6.0.6001.22208_none_263b349fcd24a7b1\_SERVI~1.H
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_ini_31bf3856ad364e35_6.0.6000.16708_none_c8df4fb390304286\_SERVI~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_ini_31bf3856ad364e35_6.0.6000.16708_none_c8df4fb390304286\_SERVI~2.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_ini_31bf3856ad364e35_6.0.6000.20864_none_c9240bcea982249a\_SERVI~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_ini_31bf3856ad364e35_6.0.6000.20864_none_c9240bcea982249a\_SERVI~2.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6000.16884_none_9a0b894107fccf79\REPORT~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6000.21082_none_9a92fd9a211c6fd7\REPORT~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.18288_none_9bf5c90f051fc5c6\REPORT~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.18288_none_9bf5c90f051fc5c6\RULESS~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.18288_none_9bf5c90f051fc5c6\WIRELE~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.22468_none_9c9507981e2d2ad5\REPORT~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.22468_none_9c9507981e2d2ad5\RULESS~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.22468_none_9c9507981e2d2ad5\WIRELE~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.18005_none_9e2fbb5f0207ec84\REPORT~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.18005_none_9e2fbb5f0207ec84\RULESS~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.18005_none_9e2fbb5f0207ec84\WIRELE~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.18064_none_9deddb8d02397ad3\REPORT~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.18064_none_9deddb8d02397ad3\RULESS~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.18064_none_9deddb8d02397ad3\WIRELE~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.22170_none_9e68a7441b62d132\REPORT~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.22170_none_9e68a7441b62d132\RULESS~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.22170_none_9e68a7441b62d132\WIRELE~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wwfcorecomp.resources_31bf3856ad364e35_6.0.6002.18005_cs-cz_79f882b237b05373\5515D1~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6001.18121_cs-cz_5d5f74e9528e27bb\5FFB58~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6002.18005_cs-cz_5f5f8b9d4fa0a4a7\5FFB58~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6000.20895_cs-cz_5bbb24c26eba5f87\5FFB58~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-netfx3-core_31bf3856ad364e35_6.0.6001.22208_none_6832700af3374d09\FRAMEW~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-netfx3-core_31bf3856ad364e35_6.0.6002.18005_none_698c4815d742b0ac\FRAMEW~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\Microsoft.NET\Framework\v2.0.50727\MICROS~1.TAS
Status: Locked to the Windows API!

Path: C:\Windows\Microsoft.NET\Framework\v2.0.50727\DV_ASP~1.CHM
Status: Locked to the Windows API!

Path: C:\Windows\Microsoft.NET\Framework\v2.0.50727\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\inf\ServiceModelEndpoint 3.0.0.0\0000\_SERVI~2.INI
Status: Locked to the Windows API!

Path: C:\Windows\inf\ServiceModelOperation 3.0.0.0\0000\_SERVI~2.INI
Status: Locked to the Windows API!

Path: C:\Windows\inf\Windows Workflow Foundation 3.0.0.0\0405\5515D1~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\inf\ServiceModelService 3.0.0.0\0405\5FFB58~1.INI
Status: Locked to the Windows API!

Path: c:\users\mh20\appdata\local\temp\~df1509.tmp
Status: Allocation size mismatch (API: 720896, Raw: 16384)

Path: c:\users\mh20\appdata\local\temp\~df8131.tmp
Status: Allocation size mismatch (API: 524288, Raw: 16384)

Path: c:\users\mh20\appdata\local\temp\~dfeb43.tmp
Status: Allocation size mismatch (API: 16384, Raw: 0)

Path: C:\Windows\assembly\GAC_32\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.0.6000.16386__31bf3856ad364e35\Microsoft.Interop.Security.AzRoles.config
Status: Locked to the Windows API!

Path: C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\_SERVI~1.REG
Status: Locked to the Windows API!

Path: C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\_SERVI~1.REG
Status: Locked to the Windows API!

Path: C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\_SMSVC~1.REG
Status: Locked to the Windows API!

Path: c:\users\mh20\appdata\local\microsoft\internet explorer\recovery\active\{c36596a0-042f-11df-918e-001d9297f0be}.dat
Status: Size mismatch (API: 20992, Raw: 20480)

Path: c:\users\mh20\appdata\local\microsoft\windows\temporary internet files\content.ie5\wpf2c53.tmp
Status: Allocation size mismatch (API: 4096, Raw: 0)

Path: c:\users\mh20\appdata\local\microsoft\windows\temporary internet files\content.ie5\wpf6ef9.tmp
Status: Allocation size mismatch (API: 4096, Raw: 0)

Path: c:\users\mh20\appdata\local\microsoft\windows\temporary internet files\content.ie5\wpf85c.tmp
Status: Allocation size mismatch (API: 32768, Raw: 0)

Path: c:\users\mh20\appdata\local\microsoft\windows\temporary internet files\content.ie5\wpf85d.tmp
Status: Allocation size mismatch (API: 32768, Raw: 0)

Path: c:\users\mh20\appdata\local\microsoft\windows\temporary internet files\content.ie5\wpf85e.tmp
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\users\mh20\appdata\local\microsoft\windows\temporary internet files\content.ie5\wpf86e.tmp
Status: Allocation size mismatch (API: 32768, Raw: 0)

Path: c:\users\mh20\appdata\local\microsoft\windows\temporary internet files\content.ie5\wpf87f.tmp
Status: Allocation size mismatch (API: 16384, Raw: 0)

Path: c:\users\mh20\appdata\local\microsoft\windows\temporary internet files\content.ie5\wpf880.tmp
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\users\mh20\appdata\local\microsoft\windows\temporary internet files\content.ie5\wpf881.tmp
Status: Allocation size mismatch (API: 32768, Raw: 0)

Path: c:\users\mh20\appdata\local\microsoft\windows\temporary internet files\content.ie5\wpf8a1.tmp
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\users\mh20\appdata\local\microsoft\windows\temporary internet files\content.ie5\wpf8a2.tmp
Status: Allocation size mismatch (API: 32768, Raw: 0)

Path: c:\users\mh20\appdata\local\microsoft\windows\temporary internet files\content.ie5\wpf8a3.tmp
Status: Allocation size mismatch (API: 32768, Raw: 0)

Path: c:\users\mh20\appdata\local\microsoft\windows\temporary internet files\content.ie5\wpf8b4.tmp
Status: Allocation size mismatch (API: 32768, Raw: 0)

Path: c:\users\mh20\appdata\local\microsoft\windows\temporary internet files\content.ie5\wpf8d4.tmp
Status: Allocation size mismatch (API: 32768, Raw: 0)

Path: c:\users\mh20\appdata\local\microsoft\windows\temporary internet files\content.ie5\wpf8d5.tmp
Status: Allocation size mismatch (API: 32768, Raw: 0)

Path: c:\users\mh20\appdata\local\microsoft\windows\temporary internet files\content.ie5\wpf8dff.tmp
Status: Allocation size mismatch (API: 32768, Raw: 0)

Path: c:\users\mh20\appdata\local\microsoft\windows\temporary internet files\content.ie5\wpf8e00.tmp
Status: Allocation size mismatch (API: 16384, Raw: 0)

Path: c:\users\mh20\appdata\local\microsoft\windows\temporary internet files\content.ie5\wpf8f2d.tmp
Status: Allocation size mismatch (API: 32768, Raw: 0)

Path: c:\users\mh20\appdata\local\microsoft\windows\temporary internet files\content.ie5\wpf91ef.tmp
Status: Allocation size mismatch (API: 32768, Raw: 0)

[motji]

Ještě poprosím o záložku drivers