Prosím o kontrolu logu

[Goguna]

Zdravím.

Po startu Windows XP Pro SP3 mě naskočí tato chyba: Aplikace nemohla být spuštěna, protože součást MSVCR100.dll nelze najít. Potíže pravděpodobně odstraníte opětovnou instalací aplikace.

Následně COMODO Internet Security Premium Zachytí a vloží do karantény TrojWare.Win32.Trojan.Amtar.~cbg@193550551
Umístění: C:\WINDOWS\system32\install\WIN.exe
Po odstranění je po restartu vše beze změn.

Předem děkuji. S pozdravem

Přikládam log:

Logfile of random's system information tool 1.09 (written by random/random)
Run by IBM at 2012-08-08 12:58:53
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 25 GB (33%) free of 76 GB
Total RAM: 1014 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:58:55, on 8.8.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe
C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\IBM\Plocha\RSIT.exe
C:\Program Files\trend micro\IBM.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.myplaycity.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [LenovoAutoScrollUtility] C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HKLM] C:\WINDOWS\system32\install\WIN.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\IBM\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [HKCU] C:\WINDOWS\system32\install\WIN.exe
O4 - HKLM\..\Policies\Explorer\Run: [Policies] C:\WINDOWS\system32\install\WIN.exe
O4 - HKCU\..\Policies\Explorer\Run: [Policies] C:\WINDOWS\system32\install\WIN.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 5899731055
O16 - DPF: {70EDCF63-CA7E-4812-8528-DA1EA2FD53B6} (VitaminCtrl Class) - http://www.psslavia.cz/VitaminCtrl_2_1_0_26.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (file missing)
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo. - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe

--
End of file - 7803 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\At1.job
C:\WINDOWS\tasks\At2.job
C:\WINDOWS\tasks\At3.job
C:\WINDOWS\tasks\At4.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-838170752-839522115-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-838170752-839522115-1003UA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{C33C800C-FF06-4B70-A5ED-F36E3C5D9526}.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\IBM\Data aplikací\Mozilla\Firefox\Profiles\mpyujyz1.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "keyword.URL" - "http://search.babylon.com/?affID=112059 ... 208583e&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.270 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.1]
"Description"=
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-05-04 453504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-05-04 157576]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"EZEJMNAP"=C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe [2009-12-01 256576]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
""= []
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-08-09 135168]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-08-09 155648]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-08-09 131072]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]
"Driver Genius"= []
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-04-23 2358544]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2012-03-11 6749512]
"TVT Scheduler Proxy"=C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [2008-03-04 487424]
"TPKMAPHELPER"=C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe [2007-01-09 868352]
"TP4EX"=C:\WINDOWS\system32\tp4ex.exe [2005-10-17 65536]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2000-01-01 1036288]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2007-08-08 831488]
"LenovoAutoScrollUtility"=C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe [2010-04-01 43960]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2012-04-04 35736]
"HKLM"=C:\WINDOWS\system32\install\WIN.exe [2006-05-19 296960]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Policies"=C:\WINDOWS\system32\install\WIN.exe [2006-05-19 296960]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\IBM\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2012-02-15 136176]
"HKCU"=C:\WINDOWS\system32\install\WIN.exe [2006-05-19 296960]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Policies"=C:\WINDOWS\system32\install\WIN.exe [2006-05-19 296960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HKCU]
C:\WINDOWS\system32\install\WIN.exe [2006-05-19 296960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HKLM]
C:\WINDOWS\system32\install\WIN.exe [2006-05-19 296960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2012-07-19 336992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3
"TVT Scheduler"=2
"TpKmpSVC"=2
"ThinkVantage Registry Monitor Service"=3
"SUService"=2
"S24EventMonitor"=2
"RegSrvc"=2
"PCToolsSSDMonitorSvc"=2
"NMSAccess"=2
"NIS"=2
"MyWebSearchService"=2
"LENOVO.MICMUTE"=2
"idsvc"=3
"ICQ Service"=2
"gusvc"=3
"gupdatem"=3
"gupdate"=2
"EvtEng"=2
"acs"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\WINDOWS\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-08-09 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe"="C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe:LocalSubNet:Enabled:Instalace zařízení HP"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-08-08 12:56:23 ----D---- C:\rsit
2012-08-08 12:56:23 ----D---- C:\Program Files\trend micro
2012-08-08 10:47:29 ----D---- C:\Program Files\TuneUp Utilities 2012
2012-08-08 09:49:39 ----D---- C:\Documents and Settings\IBM\Data aplikací\TuneUp Software
2012-08-08 09:48:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
2012-08-08 09:48:04 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-08-08 09:10:01 ----A---- C:\WINDOWS\ODBC.INI
2012-08-08 09:09:37 ----A---- C:\WINDOWS\system32\mdimon.dll
2012-08-08 09:05:37 ----D---- C:\Program Files\Common Files\DESIGNER
2012-08-08 09:05:05 ----D---- C:\Program Files\Microsoft Works
2012-08-08 09:04:35 ----D---- C:\Program Files\Microsoft Visual Studio
2012-08-08 09:03:57 ----D---- C:\WINDOWS\SHELLNEW
2012-08-08 09:03:46 ----D---- C:\Program Files\Microsoft.NET
2012-08-08 09:03:46 ----D---- C:\Program Files\Microsoft Office
2012-08-08 09:01:43 ----RHD---- C:\MSOCache
2012-08-08 08:30:27 ----D---- C:\Program Files\totalcmd
2012-08-08 08:12:35 ----D---- C:\Documents and Settings\IBM\Data aplikací\PowerISO
2012-08-08 08:11:11 ----D---- C:\Program Files\PowerISO
2012-08-07 20:00:14 ----A---- C:\user.js
2012-08-07 19:59:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Babylon
2012-08-07 19:59:16 ----D---- C:\Documents and Settings\IBM\Data aplikací\Babylon
2012-08-07 19:57:53 ----D---- C:\Program Files\Sun
2012-08-07 19:42:38 ----D---- C:\Documents and Settings\IBM\Data aplikací\.minecraft
2012-07-19 11:38:52 ----A---- C:\WINDOWS\system32\drivers\scdemu.sys
2012-07-10 20:33:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2718523$

