Nejsem pánem svého počítače (prosím o kontrolu logů)

[fml]

Zdravím pánové,

mám neblahé tušení, že nejsem pánem svého počítače. Podle instrukcí jsem projel PC pomocí RSIT a níže přikládám logy. Je mi jasné, že nová instalace mě nemine, ale chtěl bych ještě alespoň pár dní fungovat - potřebuji PC k práci. Předem díky za jakoukoliv dobrou radu.

RSIT LOG

Logfile of random's system information tool 1.09 (written by random/random)
Run by David at 2011-09-28 12:00:32
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 66 GB (37%) free of 178 GB
Total RAM: 3070 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:00:37, on 28.9.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Robust IT\Taskix\Taskix32.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\WinOmeter\WinOMeter.exe
C:\Users\David\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Miranda IM\miranda32.exe
C:\Program Files\Synaptics\SynTP\SynAsus.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
D:\Users\David\Desktop\hijackthis.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
D:\Users\David\Desktop\RSIT.exe
C:\Program Files\trend micro\David.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Zshutdown1] c:\preload\patch\sysprep1.cmd
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Taskix] "C:\Program Files\Robust IT\Taskix\Taskix32.exe" start
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WinOMeter] "C:\Program Files\WinOmeter\WinOMeter.exe"
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\David\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BF92B198-42AD-4A11-92F9-377BFDA66176}: NameServer = 192.168.3.1,77.48.100.254
O20 - AppInit_DLLs: APSHook.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apache2.2 - Apache Software Foundation - c:\xampp\apache\bin\httpd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: mysql - Unknown owner - c:\xampp\mysql\bin\mysqld.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 10898 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3440520124-3333511644-2063342229-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3440520124-3333511644-2063342229-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\pcup2nva.default

prefs.js - "browser.startup.homepage" - "http://www.google.cz/"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=Software602 Form Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npwachk.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\pcup2nva.default\extensions\
staged
{0b457cAA-602d-484a-8fe7-c1d894a011ba}
{6AC85730-7D0F-4de0-B3FA-21142DD85326}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2011-08-30 320928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2011-09-15 56712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
ASUS Security Protect Manager - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll [2006-11-21 70928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2011-08-30 320928]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"Zshutdown1"=c:\preload\patch\sysprep1.cmd []
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-11-16 1029416]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-01-15 4874240]
"Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 997920]
"ATKOSD2"=C:\Program Files\ATKOSD2\ATKOSD2.exe [2007-10-17 7737344]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2006-11-22 630784]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864]
"CognizanceTS"=C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll [2003-12-21 17920]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2011-07-11 74752]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-29 937920]
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2011-08-30 624056]
""= []
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-05-24 336384]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2011-06-24 1386776]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2011-07-05 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2011-08-19 421736]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-05-04 252136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-02 136176]
"Taskix"=C:\Program Files\Robust IT\Taskix\Taskix32.exe [2009-11-03 72192]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"WinOMeter"=C:\Program Files\WinOmeter\WinOMeter.exe [2011-05-04 86016]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe -s []

C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\David\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="APSHook.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASWLNPkg

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=serwvdrv.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"

======List of files/folders created in the last 3 months======

2011-09-28 12:00:32 ----D---- C:\rsit
2011-09-28 12:00:32 ----D---- C:\Program Files\trend micro
2011-09-28 11:23:48 ----D---- C:\Users\David\AppData\Roaming\ASUS Security Protect Manager
2011-09-27 19:30:36 ----SHD---- C:\found.001
2011-09-27 18:53:17 ----ASH---- C:\hiberfil.sys
2011-09-27 18:50:13 ----A---- C:\Windows\ntbtlog.txt
2011-09-27 18:08:48 ----SHD---- C:\found.000
2011-09-25 15:47:27 ----D---- C:\Users\David\AppData\Roaming\IrfanView
2011-09-21 16:52:04 ----D---- C:\Users\David\AppData\Roaming\TagScanner
2011-09-21 16:51:46 ----D---- C:\Program Files\TagScanner
2011-09-15 15:53:12 ----D---- C:\Windows\Minidump
2011-09-15 15:45:54 ----D---- C:\Program Files\Android
2011-09-15 15:38:30 ----D---- C:\Program Files\Common Files\Java
2011-09-15 15:37:29 ----A---- C:\Windows\system32\javaws.exe
2011-09-15 15:37:29 ----A---- C:\Windows\system32\javaw.exe
2011-09-15 15:37:29 ----A---- C:\Windows\system32\java.exe
2011-09-15 12:57:33 ----D---- C:\ProgramData\FLEXnet
2011-09-15 09:22:13 ----D---- C:\Users\David\AppData\Roaming\Download Manager
2011-08-29 11:35:16 ----D---- C:\Program Files\MAKEMSI Package Documentation
2011-08-29 11:34:26 ----D---- C:\Program Files\sK1 Project
2011-08-29 09:29:16 ----D---- C:\Users\David\AppData\Roaming\inkscape
2011-08-29 09:21:06 ----D---- C:\Program Files\Inkscape
2011-08-25 19:07:59 ----D---- C:\Users\David\AppData\Roaming\Apprise
2011-08-25 19:07:37 ----D---- C:\Program Files\Toggl Desktop
2011-08-24 12:18:31 ----D---- C:\Program Files\iPod
2011-08-24 12:18:29 ----D---- C:\Program Files\iTunes
2011-08-24 09:09:40 ----A---- C:\Windows\system32\tzres.dll
2011-08-18 10:07:44 ----D---- C:\ProgramData\HPSSUPPLY
2011-08-18 10:04:57 ----HD---- C:\Program Files\Avago-HP
2011-08-18 10:03:18 ----D---- C:\hp_P1000_P1500_Full_Solution
2011-08-18 09:47:55 ----D---- C:\Program Files\HP
2011-08-11 08:47:11 ----A---- C:\Windows\system32\mshtmled.dll
2011-08-11 08:47:10 ----A---- C:\Windows\system32\ieui.dll
2011-08-11 08:47:10 ----A---- C:\Windows\system32\iertutil.dll
2011-08-11 08:47:09 ----A---- C:\Windows\system32\wininet.dll
2011-08-11 08:47:09 ----A---- C:\Windows\system32\jsproxy.dll
2011-08-11 08:47:09 ----A---- C:\Windows\system32\jscript9.dll
2011-08-11 08:47:09 ----A---- C:\Windows\system32\jscript.dll
2011-08-11 08:47:08 ----A---- C:\Windows\system32\urlmon.dll
2011-08-11 08:47:08 ----A---- C:\Windows\system32\url.dll
2011-08-11 08:47:08 ----A---- C:\Windows\system32\ieframe.dll
2011-08-11 08:47:06 ----A---- C:\Windows\system32\mshtml.dll
2011-08-10 13:29:08 ----D---- C:\Program Files\QuickTime
2011-08-10 08:54:51 ----A---- C:\Windows\system32\winsrv.dll
2011-08-10 08:54:48 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-08-10 08:54:42 ----A---- C:\Windows\system32\xmllite.dll
2011-08-10 08:54:00 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-08-10 08:54:00 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-08-10 08:52:19 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-08-07 02:37:05 ----D---- C:\ProgramData\SonicStage
2011-07-26 14:06:34 ----D---- C:\Users\David\AppData\Roaming\gtk-2.0
2011-07-26 13:47:32 ----D---- C:\Program Files\GIMP-2.0
2011-07-25 16:55:05 ----D---- C:\Program Files\Logitech
2011-07-22 18:19:04 ----A---- C:\Windows\system32\XAudio2_7.dll
2011-07-22 18:19:04 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2011-07-22 18:19:03 ----A---- C:\Windows\system32\xactengine3_7.dll
2011-07-22 18:19:03 ----A---- C:\Windows\system32\D3DX9_43.dll
2011-07-22 18:19:03 ----A---- C:\Windows\system32\d3dx11_43.dll
2011-07-22 18:19:03 ----A---- C:\Windows\system32\d3dx10_43.dll
2011-07-22 18:19:03 ----A---- C:\Windows\system32\d3dcsx_43.dll
2011-07-22 18:19:03 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2011-07-22 18:19:02 ----A---- C:\Windows\system32\XAudio2_6.dll
2011-07-22 18:19:02 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2011-07-22 18:19:02 ----A---- C:\Windows\system32\xactengine3_6.dll
2011-07-22 18:19:01 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2011-07-22 18:18:21 ----HD---- C:\Windows\msdownld.tmp
2011-07-22 18:18:21 ----D---- C:\Windows\system32\directx
2011-07-17 13:48:38 ----A---- C:\Windows\system32\drivers\PnkBstrK.sys
2011-07-17 13:48:38 ----A---- C:\Users\David\AppData\Roaming\PnkBstrK.sys
2011-07-17 13:48:01 ----A---- C:\Windows\system32\PnkBstrB.exe
2011-07-17 13:48:00 ----A---- C:\Windows\system32\PnkBstrA.exe
2011-07-17 13:48:00 ----A---- C:\Windows\system32\pbsvc_bc2.exe
2011-07-17 13:47:54 ----A---- C:\Windows\system32\XAudio2_5.dll
2011-07-17 13:47:54 ----A---- C:\Windows\system32\xactengine3_5.dll
2011-07-17 13:47:54 ----A---- C:\Windows\system32\d3dcsx_42.dll
2011-07-17 13:47:54 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2011-07-17 13:47:53 ----A---- C:\Windows\system32\d3dx11_42.dll
2011-07-17 13:47:53 ----A---- C:\Windows\system32\d3dx10_42.dll
2011-07-17 13:47:53 ----A---- C:\Windows\system32\d3dx10_41.dll
2011-07-17 13:47:53 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2011-07-17 13:47:52 ----A---- C:\Windows\system32\XAudio2_4.dll
2011-07-17 13:47:52 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2011-07-17 13:47:52 ----A---- C:\Windows\system32\xactengine3_4.dll
2011-07-17 13:47:52 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2011-07-17 13:47:52 ----A---- C:\Windows\system32\D3DX9_41.dll
2011-07-17 13:47:52 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2011-07-17 13:47:51 ----A---- C:\Windows\system32\XAudio2_3.dll
2011-07-17 13:47:51 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2011-07-17 13:47:51 ----A---- C:\Windows\system32\xactengine3_3.dll
2011-07-17 13:47:51 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2011-07-17 13:47:51 ----A---- C:\Windows\system32\D3DX9_40.dll
2011-07-17 13:47:51 ----A---- C:\Windows\system32\d3dx10_40.dll
2011-07-13 13:00:39 ----D---- C:\Users\David\AppData\Roaming\MyPhoneExplorer
2011-07-13 13:00:31 ----D---- C:\Program Files\MyPhoneExplorer
2011-07-13 09:19:57 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2011-07-13 09:19:57 ----A---- C:\Windows\system32\drivers\bthport.sys
2011-07-13 09:19:53 ----A---- C:\Windows\system32\win32k.sys
2011-07-13 09:19:51 ----A---- C:\Windows\system32\kernel32.dll
2011-07-13 09:19:47 ----A---- C:\Windows\system32\csrsrv.dll
2011-07-12 13:40:53 ----D---- C:\Program Files\Apple Software Update
2011-07-12 11:20:54 ----A---- C:\Windows\system32\jdns_sd.dll
2011-07-12 11:20:54 ----A---- C:\Windows\system32\dnssdX.dll
2011-07-12 11:20:54 ----A---- C:\Windows\system32\dns-sd.exe
2011-07-12 11:20:54 ----A---- C:\Windows\system32\dnssd.dll
2011-07-09 15:13:10 ----D---- C:\ProgramData\ATI
2011-07-09 15:13:03 ----D---- C:\Program Files\AMD APP
2011-07-09 15:08:39 ----D---- C:\ATI
2011-07-09 15:05:57 ----D---- C:\AMD
2011-07-03 14:28:21 ----D---- C:\Windows\system32\AGEIA
2011-07-03 14:28:20 ----D---- C:\Program Files\AGEIA Technologies
2011-07-03 14:28:11 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2011-07-03 14:27:24 ----A---- C:\Windows\system32\XAudio2_2.dll
2011-07-03 14:27:24 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2011-07-03 14:27:24 ----A---- C:\Windows\system32\xactengine3_2.dll
2011-07-03 14:27:24 ----A---- C:\Windows\system32\D3DX9_39.dll
2011-07-03 14:27:24 ----A---- C:\Windows\system32\d3dx10_39.dll
2011-07-03 14:27:24 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2011-07-03 14:27:23 ----A---- C:\Windows\system32\XAudio2_1.dll
2011-07-03 14:27:23 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2011-07-03 14:27:23 ----A---- C:\Windows\system32\xactengine3_1.dll
2011-07-03 14:27:23 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2011-07-03 14:27:23 ----A---- C:\Windows\system32\D3DX9_38.dll
2011-07-03 14:27:23 ----A---- C:\Windows\system32\d3dx10_38.dll
2011-07-03 14:27:23 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2011-07-03 14:27:22 ----A---- C:\Windows\system32\XAudio2_0.dll
2011-07-03 14:27:22 ----A---- C:\Windows\system32\xactengine3_0.dll
2011-07-03 14:27:22 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2011-07-03 14:27:22 ----A---- C:\Windows\system32\d3dx10_37.dll
2011-07-03 14:27:22 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2011-07-03 14:27:21 ----A---- C:\Windows\system32\D3DX9_37.dll
2011-07-03 14:27:19 ----A---- C:\Windows\system32\xactengine2_9.dll
2011-07-03 14:27:18 ----A---- C:\Windows\system32\d3dx9_35.dll
2011-07-03 14:27:18 ----A---- C:\Windows\system32\d3dx10_35.dll
2011-07-03 14:27:18 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2011-07-03 14:27:17 ----A---- C:\Windows\system32\xinput1_3.dll
2011-07-03 14:27:17 ----A---- C:\Windows\system32\xactengine2_8.dll
2011-07-03 14:27:17 ----A---- C:\Windows\system32\xactengine2_7.dll
2011-07-03 14:27:17 ----A---- C:\Windows\system32\d3dx9_34.dll
2011-07-03 14:27:17 ----A---- C:\Windows\system32\d3dx10_34.dll
2011-07-03 14:27:17 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2011-07-03 14:27:16 ----A---- C:\Windows\system32\xactengine2_6.dll
2011-07-03 14:27:16 ----A---- C:\Windows\system32\d3dx9_33.dll
2011-07-03 14:27:16 ----A---- C:\Windows\system32\d3dx10_33.dll
2011-07-03 14:27:16 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2011-07-03 14:27:15 ----A---- C:\Windows\system32\xactengine2_5.dll
2011-07-03 14:27:15 ----A---- C:\Windows\system32\d3dx10.dll
2011-07-03 14:27:14 ----A---- C:\Windows\system32\xactengine2_4.dll
2011-07-03 14:27:14 ----A---- C:\Windows\system32\xactengine2_3.dll
2011-07-03 14:27:14 ----A---- C:\Windows\system32\x3daudio1_1.dll
2011-07-03 14:27:13 ----A---- C:\Windows\system32\xinput1_2.dll
2011-07-03 14:27:13 ----A---- C:\Windows\system32\xinput1_1.dll
2011-07-03 14:27:13 ----A---- C:\Windows\system32\xactengine2_2.dll
2011-07-03 14:27:13 ----A---- C:\Windows\system32\xactengine2_1.dll
2011-07-03 14:26:56 ----A---- C:\Windows\system32\d3dx9_30.dll
2011-07-03 14:26:55 ----A---- C:\Windows\system32\xactengine2_0.dll
2011-07-03 14:26:55 ----A---- C:\Windows\system32\x3daudio1_0.dll
2011-07-03 14:26:53 ----A---- C:\Windows\system32\d3dx9_28.dll
2011-07-03 14:26:53 ----A---- C:\Windows\system32\d3dx9_27.dll
2011-07-03 14:26:53 ----A---- C:\Windows\system32\d3dx9_26.dll
2011-07-03 14:26:52 ----A---- C:\Windows\system32\d3dx9_25.dll
2011-07-03 14:26:51 ----A---- C:\Windows\system32\d3dx9_24.dll
2011-07-03 11:02:04 ----D---- C:\Program Files\SystemRequirementsLab
2011-06-29 08:51:03 ----D---- C:\Users\David\AppData\Roaming\Google
2011-06-29 08:50:31 ----D---- C:\Program Files\Google
2011-06-29 08:23:15 ----A---- C:\Windows\system32\schannel.dll