======List of files/folders modified in the last 1 month======

2012-08-08 12:56:23 ----RD---- C:\Program Files
2012-08-08 12:54:44 ----SHD---- C:\WINDOWS\Installer
2012-08-08 12:54:03 ----D---- C:\WINDOWS\system32
2012-08-08 12:49:44 ----D---- C:\WINDOWS
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2567680$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2567053$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2506223$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2709162$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2660465$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2646524$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2641653$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2639417$
2012-08-08 12:49:37 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2012-08-08 12:49:37 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2012-08-08 12:27:50 ----D---- C:\WINDOWS\system32\CatRoot2
2012-08-08 12:25:18 ----D---- C:\WINDOWS\Temp
2012-08-08 11:04:10 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-08-08 10:21:49 ----SH---- C:\boot.ini
2012-08-08 10:21:49 ----A---- C:\WINDOWS\win.ini
2012-08-08 10:21:49 ----A---- C:\WINDOWS\system.ini
2012-08-08 09:50:16 ----D---- C:\WINDOWS\system32\config
2012-08-08 09:43:33 ----SD---- C:\Documents and Settings\IBM\Data aplikací\Microsoft
2012-08-08 09:42:26 ----D---- C:\WINDOWS\system32\wbem
2012-08-08 09:42:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-08-08 09:36:20 ----D---- C:\WINDOWS\Prefetch
2012-08-08 09:30:55 ----D---- C:\Documents and Settings\IBM\Data aplikací\uTorrent
2012-08-08 09:21:11 ----RSD---- C:\WINDOWS\assembly
2012-08-08 09:19:47 ----RSD---- C:\WINDOWS\Fonts
2012-08-08 09:10:07 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2012-08-08 09:07:49 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-08-08 09:05:37 ----D---- C:\Program Files\Common Files
2012-08-08 09:05:27 ----HD---- C:\WINDOWS\inf
2012-08-08 09:04:11 ----D---- C:\Program Files\Common Files\System
2012-08-08 09:03:49 ----D---- C:\WINDOWS\Help
2012-08-08 09:01:51 ----D---- C:\WINDOWS\system
2012-08-08 08:56:19 ----D---- C:\Program Files\OpenOffice.org 3
2012-08-08 08:30:27 ----D---- C:\Documents and Settings\IBM\Data aplikací\GHISLER
2012-08-08 08:22:44 ----D---- C:\Program Files\WinRAR
2012-08-08 08:22:42 ----D---- C:\Program Files\MyPlayCity Toolbar
2012-08-08 08:11:11 ----D---- C:\WINDOWS\system32\drivers
2012-08-08 07:46:16 ----D---- C:\Program Files\MyPlayCity.com
2012-08-08 07:29:05 ----D---- C:\Program Files\Comodo
2012-08-07 20:05:00 ----D---- C:\Program Files\Microsoft
2012-08-07 19:58:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2012-08-07 19:54:24 ----D---- C:\Program Files\Java
2012-08-07 08:13:57 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-08-06 14:50:15 ----D---- C:\Program Files\Mozilla Firefox
2012-08-05 20:36:44 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-07-30 18:47:02 ----D---- C:\Program Files\Mozilla Thunderbird
2012-07-10 20:34:09 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-07-10 20:33:48 ----HD---- C:\WINDOWS\$hf_mig$
2012-07-10 20:30:10 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2012-03-11 97760]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-03-07 24920]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2012-03-07 35672]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\WINDOWS\System32\DRIVERS\cmderd.sys [2012-03-11 18056]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2012-03-11 494968]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2012-03-11 31704]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 lenovo.smi;Lenovo System Interface Driver; C:\WINDOWS\system32\DRIVERS\smiif32.sys [2010-09-07 13680]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2012-07-19 113104]
R1 TPHKDRV;TPHKDRV; C:\WINDOWS\system32\DRIVERS\TPHKDRV.sys [2008-05-12 17844]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-03-07 95704]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-14 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2000-01-01 12544]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2010-05-19 13952]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2000-01-01 308736]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2000-01-01 103424]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 atmeltpm;atmeltpm; C:\WINDOWS\system32\DRIVERS\atmeltpm.sys [2005-05-17 15872]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2011-10-26 237096]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-08-09 5765056]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2011-02-01 31984]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NETwLx32; Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETwLx32.sys [2010-10-07 6609920]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\WINDOWS\system32\DRIVERS\psadd.sys [2007-02-19 21376]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2012-04-23 324368]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2007-05-02 290816]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2008-02-08 57408]
S1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-03-07 612184]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2000-01-01 1035008]
S3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2000-01-01 201600]
S3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-14 28672]
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys []
S3 SWDUMon;SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [2011-04-04 12984]
S3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2011-05-16 111280]
S3 VBoxNetFlt;VBoxNetFlt Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys []
S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2000-01-01 718464]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2012-03-11 1983232]
R2 IBMPMSVC;ThinkPad PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2011-02-01 38760]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe [2012-05-04 161664]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2010-12-03 99328]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2010-12-02 64440]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-05 250056]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-08-06 113120]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-08-08 89136]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 acs;Atheros Configuration Service; C:\WINDOWS\system32\acs.exe [2009-09-24 475220]
S4 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2010-10-19 866576]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-08-29 136176]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-08-29 136176]
S4 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-08-29 182768]
S4 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2010-11-24 45496]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMSAccess;NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2010-03-04 71096]
S4 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-10-19 477456]
S4 S24EventMonitor;Intel(R) PROSet/Wireless WiFi Service; C:\Program Files\Intel\WiFi\bin\S24EvMon.exe [2010-10-19 966656]
S4 SUService;System Update; C:\Program Files\Lenovo\System Update\SUService.exe [2010-10-29 28672]
S4 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2007-09-26 644408]
S4 TpKmpSVC;IBM KCU Service; C:\WINDOWS\system32\TpKmpSVC.exe [2006-06-29 32768]
S4 TVT Scheduler;TVT Scheduler; C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [2008-03-04 1122304]
S4 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]

-----------------EOF-----------------

[Goguna]

Ahoj,

prosím odeber log z kodu, blbe se cte, pak ti napisu navod

hotovo a děkuji

[Goguna]

Zdravím.

Problém odstraněn, sice až napodruhé OTL problém odstranilo ale bez problému moc děkuji s pozdravem a přikládám Log...

Log OTL:

========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HKLM deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\HKCU deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\\Policies deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\\Policies deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HKCU\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HKLM\ not found.
========== FILES ==========
C:\WINDOWS\system32\install\WIN.exe moved successfully.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.56.0 log created on 08082012_144700



Log RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by IBM at 2012-08-08 14:57:48
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 25 GB (33%) free of 76 GB
Total RAM: 1014 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:58:05, on 8.8.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe
C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\IBM\Plocha\RSIT.exe
C:\Program Files\trend micro\IBM.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.myplaycity.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [LenovoAutoScrollUtility] C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HKLM] C:\WINDOWS\system32\install\WIN.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\IBM\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [HKCU] C:\WINDOWS\system32\install\WIN.exe
O4 - HKLM\..\Policies\Explorer\Run: [Policies] C:\WINDOWS\system32\install\WIN.exe
O4 - HKCU\..\Policies\Explorer\Run: [Policies] C:\WINDOWS\system32\install\WIN.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 5899731055
O16 - DPF: {70EDCF63-CA7E-4812-8528-DA1EA2FD53B6} (VitaminCtrl Class) - http://www.psslavia.cz/VitaminCtrl_2_1_0_26.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (file missing)
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo. - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe

--
End of file - 7729 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\At1.job
C:\WINDOWS\tasks\At2.job
C:\WINDOWS\tasks\At3.job
C:\WINDOWS\tasks\At4.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-838170752-839522115-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-838170752-839522115-1003UA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{C33C800C-FF06-4B70-A5ED-F36E3C5D9526}.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\IBM\Data aplikací\Mozilla\Firefox\Profiles\mpyujyz1.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "keyword.URL" - "http://search.babylon.com/?affID=112059 ... 208583e&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.270 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.1]
"Description"=
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-05-04 453504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-05-04 157576]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"EZEJMNAP"=C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe [2009-12-01 256576]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-08-09 135168]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-08-09 155648]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-08-09 131072]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]
"Driver Genius"= []
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-04-23 2358544]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2012-03-11 6749512]
"TVT Scheduler Proxy"=C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [2008-03-04 487424]
"TPKMAPHELPER"=C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe [2007-01-09 868352]
"TP4EX"=C:\WINDOWS\system32\tp4ex.exe [2005-10-17 65536]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2000-01-01 1036288]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2007-08-08 831488]
"LenovoAutoScrollUtility"=C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe [2010-04-01 43960]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2012-04-04 35736]
"HKLM"=C:\WINDOWS\system32\install\WIN.exe []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Policies"=C:\WINDOWS\system32\install\WIN.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\IBM\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2012-02-15 136176]
"HKCU"=C:\WINDOWS\system32\install\WIN.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Policies"=C:\WINDOWS\system32\install\WIN.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2012-07-19 336992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3
"TVT Scheduler"=2
"TpKmpSVC"=2
"ThinkVantage Registry Monitor Service"=3
"SUService"=2
"S24EventMonitor"=2
"RegSrvc"=2
"PCToolsSSDMonitorSvc"=2
"NMSAccess"=2
"NIS"=2
"MyWebSearchService"=2
"LENOVO.MICMUTE"=2
"idsvc"=3
"ICQ Service"=2
"gusvc"=3
"gupdatem"=3
"gupdate"=2
"EvtEng"=2
"acs"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\WINDOWS\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-08-09 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe"="C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe:LocalSubNet:Enabled:Instalace zařízení HP"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-08-08 14:41:22 ----D---- C:\_OTL
2012-08-08 12:56:23 ----D---- C:\rsit
2012-08-08 12:56:23 ----D---- C:\Program Files\trend micro
2012-08-08 10:47:29 ----D---- C:\Program Files\TuneUp Utilities 2012
2012-08-08 09:49:39 ----D---- C:\Documents and Settings\IBM\Data aplikací\TuneUp Software
2012-08-08 09:48:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
2012-08-08 09:48:04 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-08-08 09:10:01 ----A---- C:\WINDOWS\ODBC.INI
2012-08-08 09:09:37 ----A---- C:\WINDOWS\system32\mdimon.dll
2012-08-08 09:05:37 ----D---- C:\Program Files\Common Files\DESIGNER
2012-08-08 09:05:05 ----D---- C:\Program Files\Microsoft Works
2012-08-08 09:04:35 ----D---- C:\Program Files\Microsoft Visual Studio
2012-08-08 09:03:57 ----D---- C:\WINDOWS\SHELLNEW
2012-08-08 09:03:46 ----D---- C:\Program Files\Microsoft.NET
2012-08-08 09:03:46 ----D---- C:\Program Files\Microsoft Office
2012-08-08 09:01:43 ----RHD---- C:\MSOCache
2012-08-08 08:30:27 ----D---- C:\Program Files\totalcmd
2012-08-08 08:12:35 ----D---- C:\Documents and Settings\IBM\Data aplikací\PowerISO
2012-08-08 08:11:11 ----D---- C:\Program Files\PowerISO
2012-08-07 20:00:14 ----A---- C:\user.js
2012-08-07 19:59:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Babylon
2012-08-07 19:59:16 ----D---- C:\Documents and Settings\IBM\Data aplikací\Babylon
2012-08-07 19:57:53 ----D---- C:\Program Files\Sun
2012-08-07 19:42:38 ----D---- C:\Documents and Settings\IBM\Data aplikací\.minecraft
2012-07-19 11:38:52 ----A---- C:\WINDOWS\system32\drivers\scdemu.sys
2012-07-10 20:33:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2718523$