======List of files/folders modified in the last 3 months======

2011-09-28 12:00:32 ----RD---- C:\Program Files
2011-09-28 12:00:24 ----D---- C:\Windows\Temp
2011-09-28 11:52:30 ----D---- C:\Users\David\AppData\Roaming\Dropbox
2011-09-28 11:52:24 ----D---- C:\Windows\Prefetch
2011-09-28 11:51:11 ----D---- C:\Windows\system32\drivers
2011-09-28 11:51:09 ----A---- C:\Windows\system32\acovcnt.exe
2011-09-28 11:04:10 ----D---- C:\Users\David\AppData\Roaming\Skype
2011-09-28 10:16:54 ----D---- C:\Program Files\Steam
2011-09-28 10:05:32 ----A---- C:\Windows\system32\mrt.exe
2011-09-28 10:05:24 ----SHD---- C:\System Volume Information
2011-09-27 18:50:13 ----D---- C:\Windows
2011-09-24 14:03:57 ----D---- C:\Program Files\Common Files\Steam
2011-09-22 14:42:47 ----D---- C:\Windows\System32
2011-09-22 14:42:47 ----D---- C:\Windows\inf
2011-09-22 14:42:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-09-22 08:38:44 ----SHD---- C:\Windows\Installer
2011-09-21 22:16:36 ----D---- C:\Windows\system32\catroot2
2011-09-21 08:52:08 ----D---- C:\Users\David\AppData\Roaming\602XML
2011-09-21 08:51:13 ----D---- C:\Users\David\AppData\Roaming\602Installer
2011-09-15 15:38:30 ----D---- C:\Program Files\Common Files
2011-09-15 15:37:15 ----A---- C:\Windows\system32\deployJava1.dll
2011-09-15 15:37:12 ----D---- C:\Program Files\Java
2011-09-15 12:57:33 ----HD---- C:\ProgramData
2011-09-15 12:30:09 ----D---- C:\ProgramData\FLEXnetold
2011-09-15 11:39:44 ----D---- C:\Users\David\AppData\Roaming\Adobe
2011-09-15 10:32:11 ----D---- C:\Program Files\Common Files\Adobe
2011-09-15 10:05:58 ----RD---- C:\Windows\Fonts
2011-09-14 21:48:13 ----D---- C:\Windows\winsxs
2011-09-14 21:42:57 ----D---- C:\Windows\system32\catroot
2011-09-14 21:42:55 ----D---- C:\Program Files\Windows Mail
2011-09-10 22:40:34 ----D---- C:\Program Files\Opera
2011-09-07 12:43:55 ----D---- C:\Program Files\Mozilla Thunderbird
2011-09-07 08:14:40 ----D---- C:\Program Files\Mozilla Firefox
2011-09-04 18:25:01 ----D---- C:\ProgramData\Sony Ericsson
2011-09-04 18:24:37 ----D---- C:\ProgramData\BVRP Software
2011-09-04 18:23:07 ----RD---- C:\Program Files\Skype
2011-08-31 11:26:49 ----RSD---- C:\Windows\assembly
2011-08-31 11:26:49 ----D---- C:\Windows\Microsoft.NET
2011-08-29 10:45:03 ----D---- C:\Program Files\OpenOffice.org 3
2011-08-25 07:55:10 ----D---- C:\Windows\rescache
2011-08-25 01:18:59 ----D---- C:\Windows\system32\cs-CZ
2011-08-24 12:18:30 ----D---- C:\Program Files\Common Files\Apple
2011-08-11 13:06:12 ----D---- C:\Windows\system32\migration
2011-08-11 13:06:04 ----D---- C:\Program Files\Internet Explorer
2011-08-07 02:37:10 ----D---- C:\Users\David\AppData\Roaming\Sony Corporation
2011-08-06 12:18:43 ----D---- C:\Users\David\AppData\Roaming\Apple Computer
2011-08-06 10:07:02 ----D---- C:\Program Files\Microsoft Security Client
2011-07-28 12:23:39 ----D---- C:\Windows\Tasks
2011-07-28 12:23:39 ----D---- C:\Windows\system32\Tasks
2011-07-27 12:22:34 ----D---- C:\Program Files\Safari
2011-07-27 12:16:31 ----D---- C:\Program Files\Bonjour
2011-07-25 19:10:27 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-25 16:56:29 ----D---- C:\Program Files\Common Files\LogiShrd
2011-07-25 16:55:24 ----D---- C:\ProgramData\Logishrd
2011-07-20 15:06:29 ----D---- C:\Program Files\Common Files\Adobe AIR
2011-07-17 13:47:56 ----D---- C:\Windows\system32\LogFiles
2011-07-13 10:17:53 ----D---- C:\Program Files\Winamp
2011-07-13 10:17:13 ----D---- C:\Program Files\Winamp Detect
2011-07-12 09:15:03 ----D---- C:\ProgramData\Skype
2011-07-09 20:41:54 ----D---- C:\Windows\system32\WDI
2011-07-09 15:12:40 ----D---- C:\Program Files\ATI Technologies
2011-07-09 10:35:03 ----D---- C:\Users\David\AppData\Roaming\Azureus
2011-06-30 14:46:31 ----D---- C:\Users\David\AppData\Roaming\vlc
2011-06-30 13:51:37 ----D---- C:\Windows\LiveKernelReports

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-09-29 308248]
R0 JGOGO;JMicron Hot-Plug Driver; C:\Windows\system32\DRIVERS\JGOGO.sys [2006-02-07 6912]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2007-04-11 48000]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R1 ItSDisk;ItSDisk; C:\Windows\System32\Drivers\ItSDisk.sys [2006-05-16 23232]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R1 MpKsl1e6a13d7;MpKsl1e6a13d7; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4B7BD770-16D8-4F30-A242-67009CD80B0F}\MpKsl1e6a13d7.sys [2011-09-28 28752]
R1 MpKsla1f5941a;MpKsla1f5941a; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4B7BD770-16D8-4F30-A242-67009CD80B0F}\MpKsla1f5941a.sys [2011-09-28 28752]
R1 MpKslc5288d0b;MpKslc5288d0b; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4B7BD770-16D8-4F30-A242-67009CD80B0F}\MpKslc5288d0b.sys [2011-09-28 28752]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-08-08 45568]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-05-25 7800832]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-05-25 245760]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\Windows\system32\DRIVERS\ATSwpDrv.sys [2007-06-16 146824]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-01-15 2047576]
R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2007-06-20 49664]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2007-01-24 5632]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\System32\Drivers\LEqdUsb.Sys [2011-04-30 42648]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\System32\Drivers\LHidEqd.Sys [2011-04-30 12184]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2011-04-30 41240]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2011-04-30 39064]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2008-01-19 18432]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 NETw4v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-26 2251776]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-22 982272]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-10-01 1769984]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-11-16 195760]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2008-01-19 45624]
S1 MpKsl194c1c71;MpKsl194c1c71; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7107FFBF-6B7F-43B3-A7C3-39BE3DC5CA00}\MpKsl194c1c71.sys []
S1 MpKslaad9ced7;MpKslaad9ced7; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6D19AECC-4B30-47F5-A4E9-667C53DFFAA7}\MpKslaad9ced7.sys []
S1 MpKslca0d2ea7;MpKslca0d2ea7; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7107FFBF-6B7F-43B3-A7C3-39BE3DC5CA00}\MpKslca0d2ea7.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-05-25 7800832]
S3 BthAvrcp;Bluetooth AVRCP Profile; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2011-04-01 12800]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945BG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2006-10-14 4422560]
S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\Windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\Windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [2010-03-15 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 117872]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 25456]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [2010-03-15 113904]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [2010-03-15 123504]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2011-02-18 41984]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-05-24 246784]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-03-14 84520]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-05-25 176128]
R2 Apache2.2;Apache2.2; c:\xampp\apache\bin\httpd.exe [2010-10-18 20549]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 ASBroker;Logon Session Broker; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 ASChannel;Local Communication Channel; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-10-02 94208]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-07-12 387944]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-06-01 647168]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 11736]
R2 mysql;mysql; c:\xampp\mysql\bin\mysqld.exe [2010-12-03 8133120]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-07-17 75064]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-06-01 327680]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-09-15 655624]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-08-19 821096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-07-28 136176]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-07-28 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2011-06-17 295192]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056]
S3 NisSrv;@C:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344]
S3 SonicStage Back-End Service;SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe [2007-02-05 112184]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632]
S3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [2007-02-05 75320]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-09-22 419624]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