======List of files/folders modified in the last 1 month======

2012-08-08 14:55:57 ----D---- C:\WINDOWS\system32\CatRoot2
2012-08-08 14:51:39 ----D---- C:\WINDOWS\Temp
2012-08-08 14:50:01 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-08-08 14:47:02 ----RSHD---- C:\WINDOWS\system32\install
2012-08-08 12:56:23 ----RD---- C:\Program Files
2012-08-08 12:54:45 ----SHD---- C:\WINDOWS\Installer
2012-08-08 12:54:03 ----D---- C:\WINDOWS\system32
2012-08-08 12:49:44 ----D---- C:\WINDOWS
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2567680$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2567053$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2506223$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2709162$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2660465$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2646524$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2641653$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2639417$
2012-08-08 12:49:37 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2012-08-08 12:49:37 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2012-08-08 10:21:49 ----SH---- C:\boot.ini
2012-08-08 10:21:49 ----A---- C:\WINDOWS\win.ini
2012-08-08 10:21:49 ----A---- C:\WINDOWS\system.ini
2012-08-08 09:50:16 ----D---- C:\WINDOWS\system32\config
2012-08-08 09:43:33 ----SD---- C:\Documents and Settings\IBM\Data aplikací\Microsoft
2012-08-08 09:42:26 ----D---- C:\WINDOWS\system32\wbem
2012-08-08 09:42:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-08-08 09:36:20 ----D---- C:\WINDOWS\Prefetch
2012-08-08 09:30:55 ----D---- C:\Documents and Settings\IBM\Data aplikací\uTorrent
2012-08-08 09:21:11 ----RSD---- C:\WINDOWS\assembly
2012-08-08 09:19:47 ----RSD---- C:\WINDOWS\Fonts
2012-08-08 09:10:07 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2012-08-08 09:07:49 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-08-08 09:05:37 ----D---- C:\Program Files\Common Files
2012-08-08 09:05:27 ----HD---- C:\WINDOWS\inf
2012-08-08 09:04:11 ----D---- C:\Program Files\Common Files\System
2012-08-08 09:03:49 ----D---- C:\WINDOWS\Help
2012-08-08 09:01:51 ----D---- C:\WINDOWS\system
2012-08-08 08:56:19 ----D---- C:\Program Files\OpenOffice.org 3
2012-08-08 08:30:27 ----D---- C:\Documents and Settings\IBM\Data aplikací\GHISLER
2012-08-08 08:22:44 ----D---- C:\Program Files\WinRAR
2012-08-08 08:22:42 ----D---- C:\Program Files\MyPlayCity Toolbar
2012-08-08 08:11:11 ----D---- C:\WINDOWS\system32\drivers
2012-08-08 07:46:16 ----D---- C:\Program Files\MyPlayCity.com
2012-08-08 07:29:05 ----D---- C:\Program Files\Comodo
2012-08-07 20:05:00 ----D---- C:\Program Files\Microsoft
2012-08-07 19:58:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2012-08-07 19:54:24 ----D---- C:\Program Files\Java
2012-08-07 08:13:57 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-08-06 14:50:15 ----D---- C:\Program Files\Mozilla Firefox
2012-08-05 20:36:44 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-07-30 18:47:02 ----D---- C:\Program Files\Mozilla Thunderbird
2012-07-10 20:34:09 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-07-10 20:33:48 ----HD---- C:\WINDOWS\$hf_mig$
2012-07-10 20:30:10 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2012-03-11 97760]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-03-07 24920]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2012-03-07 35672]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\WINDOWS\System32\DRIVERS\cmderd.sys [2012-03-11 18056]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2012-03-11 494968]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2012-03-11 31704]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 lenovo.smi;Lenovo System Interface Driver; C:\WINDOWS\system32\DRIVERS\smiif32.sys [2010-09-07 13680]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2012-07-19 113104]
R1 TPHKDRV;TPHKDRV; C:\WINDOWS\system32\DRIVERS\TPHKDRV.sys [2008-05-12 17844]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-03-07 95704]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-14 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2000-01-01 12544]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2010-05-19 13952]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2000-01-01 308736]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2000-01-01 103424]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 atmeltpm;atmeltpm; C:\WINDOWS\system32\DRIVERS\atmeltpm.sys [2005-05-17 15872]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2011-10-26 237096]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-08-09 5765056]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2011-02-01 31984]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NETwLx32; Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETwLx32.sys [2010-10-07 6609920]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\WINDOWS\system32\DRIVERS\psadd.sys [2007-02-19 21376]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2012-04-23 324368]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2007-05-02 290816]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2008-02-08 57408]
S1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-03-07 612184]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2000-01-01 1035008]
S3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2000-01-01 201600]
S3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-14 28672]
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys []
S3 SWDUMon;SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [2011-04-04 12984]
S3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2011-05-16 111280]
S3 VBoxNetFlt;VBoxNetFlt Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys []
S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2000-01-01 718464]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2012-03-11 1983232]
R2 IBMPMSVC;ThinkPad PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2011-02-01 38760]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe [2012-05-04 161664]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2010-12-03 99328]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2010-12-02 64440]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-05 250056]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-08-06 113120]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-08-08 89136]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 acs;Atheros Configuration Service; C:\WINDOWS\system32\acs.exe [2009-09-24 475220]
S4 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2010-10-19 866576]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-08-29 136176]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-08-29 136176]
S4 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-08-29 182768]
S4 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2010-11-24 45496]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMSAccess;NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2010-03-04 71096]
S4 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-10-19 477456]
S4 S24EventMonitor;Intel(R) PROSet/Wireless WiFi Service; C:\Program Files\Intel\WiFi\bin\S24EvMon.exe [2010-10-19 966656]
S4 SUService;System Update; C:\Program Files\Lenovo\System Update\SUService.exe [2010-10-29 28672]
S4 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2007-09-26 644408]
S4 TpKmpSVC;IBM KCU Service; C:\WINDOWS\system32\TpKmpSVC.exe [2006-06-29 32768]
S4 TVT Scheduler;TVT Scheduler; C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [2008-03-04 1122304]
S4 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]

-----------------EOF-----------------

[Goguna]

restartuj pc, vytvor nove log , tento neprokazal zadnou zmenu v registru.

Ahoj jak jsem již psal poprvé OTL problém neodstranilo log sice uvadi deleted successfully ale po restartu pořád chyba Aplikace nemohla být spuštěna, protože součást MSVCR100.dll nelze najít. Potíže pravděpodobně odstraníte opětovnou instalací aplikace. tak jsem to udělal podruhé a odstraněno.

Dám sem tedy log posloupně jak jsem postupoval

1) Spuštěno OTL.exe vložen script a opravit poté restart problém neodstraněn

Log:
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HKLM deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\HKCU deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\\Policies deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\\Policies deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HKCU\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HKLM\ deleted successfully.
========== FILES ==========
C:\WINDOWS\system32\install\WIN.exe moved successfully.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.56.0 log created on 08082012_144122

2) Spuštěno OTL.exe vložen script zaškrtnul jsem pro všechny uživatele a opravit poté restart problém odstraněn

Log:
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HKLM deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\HKCU deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\\Policies deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\\Policies deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HKCU\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HKLM\ not found.
========== FILES ==========
C:\WINDOWS\system32\install\WIN.exe moved successfully.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.56.0 log created on 08082012_144700

3) Na tvou žádost Spuštěno OTL.exe vložen script a opravit poté restart problém stále odstraněn Win už nehlásí žádnou chybu a Comodo také již nedetekuje Trojana.

Log:
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HKLM deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\HKCU deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\\Policies deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\\Policies deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HKCU\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HKLM\ not found.
========== FILES ==========
File\Folder C:\WINDOWS\system32\install\WIN.exe not found.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.56.0 log created on 08082012_151959

Log: RSIT
Logfile of random's system information tool 1.09 (written by random/random)
Run by IBM at 2012-08-08 15:36:18
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 25 GB (33%) free of 76 GB
Total RAM: 1014 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:36:21, on 8.8.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe
C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\IBM\Plocha\RSIT.exe
C:\Program Files\trend micro\IBM.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.myplaycity.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [LenovoAutoScrollUtility] C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\IBM\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 5899731055
O16 - DPF: {70EDCF63-CA7E-4812-8528-DA1EA2FD53B6} (VitaminCtrl Class) - http://www.psslavia.cz/VitaminCtrl_2_1_0_26.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (file missing)
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo. - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe

--
End of file - 7437 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\At1.job
C:\WINDOWS\tasks\At2.job
C:\WINDOWS\tasks\At3.job
C:\WINDOWS\tasks\At4.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-838170752-839522115-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-838170752-839522115-1003UA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{C33C800C-FF06-4B70-A5ED-F36E3C5D9526}.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\IBM\Data aplikací\Mozilla\Firefox\Profiles\mpyujyz1.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "keyword.URL" - "http://search.babylon.com/?affID=112059 ... 208583e&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.270 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.1]
"Description"=
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-05-04 453504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-05-04 157576]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"EZEJMNAP"=C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe [2009-12-01 256576]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-08-09 135168]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-08-09 155648]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-08-09 131072]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]
"Driver Genius"= []
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-04-23 2358544]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2012-03-11 6749512]
"TVT Scheduler Proxy"=C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [2008-03-04 487424]
"TPKMAPHELPER"=C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe [2007-01-09 868352]
"TP4EX"=C:\WINDOWS\system32\tp4ex.exe [2005-10-17 65536]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2000-01-01 1036288]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2007-08-08 831488]
"LenovoAutoScrollUtility"=C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe [2010-04-01 43960]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2012-04-04 35736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\IBM\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2012-02-15 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2012-07-19 336992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3
"TVT Scheduler"=2
"TpKmpSVC"=2
"ThinkVantage Registry Monitor Service"=3
"SUService"=2
"S24EventMonitor"=2
"RegSrvc"=2
"PCToolsSSDMonitorSvc"=2
"NMSAccess"=2
"NIS"=2
"MyWebSearchService"=2
"LENOVO.MICMUTE"=2
"idsvc"=3
"ICQ Service"=2
"gusvc"=3
"gupdatem"=3
"gupdate"=2
"EvtEng"=2
"acs"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\WINDOWS\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-08-09 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe"="C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe:LocalSubNet:Enabled:Instalace zařízení HP"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-08-08 14:41:22 ----D---- C:\_OTL
2012-08-08 12:56:23 ----D---- C:\rsit
2012-08-08 12:56:23 ----D---- C:\Program Files\trend micro
2012-08-08 10:47:29 ----D---- C:\Program Files\TuneUp Utilities 2012
2012-08-08 09:49:39 ----D---- C:\Documents and Settings\IBM\Data aplikací\TuneUp Software
2012-08-08 09:48:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
2012-08-08 09:48:04 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-08-08 09:10:01 ----A---- C:\WINDOWS\ODBC.INI
2012-08-08 09:09:37 ----A---- C:\WINDOWS\system32\mdimon.dll
2012-08-08 09:05:37 ----D---- C:\Program Files\Common Files\DESIGNER
2012-08-08 09:05:05 ----D---- C:\Program Files\Microsoft Works
2012-08-08 09:04:35 ----D---- C:\Program Files\Microsoft Visual Studio
2012-08-08 09:03:57 ----D---- C:\WINDOWS\SHELLNEW
2012-08-08 09:03:46 ----D---- C:\Program Files\Microsoft.NET
2012-08-08 09:03:46 ----D---- C:\Program Files\Microsoft Office
2012-08-08 09:01:43 ----RHD---- C:\MSOCache
2012-08-08 08:30:27 ----D---- C:\Program Files\totalcmd
2012-08-08 08:12:35 ----D---- C:\Documents and Settings\IBM\Data aplikací\PowerISO
2012-08-08 08:11:11 ----D---- C:\Program Files\PowerISO
2012-08-07 20:00:14 ----A---- C:\user.js
2012-08-07 19:59:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Babylon
2012-08-07 19:59:16 ----D---- C:\Documents and Settings\IBM\Data aplikací\Babylon
2012-08-07 19:57:53 ----D---- C:\Program Files\Sun
2012-08-07 19:42:38 ----D---- C:\Documents and Settings\IBM\Data aplikací\.minecraft
2012-07-19 11:38:52 ----A---- C:\WINDOWS\system32\drivers\scdemu.sys
2012-07-10 20:33:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2718523$

======List of files/folders modified in the last 1 month======

2012-08-08 15:27:04 ----D---- C:\WINDOWS\system32\CatRoot2
2012-08-08 15:21:43 ----D---- C:\WINDOWS\Temp
2012-08-08 15:20:18 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-08-08 14:47:02 ----RSHD---- C:\WINDOWS\system32\install
2012-08-08 12:56:23 ----RD---- C:\Program Files
2012-08-08 12:54:45 ----SHD---- C:\WINDOWS\Installer
2012-08-08 12:54:03 ----D---- C:\WINDOWS\system32
2012-08-08 12:49:44 ----D---- C:\WINDOWS
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2567680$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2567053$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2506223$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2709162$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2660465$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2646524$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2641653$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2639417$
2012-08-08 12:49:37 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2012-08-08 12:49:37 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2012-08-08 10:21:49 ----SH---- C:\boot.ini
2012-08-08 10:21:49 ----A---- C:\WINDOWS\win.ini
2012-08-08 10:21:49 ----A---- C:\WINDOWS\system.ini
2012-08-08 09:50:16 ----D---- C:\WINDOWS\system32\config
2012-08-08 09:43:33 ----SD---- C:\Documents and Settings\IBM\Data aplikací\Microsoft
2012-08-08 09:42:26 ----D---- C:\WINDOWS\system32\wbem
2012-08-08 09:42:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-08-08 09:36:20 ----D---- C:\WINDOWS\Prefetch
2012-08-08 09:30:55 ----D---- C:\Documents and Settings\IBM\Data aplikací\uTorrent
2012-08-08 09:21:11 ----RSD---- C:\WINDOWS\assembly
2012-08-08 09:19:47 ----RSD---- C:\WINDOWS\Fonts
2012-08-08 09:10:07 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2012-08-08 09:07:49 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-08-08 09:05:37 ----D---- C:\Program Files\Common Files
2012-08-08 09:05:27 ----HD---- C:\WINDOWS\inf
2012-08-08 09:04:11 ----D---- C:\Program Files\Common Files\System
2012-08-08 09:03:49 ----D---- C:\WINDOWS\Help
2012-08-08 09:01:51 ----D---- C:\WINDOWS\system
2012-08-08 08:56:19 ----D---- C:\Program Files\OpenOffice.org 3
2012-08-08 08:30:27 ----D---- C:\Documents and Settings\IBM\Data aplikací\GHISLER
2012-08-08 08:22:44 ----D---- C:\Program Files\WinRAR
2012-08-08 08:22:42 ----D---- C:\Program Files\MyPlayCity Toolbar
2012-08-08 08:11:11 ----D---- C:\WINDOWS\system32\drivers
2012-08-08 07:46:16 ----D---- C:\Program Files\MyPlayCity.com
2012-08-08 07:29:05 ----D---- C:\Program Files\Comodo
2012-08-07 20:05:00 ----D---- C:\Program Files\Microsoft
2012-08-07 19:58:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2012-08-07 19:54:24 ----D---- C:\Program Files\Java
2012-08-07 08:13:57 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-08-06 14:50:15 ----D---- C:\Program Files\Mozilla Firefox
2012-08-05 20:36:44 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-07-30 18:47:02 ----D---- C:\Program Files\Mozilla Thunderbird
2012-07-10 20:34:09 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-07-10 20:33:48 ----HD---- C:\WINDOWS\$hf_mig$
2012-07-10 20:30:10 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2012-03-11 97760]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-03-07 24920]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2012-03-07 35672]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\WINDOWS\System32\DRIVERS\cmderd.sys [2012-03-11 18056]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2012-03-11 494968]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2012-03-11 31704]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 lenovo.smi;Lenovo System Interface Driver; C:\WINDOWS\system32\DRIVERS\smiif32.sys [2010-09-07 13680]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2012-07-19 113104]
R1 TPHKDRV;TPHKDRV; C:\WINDOWS\system32\DRIVERS\TPHKDRV.sys [2008-05-12 17844]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-03-07 95704]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-14 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2000-01-01 12544]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2010-05-19 13952]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2000-01-01 308736]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2000-01-01 103424]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 atmeltpm;atmeltpm; C:\WINDOWS\system32\DRIVERS\atmeltpm.sys [2005-05-17 15872]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2011-10-26 237096]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-08-09 5765056]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2011-02-01 31984]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NETwLx32; Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETwLx32.sys [2010-10-07 6609920]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\WINDOWS\system32\DRIVERS\psadd.sys [2007-02-19 21376]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2012-04-23 324368]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2007-05-02 290816]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2008-02-08 57408]
S1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-03-07 612184]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2000-01-01 1035008]
S3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2000-01-01 201600]
S3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-14 28672]
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys []
S3 SWDUMon;SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [2011-04-04 12984]
S3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2011-05-16 111280]
S3 VBoxNetFlt;VBoxNetFlt Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys []
S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2000-01-01 718464]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2012-03-11 1983232]
R2 IBMPMSVC;ThinkPad PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2011-02-01 38760]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe [2012-05-04 161664]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2010-12-03 99328]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2010-12-02 64440]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-05 250056]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-08-06 113120]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-08-08 89136]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 acs;Atheros Configuration Service; C:\WINDOWS\system32\acs.exe [2009-09-24 475220]
S4 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2010-10-19 866576]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-08-29 136176]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-08-29 136176]
S4 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-08-29 182768]
S4 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2010-11-24 45496]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMSAccess;NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2010-03-04 71096]
S4 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-10-19 477456]
S4 S24EventMonitor;Intel(R) PROSet/Wireless WiFi Service; C:\Program Files\Intel\WiFi\bin\S24EvMon.exe [2010-10-19 966656]
S4 SUService;System Update; C:\Program Files\Lenovo\System Update\SUService.exe [2010-10-29 28672]
S4 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2007-09-26 644408]
S4 TpKmpSVC;IBM KCU Service; C:\WINDOWS\system32\TpKmpSVC.exe [2006-06-29 32768]
S4 TVT Scheduler;TVT Scheduler; C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [2008-03-04 1122304]
S4 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]

-----------------EOF-----------------


Jsem tu a čekám na odpověď S pozdravem

[Goguna]

Nebyla provedena změna v registru, proto sem Tě nechal provést instrukce znovu. Nyní i log je čistý, až na pár drobností.