RSIT INFO

info.txt logfile of random's system information tool 1.09 2011-09-28 12:00:39

======Uninstall list======

-->Dummy
-->MsiExec /X{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}
-->MsiExec.exe /I{977FBE6C-AE9A-4429-B249-814F0B3A4CB1}
Add or Remove Adobe Creative Suite 3 Web Premium-->C:\Program Files\Common Files\Adobe\Installers\247961ef275e20c5cb073c36394ac32\Setup.exe
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{FDB3B167-F4FA-461D-976F-286304A57B2A}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe BridgeTalk Plugin CS3-->MsiExec.exe /I{B7F560B3-6EFF-4026-A982-843895A41149}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->C:\Program Files\Common Files\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe
Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}
Adobe Color EU Recommended Settings-->MsiExec.exe /I{73B5D990-04EA-4751-B10F-5534770B91F2}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Extra Settings-->MsiExec.exe /I{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}
Adobe Creative Suite 3 Web Premium-->MsiExec.exe /I{C347D234-93D8-4595-BDAA-C04638B23B48}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe Dreamweaver CS3-->MsiExec.exe /I{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}
Adobe ExtendScript Toolkit 2-->C:\Program Files\Common Files\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}
Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}
Adobe Fireworks CS3-->MsiExec.exe /I{7DFC1012-D346-46CE-B03E-FF79125AE029}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10r_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10v_Plugin.exe -maintain plugin
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Illustrator CS3-->MsiExec.exe /I{F08E8D2E-F132-4742-9C87-D5FF223A016A}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe MotionPicture Color Files-->MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
Adobe Reader X (10.1.1) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA1000000001}
Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}
Adobe Setup-->MsiExec.exe /I{6A5D1A94-624A-4D20-B178-3A283B500370}
Adobe Setup-->MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}
Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WAS CS3-->MsiExec.exe /I{C5BD220A-EFE8-48A5-B70E-9503D535FACE}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
AHV content for Acrobat and Flash-->MsiExec.exe /I{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}
AMD APP SDK Runtime-->MsiExec.exe /I{A25FF1C0-80B6-4B8B-A551-DC525697A408}
Apple Application Support-->MsiExec.exe /I{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}
Apple Mobile Device Support-->MsiExec.exe /I{C23CD6DA-1958-43A5-ADD0-59396572E02E}
Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
ASUS Security Protect Manager-->rundll32.exe "C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\SetupHelper.dll",ExecMain /Uninstall {D8D4AF9A-6ADE-4B14-A7F5-BA858792729E}
ASUS SmartLogon-->MsiExec.exe /I{64452561-169F-4A36-A2FF-B5E118EC65F5}
ASUS Splendid Video Enhancement Technology-->C:\Program Files\InstallShield Installation Information\{C0FC1C14-4824-4A73-87A6-9E888C9C3102}\SETUP.EXE -runfromtemp -l0x0009 -removeonly
ATI Catalyst Install Manager-->msiexec /q/x{278ABC06-C7AF-F987-FC4A-789582993D2D} REBOOT=ReallySuppress
ATK Hotkey-->C:\Program Files\InstallShield Installation Information\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}\setup.exe -runfromtemp -l0x0005 -removeonly
ATKOSD2-->C:\Program Files\InstallShield Installation Information\{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}\setup.exe -runfromtemp -l0x0009 -removeonly
Auslogics Disk Defrag-->"C:\Program Files\Auslogics\Auslogics Disk Defrag\unins000.exe"
AuthenTec Fingerprint Sensor Minimum Install-->MsiExec.exe /I{EB4DF30B-102B-4F0C-927A-D50E037A325D}
Avanquest update-->"C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe" -runfromtemp -l0x0009 -removeonly
Balíček ovladače systému Windows - ITE Tech.Inc. (itecir) HIDClass (06/20/2007 5.0.0004.2)-->C:\PROGRA~1\DIFX\F46A63020E122F0A\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\itecir.inf_709ef2e8\itecir.inf
Bonjour-->MsiExec.exe /X{D03482C5-9AD8-496D-B388-692AE04C93AF}
Canon LBP2900-->C:\Program Files\Canon\PrnUninstall\Canon LBP2900\CNAB4UN.EXE
Catalyst Control Center - Branding-->MsiExec.exe /I{0E33EC53-22CE-426C-A88B-2AAC231BAC85}
eReg-->MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
GIMP 2.6.11-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
Google AdWords Editor-->MsiExec.exe /X{00626135-E60A-4550-9503-4F50C6C9B8BB}
Google Earth-->MsiExec.exe /X{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Grooveshark-->msiexec /qb /x {B556929F-79D5-E843-27D4-60B1586C4773}
Grooveshark-->MsiExec.exe /I{B556929F-79D5-E843-27D4-60B1586C4773}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP LaserJet P1000 series-->C:\Program Files\Avago-HP\{86c19f82-0311-40d3-a181-e1510a09ccd1}\uninstall.exe SYSTEMHORNET "C:\Program Files\Avago-HP\{86c19f82-0311-40d3-a181-e1510a09ccd1}"
HPSSupply-->MsiExec.exe /X{7902E313-FF0F-4493-ACB1-A8147B78DCD0}
Inkscape 0.48.1 -->C:\Program Files\Inkscape\Uninstall.exe
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
ITECIR Driver-->C:\Program Files\InstallShield Installation Information\{FCED9B62-34FF-4C15-8A23-F65221F7874D}\setup.EXE -runfromtemp -l0x0009 -removeonly
iTunes-->MsiExec.exe /I{69995C7A-062A-4A90-A4DF-8C22895DF522}
Java(TM) 6 Update 26-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216022FF}
Java(TM) 7-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217000FF}
Java(TM) SE Development Kit 7-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0170000}
JMB36X Raid Configurer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}\setup.EXE" -l0x9 -removeonly
Last.fm 1.5.4.27091-->"C:\Program Files\Last.fm\unins000.exe"
Left 4 Dead 2-->"C:\Program Files\Steam\steam.exe" steam://uninstall/550
Logitech SetPoint 6.30-->C:\Program Files\Common Files\LogiShrd\sp6_Uninstall\setup.exe
mCore-->MsiExec.exe /I{F5D7FAB5-A1FD-4DD3-983E-4155B09D7102}
mDriver-->MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}
mHelp-->MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}
Microsoft .NET Framework 3.5 Language Pack SP1 - csy-->MsiExec.exe /I{DD73CA82-EA82-38AA-863D-9A24A018DC96}
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - csy\setup.exe
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Antimalware Service CS-CZ Language Pack-->MsiExec.exe /X{17CA32D1-73BD-4990-B8F6-369D8D34B05D}
Microsoft Antimalware-->MsiExec.exe /X{05BFB060-4F22-4710-B0A2-2801A1B606C5}
Microsoft Security Client CS-CZ Language Pack-->MsiExec.exe /I{50779A29-834E-4E36-BBEB-B7CABC67A825}
Microsoft Security Client-->MsiExec.exe /I{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}
Microsoft Security Essentials-->C:\Program Files\Microsoft Security Client\Setup.exe /x
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}
Miranda IM 0.9.30-->C:\Program Files\Miranda IM\Uninstall.exe
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Motorola SM56 Speakerphone Modem-->rundll32.exe sm56co6a.dll,SM56UnInstaller
Mozilla Firefox 6.0.2 (x86 cs)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (6.0.2)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
MrvlUsgTracking-->MsiExec.exe /I{42F0FD29-7EB3-4CAA-AF10-BC2619B96D80}
MrvlUsgTracking-->MsiExec.exe /I{A82D052A-0806-42DF-80CD-1730A1AC0ED3}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP3 Parser (KB973685)-->MsiExec.exe /I{859DFA95-E4A6-48CD-B88E-A3E483E89B44}
MyPhoneExplorer-->C:\Program Files\MyPhoneExplorer\uninstall.exe
NVIDIA PhysX-->MsiExec.exe /X{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}
OpenMG Limited Patch 4.7-07-14-05-01-->C:\Program Files\Common Files\Sony Shared\OpenMG\HotFixes\HotFix4.7-07-14-05-01\HotFixSetup\setup.exe /u
OpenMG Secure Module 4.7.00-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{CCD663AE-610D-4BDF-AAB0-E914B044527D} UNINSTALL
OpenOffice.org 3.3-->MsiExec.exe /I{10B43A43-FF73-47FD-83E8-A503E84F9ED6}
Opera 11.51-->"C:\Program Files\Opera\Opera.exe" /uninstall
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
Power4Gear eXtreme-->C:\Program Files\InstallShield Installation Information\{8CFEBE9C-F29F-4C49-80E0-7106970F8734}\setup.exe -runfromtemp -l0x0005 -removeonly
PunkBuster Services-->C:\Windows\system32\pbsvc_bc2.exe -u
QuickTime-->MsiExec.exe /I{C9E14402-3631-4182-B377-6B0DFB1C0339}
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\setup.EXE" -l0x9 anything
Safari-->MsiExec.exe /I{735619D4-B42A-437A-958C-199BFCAEDB38}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7E97AB83-C1FE-38DE-B848-877E0A4BD81E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2478663)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder ClientLP
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2518870)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder ClientLP
Skype™ 5.3-->MsiExec.exe /X{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}
Software Intel(R) PROSet/Wireless-->C:\Windows\Installer\iProInst.exe
Software602 Form Filler-->MsiExec.exe /X{7C679F14-CF4A-46E1-BDE9-2571E61C5FEB}
SonicStage 4.3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A0EB195B-5876-48E6-879D-33D4B2102610}\setup.exe" -l0x9 UNINSTALL -removeonly
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
System Requirements Lab CYRI-->MsiExec.exe /I{1F77C418-2C90-459C-BD33-B56A4182B9FA}
TagScanner 5.1.600-->"C:\Program Files\TagScanner\unins000.exe"
Taskix 2.1-->MsiExec.exe /I{E80F9F48-86F8-447D-8CDC-A98B1870C1D4}
The KMPlayer (remove only)-->"C:\Program Files\The KMPlayer\uninstall.exe"
Toggl Desktop 2.6.4.1-->"C:\Program Files\Toggl Desktop\unins000.exe"
Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exe
UniConvertor-->MsiExec.exe /I{875F0109-0307-4AE2-9439-135AC8BBE881}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5E9CF3A4-ADB3-3080-A8BF-976A28340758} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {81EBB9D7-173C-32E3-B477-149C8DE075E4} /parameterfolder Client
USB 2.0 1.3M UVC WebCam-->C:\Windows\snuninst.exe /name='USB 2.0 1.3M UVC WebCam'
VistaFeaturePack-->C:\Program Files\InstallShield Installation Information\{D7E04009-B191-4E9D-9D2D-1BBE57BD8A42}\setup.exe -runfromtemp -l0x0409
VLC media player 1.1.11-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Vuze-->C:\Program Files\Vuze\uninstall.exe
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Wireless Console 2-->C:\Program Files\InstallShield Installation Information\{83F73CB1-7705-49D1-9852-84D839CA2A45}\setup.EXE -runfromtemp -l0x0009 -removeonly
XAMPP 1.7.4-->"c:\xampp\uninstall.exe"