Moc děkuji ty drobnosti stojí za zmínku a nasledné odstranění? Podle mne ano tak pokud máš ještě chvilku sem snima rád se přiučím

[Goguna]

Zdravím a pěkný den přeji.

Tady máš vše potřebné ke stažení http://ulozto.cz/xgq9koh/naughty-exe pak dej vědět ať to mohu smazat z mého učtu...

Byl problém je vykuchat ze systému, vše sedělo v System Volume Information musel jsem zpřístupnit tuto skrytou složku, chvilku to trvalo ale

Než odstraním tebou navrhované drobnosti dovolím si sem dát návrh co bych případně ještě odstranil, dám ti sem seznam tak se dopředu omlouvám pokud ti sem dám něco co by poškodilo běh win, popřípadě udělat opět návod jak to odstranit i stěma drobnostma.



Running processes: Avast tu už dávno není.

O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (file missing)

=========Mozilla firefox========= Pokud kliknu v Mozilce Otevřít Nový Panel naskočí mě ten babylon nepřišel jsem jak to odstranit, chci mít vždy google

prefs.js - "keyword.URL" - "http://search.babylon.com/?affID=112059 ... 208583e&q="

======Registry dump====== ICQ jíž není případně smažu ovladače

"ICQ Service"=2

======List of files/folders created in the last 1 month====== TuneUp Software odinstalován

2012-08-08 10:47:29 ----D---- C:\Program Files\TuneUp Utilities 2012
2012-08-08 09:49:39 ----D---- C:\Documents and Settings\IBM\Data aplikací\TuneUp Software
2012-08-08 09:48:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
2012-08-07 19:59:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Babylon
2012-08-07 19:59:16 ----D---- C:\Documents and Settings\IBM\Data aplikací\Babylon

======List of files/folders modified in the last 1 month====== OpenOffice.org 3 odinstalován a MyPlayCity Toolbar taky případně dohledám a ručně smažu

2012-08-08 08:56:19 ----D---- C:\Program Files\OpenOffice.org 3
2012-08-08 08:22:42 ----D---- C:\Program Files\MyPlayCity Toolbar
2012-08-08 07:46:16 ----D---- C:\Program Files\MyPlayCity.com

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== Opět Avast a ten SWDUMon.sys podle mě patří Nod32 také odinstalován

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-03-07 24920]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2012-03-07 35672]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-03-07 95704]
S1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-03-07 612184]
S3 SWDUMon;SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [2011-04-04 12984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== Tady to je jasné

S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe []
S4 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-08-29 136176]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-08-29 136176]
S4 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-08-29 182768]

[Goguna]

Zdravím,

vezmu postupně od nejsložitějšího.

odinstaluj

a) avastu http://www.avast.com/cs-cz/uninstall-utility
b) Služba Google Update
c) pokud najdeš v přidat/odebrat programy Babylon

poznámka: SWDUMon.sys dle mne nepatří k nodu, podívej se na vlastnosti souboru, jestli nemá digitální podpis + označení výrobce.


vymaž ručně

2012-08-08 10:47:29 ----D---- C:\Program Files\TuneUp Utilities 2012
2012-08-08 09:49:39 ----D---- C:\Documents and Settings\IBM\Data aplikací\TuneUp Software
2012-08-08 09:48:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
2012-08-07 19:59:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Babylon
2012-08-07 19:59:16 ----D---- C:\Documents and Settings\IBM\Data aplikací\Babylon
2012-08-08 08:56:19 ----D---- C:\Program Files\OpenOffice.org 3
2012-08-08 08:22:42 ----D---- C:\Program Files\MyPlayCity Toolbar
2012-08-08 07:46:16 ----D---- C:\Program Files\MyPlayCity.com


neměly by se bránit, pokud nekterý bude držkovat, přeskoč ho, písni info

až budeš mět restart pc, vlož RSIT log

edit: mám staženo

Ahoj předem se omlouvám že to tak dlouho trvalo.
Vše jsem udělal jak jsi mě tu psal stím rozdílem že jsem odstranil jak jsi radil i Toto

Kód: Vybrat vše

bych fixl, to se provede :arrow: Spusť C:\Program Files\trend micro\IBM.exe

R3 - URLSearchHook: (no name) - - (no file)
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.myplaycity.com/
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

cmd /c reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\OldTimer Tools" /f

RSIT log

Logfile of random's system information tool 1.09 (written by random/random)
Run by IBM at 2012-08-09 16:55:29
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 59 GB (78%) free of 76 GB
Total RAM: 1014 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:55:40, on 9.8.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe
C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\IBM\Plocha\RSIT.exe
C:\Program Files\trend micro\IBM.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [LenovoAutoScrollUtility] C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 5899731055
O16 - DPF: {70EDCF63-CA7E-4812-8528-DA1EA2FD53B6} (VitaminCtrl Class) - http://www.psslavia.cz/VitaminCtrl_2_1_0_26.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo. - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe

--
End of file - 6869 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\At1.job
C:\WINDOWS\tasks\At2.job
C:\WINDOWS\tasks\At3.job
C:\WINDOWS\tasks\At4.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{C33C800C-FF06-4B70-A5ED-F36E3C5D9526}.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\IBM\Data aplikací\Mozilla\Firefox\Profiles\mpyujyz1.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "keyword.URL" - "http://search.babylon.com/?affID=112059 ... 208583e&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.270 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.1]
"Description"=
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-05-04 453504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-05-04 157576]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-08-09 135168]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-08-09 155648]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-08-09 131072]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]
"Driver Genius"= []
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-04-23 2358544]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2012-03-11 6749512]
"TVT Scheduler Proxy"=C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [2008-03-04 487424]
"TPKMAPHELPER"=C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe [2007-01-09 868352]
"TP4EX"=C:\WINDOWS\system32\tp4ex.exe [2005-10-17 65536]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2000-01-01 1036288]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2007-08-08 831488]
"LenovoAutoScrollUtility"=C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe [2010-04-01 43960]
"EZEJMNAP"=C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe [2009-12-01 256576]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\IBM\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe /c []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2012-07-19 336992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3
"TVT Scheduler"=2
"TpKmpSVC"=2
"ThinkVantage Registry Monitor Service"=3
"SUService"=2
"S24EventMonitor"=2
"RegSrvc"=2
"PCToolsSSDMonitorSvc"=2
"NMSAccess"=2
"NIS"=2
"MyWebSearchService"=2
"LENOVO.MICMUTE"=2
"idsvc"=3
"ICQ Service"=2
"gusvc"=3
"gupdatem"=3
"gupdate"=2
"EvtEng"=2
"acs"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\WINDOWS\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-08-09 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe"="C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe:LocalSubNet:Enabled:Instalace zařízení HP"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-08-09 16:55:29 ----D---- C:\rsit
2012-08-09 16:10:58 ----D---- C:\Program Files\VS Revo Group
2012-08-09 12:31:12 ----SHD---- C:\Config.Msi
2012-08-08 18:11:16 ----D---- C:\Program Files\Glassfish Games
2012-08-08 12:56:23 ----D---- C:\Program Files\trend micro
2012-08-08 09:48:04 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-08-08 09:10:01 ----A---- C:\WINDOWS\ODBC.INI
2012-08-08 09:09:37 ----A---- C:\WINDOWS\system32\mdimon.dll
2012-08-08 09:05:37 ----D---- C:\Program Files\Common Files\DESIGNER
2012-08-08 09:05:05 ----D---- C:\Program Files\Microsoft Works
2012-08-08 09:04:35 ----D---- C:\Program Files\Microsoft Visual Studio
2012-08-08 09:03:57 ----D---- C:\WINDOWS\SHELLNEW
2012-08-08 09:03:46 ----D---- C:\Program Files\Microsoft.NET
2012-08-08 09:03:46 ----D---- C:\Program Files\Microsoft Office
2012-08-08 09:01:43 ----RHD---- C:\MSOCache
2012-08-08 08:30:27 ----D---- C:\Program Files\totalcmd
2012-08-08 08:12:35 ----D---- C:\Documents and Settings\IBM\Data aplikací\PowerISO
2012-08-08 08:11:11 ----D---- C:\Program Files\PowerISO
2012-08-07 20:00:14 ----A---- C:\user.js
2012-08-07 19:57:53 ----D---- C:\Program Files\Sun
2012-08-07 19:42:38 ----D---- C:\Documents and Settings\IBM\Data aplikací\.minecraft
2012-07-19 11:38:52 ----A---- C:\WINDOWS\system32\drivers\scdemu.sys
2012-07-10 20:33:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2718523$

======List of files/folders modified in the last 1 month======

2012-08-09 16:52:09 ----D---- C:\WINDOWS\Temp
2012-08-09 16:50:44 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-08-09 16:38:54 ----D---- C:\WINDOWS\system32\Restore
2012-08-09 16:36:03 ----D---- C:\WINDOWS\Prefetch
2012-08-09 16:30:11 ----RD---- C:\Program Files
2012-08-09 16:23:40 ----SHD---- C:\WINDOWS\Installer
2012-08-09 16:23:40 ----D---- C:\WINDOWS\system32
2012-08-09 16:23:40 ----D---- C:\WINDOWS\Help
2012-08-09 16:23:40 ----D---- C:\WINDOWS
2012-08-09 16:23:38 ----D---- C:\Documents and Settings\IBM\Data aplikací\uTorrent
2012-08-09 16:22:17 ----HD---- C:\WINDOWS\system32\GroupPolicy
2012-08-09 16:10:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\Norton
2012-08-09 15:39:47 ----D---- C:\WINDOWS\system32\CatRoot2
2012-08-09 13:50:14 ----SD---- C:\WINDOWS\Tasks
2012-08-09 13:44:13 ----SH---- C:\boot.ini
2012-08-09 13:44:13 ----A---- C:\WINDOWS\win.ini
2012-08-09 13:44:13 ----A---- C:\WINDOWS\system.ini
2012-08-09 12:33:42 ----RSD---- C:\WINDOWS\assembly
2012-08-09 12:32:16 ----RSD---- C:\WINDOWS\Fonts
2012-08-09 12:31:45 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-08-09 12:13:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2012-08-09 12:12:59 ----D---- C:\WINDOWS\system32\drivers
2012-08-08 14:47:02 ----RSHD---- C:\WINDOWS\system32\install
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2567680$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2567053$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2524375$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2510581$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2506223$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2467659$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2412687$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB952011$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2709162$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2686509$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2661637$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2660465$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2659262$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2646524$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2641653$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2639417$
2012-08-08 12:49:37 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2012-08-08 12:49:37 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2012-08-08 12:49:37 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2012-08-08 12:49:37 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2012-08-08 12:49:37 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2012-08-08 09:50:16 ----D---- C:\WINDOWS\system32\config
2012-08-08 09:43:33 ----SD---- C:\Documents and Settings\IBM\Data aplikací\Microsoft
2012-08-08 09:42:26 ----D---- C:\WINDOWS\system32\wbem
2012-08-08 09:42:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-08-08 09:10:07 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2012-08-08 09:05:37 ----D---- C:\Program Files\Common Files
2012-08-08 09:05:27 ----HD---- C:\WINDOWS\inf
2012-08-08 09:04:11 ----D---- C:\Program Files\Common Files\System
2012-08-08 09:01:51 ----D---- C:\WINDOWS\system
2012-08-08 08:30:27 ----D---- C:\Documents and Settings\IBM\Data aplikací\GHISLER
2012-08-08 08:22:44 ----D---- C:\Program Files\WinRAR
2012-08-08 07:29:05 ----D---- C:\Program Files\Comodo
2012-08-07 20:05:00 ----D---- C:\Program Files\Microsoft
2012-08-07 19:58:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2012-08-07 19:54:24 ----D---- C:\Program Files\Java
2012-08-07 08:13:57 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-08-06 14:50:15 ----D---- C:\Program Files\Mozilla Firefox
2012-08-05 20:36:44 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-07-30 18:47:02 ----D---- C:\Program Files\Mozilla Thunderbird
2012-07-10 20:34:09 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-07-10 20:33:48 ----HD---- C:\WINDOWS\$hf_mig$
2012-07-10 20:30:10 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2012-03-11 97760]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\WINDOWS\System32\DRIVERS\cmderd.sys [2012-03-11 18056]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2012-03-11 494968]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2012-03-11 31704]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 lenovo.smi;Lenovo System Interface Driver; C:\WINDOWS\system32\DRIVERS\smiif32.sys [2010-09-07 13680]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2012-07-19 113104]
R1 TPHKDRV;TPHKDRV; C:\WINDOWS\system32\DRIVERS\TPHKDRV.sys [2008-05-12 17844]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-14 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2000-01-01 12544]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2010-05-19 13952]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2000-01-01 308736]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2000-01-01 103424]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 atmeltpm;atmeltpm; C:\WINDOWS\system32\DRIVERS\atmeltpm.sys [2005-05-17 15872]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2011-10-26 237096]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-08-09 5765056]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2011-02-01 31984]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NETwLx32; Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETwLx32.sys [2010-10-07 6609920]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\WINDOWS\system32\DRIVERS\psadd.sys [2007-02-19 21376]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2012-04-23 324368]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2007-05-02 290816]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2008-02-08 57408]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2000-01-01 1035008]
S3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2000-01-01 201600]
S3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-14 28672]
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys []
S3 SWDUMon;SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [2011-04-04 12984]
S3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2011-05-16 111280]
S3 VBoxNetFlt;VBoxNetFlt Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys []
S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2000-01-01 718464]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2012-03-11 1983232]
R2 IBMPMSVC;ThinkPad PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2011-02-01 38760]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe [2012-05-04 161664]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2010-12-03 99328]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2010-12-02 64440]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-05 250056]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-08-06 113120]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-08-08 89136]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 acs;Atheros Configuration Service; C:\WINDOWS\system32\acs.exe [2009-09-24 475220]
S4 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2010-10-19 866576]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-08-29 136176]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-08-29 136176]
S4 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-08-29 182768]
S4 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2010-11-24 45496]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMSAccess;NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2010-03-04 71096]
S4 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-10-19 477456]
S4 S24EventMonitor;Intel(R) PROSet/Wireless WiFi Service; C:\Program Files\Intel\WiFi\bin\S24EvMon.exe [2010-10-19 966656]
S4 SUService;System Update; C:\Program Files\Lenovo\System Update\SUService.exe [2010-10-29 28672]
S4 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2007-09-26 644408]
S4 TpKmpSVC;IBM KCU Service; C:\WINDOWS\system32\TpKmpSVC.exe [2006-06-29 32768]
S4 TVT Scheduler;TVT Scheduler; C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [2008-03-04 1122304]
S4 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]

-----------------EOF-----------------

[Goguna]

poznámka: SWDUMon.sys patří k simantec Norton internet security, už tu není proto nechapu proč v logu běžel

[Goguna]

promin za odmlku, zase mensi nestihacka, ikdyz sem byl online, nemel sem vubec casik.


odeber pozustatky Symantecu přes jejich odinstalátor. ftp://ftp.symantec.com/public/english_u ... l_Tool.exe


v HiJackThis fixni:
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O16 - DPF: {70EDCF63-CA7E-4812-8528-DA1EA2FD53B6} (VitaminCtrl Class) - http://www.psslavia.cz/VitaminCtrl_2_1_0_26.cab


V profilové složce FF ( C:\Documents and Settings\IBM\Data aplikací\Mozilla\Firefox případných posložkách) najdi soubor prefs.js


otevři v dobrém textovém editoru - emeditor či notepad++

v řádeku :
"keyword.URL" - "http://search.babylon.com/?affID=112059 ... 208583e&q="


proveď změnu na

"keyword.URL" - "http://www.google.com/search?q=%&source ... el=suggest

ulož. Pokud se nebude rovnat funkci kterou potřebuješ, řádek vymaž, FF nepoužívám, proto přesné znění nepodám.

v CMD zadávej, mezi příkazy odentruj

sc stop "ICQ Service"
sc delete "ICQ Service"
sc stop "MyWebSearchService"
sc delete "MyWebSearchService"
apod i u:
gupdate
gupdatem
gusvc

poteé restart a nový rsit log

Zdravím.

Omluva předem za mou odmlku není moc času.
Nejprve jsem se zaměřil na odstranění havětí a uspěšne Comodo říká 0 hrozeb.

Co se mě stále nedaří odstranit je toto:

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000

Ani jedno mě nefungovalo:

sc stop "ICQ Service"
sc delete "ICQ Service"
sc stop "MyWebSearchService"
sc delete "MyWebSearchService"
apod i u:
gupdate
gupdatem
gusvc

vždy to napsalo tomuto podobné:

C:\Documents and Settings\IBM>sc stop "ICQ Service"
[SC] OpenService FAILED 1060:

Zadanß slu

OR

C:\Documents and Settings\IBM>gupdate
gupdate není názvem vnitřního ani vnějšího příkazu,
spustitelného programu nebo dávkového souboru.

Služba Google Update nelze nijak odinstalovat ani jentak odstranit. Slžba je momentálne vypnuta a natvrdo smazána z HDD strejda googel jinou radu neměl

a jako poslední co mě nejde přes tvé rady odstranit je toto:

S3 SWDUMon;SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys []

removetool to neodstranil ani OTL, natvrdo smazano z HDD protože ten proces neběžel ani skrytě.

dám sem novej log tak jukni a dej vedět co dál prosím, ještě se zeptám jestli mam upnout info z OTL předem děkuji.