======Hosts File======

127.0.0.1 realitycheb.localhost
127.0.0.1 mkajot.localhost
127.0.0.1 hanackakyselka.localhost
127.0.0.1 lazenskytrojuhelnik.localhost
127.0.0.1 startip.localhost
127.0.0.1 kjt.localhost
127.0.0.1 kajotw.localhost
127.0.0.1 kajot.localhost
127.0.0.1 diskus.localhost
127.0.0.1 roboo.localhost

======Security center information======

AS: Windows Defender (disabled)

======System event log======

Computer Name: CML
Event Code: 51
Message: Na zařízení \Device\Harddisk1\DR1 byla při operaci stránkování rozpoznána chyba.
Record Number: 105959
Source Name: disk
Time Written: 20110404114512.647000-000
Event Type: Upozornění
User:

Computer Name: CML
Event Code: 51
Message: Na zařízení \Device\Harddisk1\DR1 byla při operaci stránkování rozpoznána chyba.
Record Number: 105958
Source Name: disk
Time Written: 20110404114512.647000-000
Event Type: Upozornění
User:

Computer Name: CML
Event Code: 51
Message: Na zařízení \Device\Harddisk1\DR1 byla při operaci stránkování rozpoznána chyba.
Record Number: 105957
Source Name: disk
Time Written: 20110404114512.647000-000
Event Type: Upozornění
User:

Computer Name: CML
Event Code: 51
Message: Na zařízení \Device\Harddisk1\DR1 byla při operaci stránkování rozpoznána chyba.
Record Number: 105956
Source Name: disk
Time Written: 20110404114512.647000-000
Event Type: Upozornění
User:

Computer Name: CML
Event Code: 51
Message: Na zařízení \Device\Harddisk1\DR1 byla při operaci stránkování rozpoznána chyba.
Record Number: 105955
Source Name: disk
Time Written: 20110404114512.647000-000
Event Type: Upozornění
User:

=====Application event log=====

Computer Name: LH-0UAAMFSFN0E7
Event Code: 6000
Message: Odběratel oznámení přihlašování do systému Windows <GPClient> nemohl zpracovat událost upozornění.
Record Number: 166
Source Name: Microsoft-Windows-Winlogon
Time Written: 20110402061118.000000-000
Event Type: Upozornění
User:

Computer Name: LH-0UAAMFSFN0E7
Event Code: 6000
Message: Odběratel oznámení přihlašování do systému Windows <SessionEnv> nemohl zpracovat událost upozornění.
Record Number: 165
Source Name: Microsoft-Windows-Winlogon
Time Written: 20110402061118.000000-000
Event Type: Informace
User:

Computer Name: LH-0UAAMFSFN0E7
Event Code: 9009
Message: Správce oken plochy byl ukončen s kódem (0x40010004).
Record Number: 164
Source Name: Desktop Window Manager
Time Written: 20110402061118.000000-000
Event Type: Informace
User:

Computer Name: LH-0UAAMFSFN0E7
Event Code: 6001
Message: Odběrateli oznámení přihlašování do systému Windows <GPClient> se nezdařilo provést událost oznámení.
Record Number: 163
Source Name: Microsoft-Windows-Winlogon
Time Written: 20110402061117.000000-000
Event Type: Upozornění
User:

Computer Name: LH-0UAAMFSFN0E7
Event Code: 1013
Message: Služba Windows Search byla řádně zastavena.

Record Number: 162
Source Name: Microsoft-Windows-Search
Time Written: 20110402061111.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: CML
Event Code: 4634
Message: Účet byl odhlášen.

Předmět:
ID zabezpečení: S-1-5-7
Název účtu: ANONYMOUS LOGON
Doména účtu: NT AUTHORITY
ID přihlášení: 0x1b1fd

Typ přihlášení: 3

Tato událost je generována, pokud je zničena relace přihlášení. Může být spojena s událostí přihlášení pomocí hodnoty ID přihlášení. Hodnoty ID přihlášení jsou jednoznačné pouze v rámci jednotlivých restartů stejného počítače.
Record Number: 258
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110402061132.222800-000
Event Type: Úspěch auditu
User:

Computer Name: LH-0UAAMFSFN0E7
Event Code: 4616
Message: Systémový čas byl změněn.

Předmět:
ID zabezpečení: S-1-5-19
Název účtu: LOCAL SERVICE
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e5

Informace o procesu:
ID procesu: 0x4a8
Název: C:\Windows\System32\svchost.exe

Předchozí čas: 11:11:32 PM 4/1/2011
Nový čas: 11:11:32 PM 4/1/2011

Tato událost je generována, pokud je změněn systémový čas. Je normální, že systémový čas, který používá systémové oprávnění, se mění pravidelně. Jiné změny systémového času mohou označovat pokusy o manipulaci s počítačem.
Record Number: 257
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110402061132.035600-000
Event Type: Úspěch auditu
User:

Computer Name: LH-0UAAMFSFN0E7
Event Code: 1100
Message: Služba protokolování událostí byla ukončena.
Record Number: 256
Source Name: Microsoft-Windows-Eventlog
Time Written: 20110402061132.051200-000
Event Type: Úspěch auditu
User:

Computer Name: LH-0UAAMFSFN0E7
Event Code: 4647
Message: Odhlášení spuštěné uživatelem:

Předmět:
ID zabezpečení: S-1-5-21-3440520124-3333511644-2063342229-500
Název účtu: Administrator
Doména účtu: LH-0UAAMFSFN0E7
ID přihlášení: 0x23fe0

Tato událost je generována, pokud je spuštěno odhlášení, ale počet referencí na token není nulový a relaci přihlášení nelze zničit. Není povolena žádná další uživatelem spuštěná akce. Tuto událost lze interpretovat jako událost odhlášení.
Record Number: 255
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110402061118.479474-000
Event Type: Úspěch auditu
User:

Computer Name: LH-0UAAMFSFN0E7
Event Code: 1102
Message: Protokol auditu byl vymazán.
Předmět:
ID zabezpečení: S-1-5-21-3440520124-3333511644-2063342229-500
Název účtu: Administrator
Název domény: LH-0UAAMFSFN0E7
ID přihlášení: 0x23fe0
Record Number: 254
Source Name: Microsoft-Windows-Eventlog
Time Written: 20110402061103.784274-000
Event Type: Úspěch auditu
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\bin;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\sK1 Project\UniConvertor-1.1.5\;C:\Program Files\sK1 Project\UniConvertor-1.1.5\DLLs
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=1706
"NUMBER_OF_PROCESSORS"=2
"configsetroot"=%SystemRoot%\ConfigSetRoot
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"asl.log"=Destination=file
"AMDAPPSDKROOT"=C:\Program Files\AMD APP\
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

[chodnik74]

Dobrý den
Mrkneme první na havěť,zda není v počítači přítomná...

Malwarebytes' Anti-Malware

• Stáhneme,nainstalujeme a spustíme(pokud si nevíte rady jak,klikněte ZDE)
• Vybereme Úplná kontrola a klikneme na tlačítko Prohledat
• Program provede kontrolu počítače a na konci se vám objeví hláska,že bylo skenování dokončeno,tak potvrdíme tlačítkem OK
• Objeví se vám log,který mi sem vložte
• NIC NEMAZAT!!Program mívá občas falešné detekce,takže mazat budeme až po konzultaci

[fml]

Díky za reakci - požadovaný log přikládám níže

Malwarebytes' Anti-Malware


Malwarebytes' Anti-Malware 1.51.2.1300
http://www.malwarebytes.org

Verze databáze: 7817

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

28.9.2011 19:44:04
mbam-log-2011-09-28 (19-44-04).txt

Typ: Úplná kontrola (C:\|D:\|)
Kontrolované objekty: 604011
Uplynulý čas: 2 hodin, 23 minut, 21 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

[chodnik74]

Děkuji,vypadá to,že havěť nesídlí ve vašem počítači,takže jdeme dolaďovat

Nejprve vypneme zbytečné služby..

Otevřeme si Služby

• Stiskněte klávesovou kombinaci WIN+R( nebo start-spustit ),čímž se vám otevře okno pro zadání příkazu pro spuštění. Zkopírujte a vložte sem následujíci text: services.msc a dejte enter
• Otevře se vám okno se službami vašeho pc,najděte následující služby,dvojklikem rozklikněte,klikneme na Zastavit a dále nastavte Typ spuštění:Zakázano

  Kód: Vybrat vše

  Služba Google Update (gupdate)
  Služba Google Update (gupdatem)
  

Vypadá to,že jste měl nějaké obrazovky smrti,tak se na to podíváme..

Jděte do složky C:\Windows\Minidump, pokud zde najdete soubory,tak je zabalte( třeba programem winrar) a nahrajte na http://www.leteckaposta.cz , sem mi vložte odkaz na stažení

Dále vypneme zbytečnosti po startu PC..

Otevřeme si Poznámkový blok

• (stiskneme klávesovou kombinaci WIN+R a napíšeme ,,notepad,, bez úvozovek a dáme enter)
• Vložíme do něj následující script:

  Kód: Vybrat vše

  Windows Registry Editor Version 5.00
  
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  "Skytel"=-
  "WinampAgent"=-
  "Adobe ARM"=-
  "Acrobat Assistant 8.0"=-
  ""=-
  "StartCCC"=-
  "QuickTime Task"=-
  "iTunesHelper"=-
  "SunJavaUpdateSched"=-
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "Google Update"=-
  
  

• Soubor uložíme jako oprava.reg (při ukládání nastavte Uložit jako typ:Všechny soubory)
• Poté tento soubor spustíme a potvrdíme

Ověřte tento soubor na VIRUSTOTAL

• klikneme na "Procházet" a do zadávacího pole "Název souboru" jen zkopírujeme(pokud nepůjde tak najdeme tento soubor):

  Kód: Vybrat vše

  c:\preload\patch\sysprep1.cmd
  C:\Windows\system32\acovcnt.exe
  

• soubor odešleme tak,že klikneme na "Send file" (pokud byl již testován, nechte testovat znovu - Reanalyse)
• Trpělivě vyčkej dokončení scanu dokud se neobjeví konečný výsledek např.0/41
• Do fóra zkopíruj výsledný log. nebo odkaz z adresního řádku na stránku.

[fml]

Obrazovky smrti jsem tedy rozhodně měl

Minidump

acovcnt.exe Virus Total log

Soubor sysprep1.cmd bohužel nikde v počítači nemám, ani zmíněný adresář (PC je Notebook Asus M50SR s předinstalovaným OS Win Vista Home Premium 32bit. Ergo nemám standardní instalační DVD se systémem.)

Služby zastaveny, Registry nastaveny

[chodnik74]

Vše je v pořádku na minidumpy mrknu odpoledne,zatím udělejte údržbu počítače..

Údržba PC:

1)Čištění dočasných složek + neplatné registry
Ccleaner

• Stáhneme a nainstalujeme program
• Spustíme program
• ČISTIČ
  Windows zde necháme vše jak je (pokud používáme IE,tak odškrkneme jeho položky) a zaškrkneme položky Start Menu zástupci a Zástupci na ploše a odškrkneme volbu Zbytky souborů v paměti
  Aplikace - necháme jak je,ale pokud používáme nějaký prohlížeč (Google chrome,Firefox,Opera..) tak odškrkneme jeho položky
  >Stiskeneme tlačítko Analyzovat a poté Spustit Cleaner
• Registry
  >Stiskneme tlačítko Hledej problémy,program začne hledat neplatné registry..podé zvolíme Opravit vybrané problémy..
  >Program se zeptá,zda chceme vytvořit zálohu registrů,zvolíme ano a uložíme si někde zálohu(kdyby byli po opravení registru s něčím problémy,tak zálohu obnovíme tak,že spustíme uloženou zálohu a potvrdíme ano),dále zvolíme Opravit všechny problémy a Zavřít
  >opakujte dokud nebude registr bez problémů
• Program používáme 1x 14dní (záleží na používání pc,můžeme i jednou týdně)

2)Defragmentace disku
Defraggler

• Stáhneme a nainstalujeme program
• Spustíme program
• Vybereme disk ( C:,D:..prostě který používáme)
• Pokud je ve sloupci Fragmentace více než 5% dejte Defragmentovat
• Proveďte se všemi používanými disky
• Provádíme 1x za měsíc