Log:

Logfile of random's system information tool 1.09 (written by random/random)
Run by IBM at 2012-08-10 18:51:45
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 59 GB (77%) free of 76 GB
Total RAM: 1014 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:51:58, on 10.8.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Documents and Settings\IBM\Plocha\RSIT.exe
C:\Program Files\trend micro\IBM.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [LenovoAutoScrollUtility] C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 5899731055
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 4588012843
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo. - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe (file missing)
O23 - Service: Machine Debug Manager (MDM) - Unknown owner - C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Unknown owner - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Unknown owner - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe (file missing)
O23 - Service: On Screen Display (TPHKSVC) - Unknown owner - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe (file missing)

--
End of file - 6794 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\At1.job
C:\WINDOWS\tasks\At2.job
C:\WINDOWS\tasks\At3.job
C:\WINDOWS\tasks\At4.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\IBM\Data aplikací\Mozilla\Firefox\Profiles\21bn673q.default

prefs.js - "browser.startup.homepage" - "www.google.cz"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.270 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.1]
"Description"=
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-08-09 135168]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-08-09 155648]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-08-09 131072]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe []
"Driver Genius"= []
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe []
"TVT Scheduler Proxy"=C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [2008-03-04 487424]
"TPKMAPHELPER"=C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper []
"TP4EX"=C:\WINDOWS\system32\tp4ex.exe [2005-10-17 65536]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe []
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray []
"LenovoAutoScrollUtility"=C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe []
"EZEJMNAP"=C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe []
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe []
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2012-03-11 6749512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\IBM\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe /c []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2011-06-15 307200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3
"TVT Scheduler"=2
"TpKmpSVC"=2
"ThinkVantage Registry Monitor Service"=3
"SUService"=2
"S24EventMonitor"=2
"RegSrvc"=2
"PCToolsSSDMonitorSvc"=2
"NMSAccess"=2
"NIS"=2
"MyWebSearchService"=2
"LENOVO.MICMUTE"=2
"idsvc"=3
"ICQ Service"=2
"gusvc"=3
"gupdatem"=3
"gupdate"=2
"EvtEng"=2
"acs"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\WINDOWS\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-08-09 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe"="C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe:LocalSubNet:Enabled:Instalace zařízení HP"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-08-10 18:51:45 ----D---- C:\rsit
2012-08-10 18:13:23 ----D---- C:\Program Files\Google
2012-08-10 14:02:25 ----A---- C:\WINDOWS\system32\REN53.tmp
2012-08-10 14:02:25 ----A---- C:\WINDOWS\system32\REN52.tmp
2012-08-10 14:02:25 ----A---- C:\WINDOWS\system32\REN51.tmp
2012-08-10 13:58:43 ----A---- C:\WINDOWS\system32\REN19.tmp
2012-08-10 13:58:43 ----A---- C:\WINDOWS\system32\REN18.tmp
2012-08-10 13:58:43 ----A---- C:\WINDOWS\system32\REN17.tmp
2012-08-10 13:58:12 ----D---- C:\Program Files\Java
2012-08-10 13:43:26 ----D---- C:\Documents and Settings\IBM\Data aplikací\.minecraft
2012-08-10 12:03:12 ----A---- C:\WINDOWS\system32\msonpmon.dll
2012-08-10 12:01:53 ----D---- C:\Program Files\Microsoft Works
2012-08-10 12:01:08 ----D---- C:\Program Files\Common Files\DESIGNER
2012-08-10 11:59:47 ----D---- C:\Program Files\Common Files\ODBC
2012-08-10 11:57:01 ----D---- C:\Program Files\Microsoft Visual Studio 8
2012-08-10 11:56:54 ----D---- C:\Program Files\uTorrent
2012-08-10 11:55:58 ----D---- C:\WINDOWS\SHELLNEW
2012-08-10 11:55:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-08-10 11:49:34 ----D---- C:\Program Files\PowerISO
2012-08-10 11:03:25 ----D---- C:\Program Files\Microsoft.NET
2012-08-10 10:46:59 ----N---- C:\WINDOWS\system32\spmsg2.dll
2012-08-10 10:46:58 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2012-08-10 10:22:58 ----A---- C:\WINDOWS\imsins.BAK
2012-08-10 10:21:34 ----HDC---- C:\WINDOWS\ie8
2012-08-10 09:11:48 ----D---- C:\Program Files\trend micro
2012-08-10 09:04:59 ----D---- C:\Program Files\Mozilla Thunderbird
2012-08-10 09:01:01 ----D---- C:\Program Files\VS Revo Group
2012-08-10 09:00:40 ----D---- C:\Program Files\Notepad++
2012-08-10 08:59:45 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-08-10 08:59:41 ----D---- C:\Program Files\Mozilla Firefox
2012-08-10 08:56:03 ----D---- C:\Program Files\WinRAR
2012-08-10 08:54:59 ----D---- C:\Program Files\totalcmd
2012-08-10 08:48:32 ----D---- C:\Program Files\xerox
2012-08-10 08:48:32 ----D---- C:\Program Files\microsoft frontpage
2012-08-09 21:34:25 ----D---- C:\Documents and Settings\IBM\Data aplikací\Mozilla
2012-08-09 20:44:04 ----D---- C:\Documents and Settings\IBM\Data aplikací\Notepad++
2012-08-08 09:48:04 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-08-08 09:10:01 ----A---- C:\WINDOWS\ODBC.INI
2012-08-08 09:09:37 ----A---- C:\WINDOWS\system32\mdimon.dll
2012-08-08 09:04:35 ----D---- C:\Program Files\Microsoft Visual Studio
2012-08-08 09:03:46 ----D---- C:\Program Files\Microsoft Office
2012-08-08 09:01:43 ----RHD---- C:\MSOCache
2012-08-08 08:12:35 ----D---- C:\Documents and Settings\IBM\Data aplikací\PowerISO
2012-08-07 20:00:14 ----A---- C:\user.js