3)Aktualizace programů
FileHippo.com Update Checker

• Stáhneme a nainstalujeme program(Při instalaci odškrkneme volbu Run at Startup )
• Spustíme program
• Program vyhledá nainstalované programy v PC a zjistí dostupné aktualizace
• Poté se vám otevře internetová stránka,kde budou nabídnuté aplikace k aktualizování
  >X Updates Detected..to jsou dostupné aktualizace..
  > klikneme na zelenou šipečku a stáhneme program,poté nainstalujeme jeho aktuální verzi
  > X Beta Updates Detected..tyto aktualizace nestahujte,jedná se o betaverze,které jsou ve vývoji a jsou nestabilní
• Provádíme 1x za 14 dní nebo jednou za měsíc

[fml]

PC jsem vyčistil CCleanerem, udělal jsem defragmentaci a nebylo třeba nic aktualizovat. Problém nastal při defragmentaci, kdy došlo na defragmentování souboru Inbox ve složce profilu Mozilla Thunderbird. PC okamžitě zamrzl -> obrazovka smrti. Totéž se děje při pokusu o zkopírování. Odinstaloval jsem tedy TB, smazal složky v AppData/Local a Roaming, nainstaloval znovu a starý Inbox přejmenoval na InboxOld. To se podařilo otevřít a přišel jsem o poštu od dubna do dnešního dne. Teď po další defragmentaci ten stejný problém a je to dokonce horší. PC zamrzá co pět minut i v nečinnosti. Onen soubor jsem zatím hodil do koše pro případ, že by se ještě dal zachránit, ale to už je spíše zoufalství. Co s tím?

[chodnik74]

Omlouvám se,včera mi do toho něco vlezlo,jdu na ty minidumpy a vymyslíme co dál

[chodnik74]

Problém způsobuje ovladač usbhub.sys ,čili ovladač USB..nemáte nějaké USB zařízení zapojené,které by způsobovalo problém? Já se ještě poradím s kolegou a něco vymyslíme.. Prosím o zaslaní nových minidumpů ze včerejška..

Zatím mrkneme pro jistotu,že je disk v pořádku..

Stáhněte si CrystalDiskInfo

• Nainstalujte a spuste
• Klikněte na Úpravy-Kopírovat
• A pak sem vložte pomocí CTRL+V

[fml]

Používám jen Nano Receiver od Logitechu kvůli bezdrátové myši a to odjakživa. Občas připojím flash disk anebo tiskárnu, jinak nic. Teď mám obrazovky smrti když zapnu Chrome, IE je bez problému, alespoň zatím. Níže je log z CrystalDiskInfo. Minidump pošlu v dalším postu, abych poslal alespoň tohle. Obávám se, že po spuštění Total Commanderu to zase klekne

PS: Díky za ochotu, já byl včera taky v jednom kole a nestíhal jsem

CrystalDiskInfo

----------------------------------------------------------------------------
CrystalDiskInfo 4.0.3 (C) 2008-2011 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows Vista Home Premium Edition SP2 [6.0 Build 6002] (x86)
Date : 2011/09/30 8:25:49

-- Controller Map ----------------------------------------------------------
- Ricoh SD/MMC Host Controller [ATA]
- Ricoh Memory Stick Controller [ATA]
- Ricoh xD-Picture Card Controller [ATA]
+ Řadiče úložiště Intel(R) ICH8M v režimu Ultra ATA - 2850 [ATA]
+ Kanál IDE (0)
- HL-DT-ST DVDRAM GSA-T20L ATA Device
+ Intel(R) 82801HEM/HBM SATA AHCI Controller [ATA]
- WDC WD3200BEVT-22ZCT0
- JMicron JMB36X Controller [SCSI]
- Iniciátor iSCSI společnosti Microsoft [SCSI]

-- Disk List ---------------------------------------------------------------
(1) WDC WD3200BEVT-22ZCT0 : 320.0 GB [0-0-0, pd1]

----------------------------------------------------------------------------
(1) WDC WD3200BEVT-22ZCT0
----------------------------------------------------------------------------
Model : WDC WD3200BEVT-22ZCT0
Firmware : 11.01A11
Serial Number : WD-WXE308H63007
Disk Size : 320.0 GB (8.4/137.4/320.0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 18520 hod.
Power On Count : 3164 krát
Temparature : 43 C (109 F)
Health Status : Pozor
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000001 Počet chyb čtení
03 192 185 _21 000000000578 Čas na roztočení ploten
04 _97 _97 __0 000000000D33 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 _51 000000000000 Počet chybných hledání
09 _75 _75 __0 000000004858 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _97 _97 __0 000000000C5C Počet cyklů zapnutí zařízení
C0 200 200 __0 00000000004C Počet vypnutí disku
C1 146 146 __0 000000027FDB Počet cyklů načítání/vymazání
C2 104 _89 __0 00000000002B Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 194 __0 000000000004 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 00000000000D Počet chyb v kontrolním součtu UltraDMA
C8 100 253 _51 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 42 7A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 57 44 2D 57 58 45 33
020: 30 38 48 36 33 30 30 37 00 00 40 00 00 32 31 31
030: 2E 30 31 41 31 31 57 44 43 20 57 44 33 32 30 30
040: 42 45 56 54 2D 32 32 5A 43 54 30 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 01 00 00 00 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 07 06 00 00 00 4C 00 4C
0A0: 01 FE 00 00 74 6B 7F 09 61 63 74 69 BC 09 61 63
0B0: 40 7F 00 37 00 37 00 80 FF FE 00 00 80 FE 00 00
0C0: 00 00 00 00 00 00 00 00 EA B0 25 42 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 50 01 4E E2 01 46 56 7A
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 10
0F0: 40 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 29 00 00 00 00 00 00 00 00 16 9E 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 30 3F 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 15 18 00 00 00 00 00 00 00 00 10 0E 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 01 10 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2A A5

[fml]

Ok, tak žádné nové minidump soubory nevidím. Nejspíše proto, že jsem to vždy při zamrznutí natvrdo vypnul a nechal projet chkdsk. Mám to případně nechat dojít až do BSOD a poslat minidump?

[chodnik74]

Ano,pokud se objeví minidump,rád ho uvidím...disk má nějaké problémy se čtením...Já teď musím pryč,takže celkem spěchám..stáhněte si program HD Tune a v něm projeďte disk..je tam Error Scan...připadně mi udělejte screeny

[fml]

Patrně jsme dospěli do stádia, kdy už z něj nic víc nedostaneme. Po té včerejší defragmentaci s tím už téměř nejde pracovat. HD Tune se zasekl, udělal jsem fotky alespoň telefonem a myslím, že to je zralé na výměnu disku.

[chodnik74]

Jsou tam poškozené sektory,takže asi to způsobuje problémy.Večer se mi ozve kolega,tak vám dám vědět Ale asi to bude na výměnu HDD