======List of files/folders modified in the last 1 month======

2012-08-10 18:40:34 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-08-10 18:18:56 ----D---- C:\WINDOWS\system32\CatRoot2
2012-08-10 18:13:23 ----D---- C:\Program Files
2012-08-10 14:26:13 ----D---- C:\Program Files\Comodo
2012-08-10 14:26:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\CPA_VA
2012-08-10 14:15:26 ----D---- C:\WINDOWS\system32
2012-08-10 14:13:29 ----SHD---- C:\WINDOWS\Installer
2012-08-10 14:13:10 ----D---- C:\WINDOWS\system32\drivers
2012-08-10 14:12:32 ----SD---- C:\WINDOWS\Tasks
2012-08-10 13:11:10 ----RSD---- C:\WINDOWS\assembly
2012-08-10 13:10:37 ----D---- C:\WINDOWS\Microsoft.NET
2012-08-10 13:09:53 ----A---- C:\WINDOWS\win.ini
2012-08-10 13:09:51 ----D---- C:\Program Files\Common Files\System
2012-08-10 12:50:29 ----D---- C:\WINDOWS
2012-08-10 12:42:59 ----HD---- C:\WINDOWS\inf
2012-08-10 12:42:59 ----D---- C:\WINDOWS\system32\CatRoot
2012-08-10 12:38:29 ----RSD---- C:\WINDOWS\Fonts
2012-08-10 12:37:23 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-08-10 12:37:13 ----D---- C:\WINDOWS\WinSxS
2012-08-10 12:07:43 ----SD---- C:\Documents and Settings\IBM\Data aplikací\Microsoft
2012-08-10 12:03:03 ----D---- C:\WINDOWS\system32\config
2012-08-10 12:01:08 ----D---- C:\Program Files\Common Files
2012-08-10 11:59:47 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2012-08-10 11:59:23 ----D---- C:\Documents and Settings\IBM\Data aplikací\uTorrent
2012-08-10 11:52:51 ----SH---- C:\boot.ini
2012-08-10 11:52:51 ----A---- C:\WINDOWS\system.ini
2012-08-10 11:46:11 ----D---- C:\WINDOWS\Help
2012-08-10 11:27:35 ----D---- C:\WINDOWS\Temp
2012-08-10 11:27:27 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-08-10 11:07:46 ----D---- C:\WINDOWS\system32\cs-cz
2012-08-10 11:03:36 ----D---- C:\WINDOWS\system32\en-US
2012-08-10 10:46:43 ----D---- C:\WINDOWS\system32\XPSViewer
2012-08-10 10:46:14 ----D---- C:\WINDOWS\system32\mui
2012-08-10 10:40:19 ----SD---- C:\WINDOWS\Downloaded Program Files
2012-08-10 10:36:08 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-08-10 10:36:06 ----D---- C:\WINDOWS\ie8updates
2012-08-10 10:27:01 ----D---- C:\Program Files\Internet Explorer
2012-08-10 10:24:25 ----HD---- C:\WINDOWS\$hf_mig$
2012-08-10 10:22:44 ----D---- C:\WINDOWS\WBEM
2012-08-10 10:22:36 ----D---- C:\WINDOWS\Media
2012-08-10 09:41:00 ----D---- C:\WINDOWS\Prefetch
2012-08-10 08:48:28 ----D---- C:\Program Files\Windows Media Player
2012-08-10 08:48:27 ----D---- C:\Program Files\Lenovo
2012-08-10 08:48:25 ----D---- C:\Program Files\Common Files\Adobe
2012-08-10 08:48:25 ----D---- C:\Program Files\Analog Devices
2012-08-10 08:26:57 ----D---- C:\Program Files\Windows NT
2012-08-10 08:26:56 ----D---- C:\Program Files\Outlook Express
2012-08-10 08:26:55 ----D---- C:\Program Files\NetMeeting
2012-08-10 08:26:51 ----D---- C:\Program Files\Movie Maker
2012-08-10 08:25:48 ----D---- C:\Program Files\HP
2012-08-10 08:25:18 ----D---- C:\Program Files\Common Files\Lenovo
2012-08-10 08:25:18 ----D---- C:\Program Files\Common Files\InstallShield
2012-08-09 16:38:54 ----D---- C:\WINDOWS\system32\Restore
2012-08-09 16:22:17 ----HD---- C:\WINDOWS\system32\GroupPolicy
2012-08-08 14:47:02 ----RSHD---- C:\WINDOWS\system32\install
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2567680$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2567053$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2524375$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2510581$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2506223$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2467659$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2412687$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB952011$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2718523$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2709162$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2686509$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2661637$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2660465$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2659262$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2646524$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2641653$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2639417$
2012-08-08 12:49:37 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2012-08-08 12:49:37 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2012-08-08 12:49:37 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2012-08-08 12:49:37 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2012-08-08 12:49:37 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2012-08-08 09:42:26 ----D---- C:\WINDOWS\system32\wbem
2012-08-08 09:01:51 ----D---- C:\WINDOWS\system
2012-08-08 08:30:27 ----D---- C:\Documents and Settings\IBM\Data aplikací\GHISLER
2012-08-07 19:58:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2012-08-05 20:36:44 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2012-03-11 97760]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\WINDOWS\System32\DRIVERS\cmderd.sys [2012-03-11 18056]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2012-03-11 494968]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2012-03-11 31704]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 lenovo.smi;Lenovo System Interface Driver; C:\WINDOWS\system32\DRIVERS\smiif32.sys [2010-09-07 13680]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2011-06-15 60156]
R1 TPHKDRV;TPHKDRV; C:\WINDOWS\system32\DRIVERS\TPHKDRV.sys [2008-05-12 17844]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-14 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2000-01-01 12544]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2010-05-19 13952]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2000-01-01 308736]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2000-01-01 103424]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 atmeltpm;atmeltpm; C:\WINDOWS\system32\DRIVERS\atmeltpm.sys [2005-05-17 15872]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2011-10-26 237096]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-08-09 5765056]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2011-02-01 31984]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NETwLx32; Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETwLx32.sys [2010-10-07 6609920]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\WINDOWS\system32\DRIVERS\psadd.sys [2007-02-19 21376]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2012-04-23 324368]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2007-05-02 290816]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2008-02-08 57408]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2000-01-01 1035008]
S3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2000-01-01 201600]
S3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-14 28672]
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys []
S3 SWDUMon;SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2011-05-16 111280]
S3 VBoxNetFlt;VBoxNetFlt Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys []
S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2000-01-01 718464]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2012-03-11 1983232]
R2 IBMPMSVC;ThinkPad PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2011-02-01 38760]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -service -config C:\Program Files\Oracle\JavaFX 2.1 Runtime\lib\deploy\jqs\jqs.conf []
S2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE []
S2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe []
S2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-05 250056]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 acs;Atheros Configuration Service; C:\WINDOWS\system32\acs.exe [2009-09-24 475220]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe []
S4 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe /svc []
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc []
S4 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe []
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMSAccess;NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe []
S4 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-10-19 477456]
S4 S24EventMonitor;Intel(R) PROSet/Wireless WiFi Service; C:\Program Files\Intel\WiFi\bin\S24EvMon.exe []
S4 SUService;System Update; C:\Program Files\Lenovo\System Update\SUService.exe []
S4 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2007-09-26 644408]
S4 TpKmpSVC;IBM KCU Service; C:\WINDOWS\system32\TpKmpSVC.exe [2006-06-29 32768]
S4 TVT Scheduler;TVT Scheduler; C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [2008-03-04 1122304]
S4 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe []

-----------------EOF-----------------

[Goguna]

Nemohu sem log vložit web píše Vaše zpráva obsahuje 121254 znaků. Maximální povolený počet znaků je 80000.
Dávám jako přílohu...

[Goguna]

koukám upnul jsem http://ulozto.cz/xUTSK2t/otl-rar

[Goguna]

Norton_Removal_Tool.exe ani aswclear.exe neodstranil SWDUMon.sys tento driver patří k Norton Internet Security co tu dříve byl....
Skoušel jsem přes OTL Vyčistit S3 SWDUMon;SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [] co je pořád v posledním logu z OTL ale bez uspěchu, zjistil jsem že driver SWDUMon.sys něběží je nečinej tak jsem ho natvrdo smáznul z HDD a pouze přes msconfig vypnul službu PowerIso a GoogleUpdate a smazal natvrdo z HDD googleupdate.exe jinej návod na to mě strejda googel neřekl.

Jinak jsem do otl nic jiného krom toho co jsi psal v návodech nehuhňal

[Goguna]

v pořádku moc děkuju jsem zas chytřejší vloženo do otl opraveno a po restartu. chceš rsit log?

[Goguna]

Rsit Log


Logfile of random's system information tool 1.09 (written by random/random)
Run by IBM at 2012-08-10 22:29:50
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 58 GB (76%) free of 76 GB
Total RAM: 1014 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:29:55, on 10.8.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\IBM\Plocha\RSIT.exe
C:\Program Files\trend micro\IBM.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [LenovoAutoScrollUtility] C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 5899731055
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 4588012843
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo. - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe (file missing)
O23 - Service: Machine Debug Manager (MDM) - Unknown owner - C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Unknown owner - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Unknown owner - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe (file missing)
O23 - Service: On Screen Display (TPHKSVC) - Unknown owner - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe (file missing)

--
End of file - 6084 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\At1.job
C:\WINDOWS\tasks\At2.job
C:\WINDOWS\tasks\At3.job
C:\WINDOWS\tasks\At4.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\IBM\Data aplikací\Mozilla\Firefox\Profiles\21bn673q.default

prefs.js - "browser.startup.homepage" - "www.google.cz"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.270 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.1]
"Description"=
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-08-09 135168]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-08-09 155648]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-08-09 131072]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe []
"Driver Genius"= []
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe []
"TVT Scheduler Proxy"=C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [2008-03-04 487424]
"TPKMAPHELPER"=C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper []
"TP4EX"=C:\WINDOWS\system32\tp4ex.exe [2005-10-17 65536]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe []
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray []
"LenovoAutoScrollUtility"=C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe []
"EZEJMNAP"=C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe []
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe []
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2012-03-11 6749512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\IBM\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe /c []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2011-06-15 307200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3
"TVT Scheduler"=2
"TpKmpSVC"=2
"ThinkVantage Registry Monitor Service"=3
"SUService"=2
"S24EventMonitor"=2
"RegSrvc"=2
"PCToolsSSDMonitorSvc"=2
"NMSAccess"=2
"NIS"=2
"MyWebSearchService"=2
"LENOVO.MICMUTE"=2
"idsvc"=3
"ICQ Service"=2
"gusvc"=3
"gupdatem"=3
"gupdate"=2
"EvtEng"=2
"acs"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\WINDOWS\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-08-09 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe"="C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe:LocalSubNet:Enabled:Instalace zařízení HP"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-08-10 22:10:44 ----D---- C:\_OTL
2012-08-10 20:56:17 ----D---- C:\Games
2012-08-10 18:51:45 ----D---- C:\rsit
2012-08-10 14:02:25 ----A---- C:\WINDOWS\system32\REN53.tmp
2012-08-10 14:02:25 ----A---- C:\WINDOWS\system32\REN52.tmp
2012-08-10 14:02:25 ----A---- C:\WINDOWS\system32\REN51.tmp
2012-08-10 13:58:43 ----A---- C:\WINDOWS\system32\REN19.tmp
2012-08-10 13:58:43 ----A---- C:\WINDOWS\system32\REN18.tmp
2012-08-10 13:58:43 ----A---- C:\WINDOWS\system32\REN17.tmp
2012-08-10 13:58:12 ----D---- C:\Program Files\Java
2012-08-10 13:43:26 ----D---- C:\Documents and Settings\IBM\Data aplikací\.minecraft
2012-08-10 12:03:12 ----A---- C:\WINDOWS\system32\msonpmon.dll
2012-08-10 12:01:53 ----D---- C:\Program Files\Microsoft Works
2012-08-10 12:01:08 ----D---- C:\Program Files\Common Files\DESIGNER
2012-08-10 11:59:47 ----D---- C:\Program Files\Common Files\ODBC
2012-08-10 11:57:01 ----D---- C:\Program Files\Microsoft Visual Studio 8
2012-08-10 11:56:54 ----D---- C:\Program Files\uTorrent
2012-08-10 11:55:58 ----D---- C:\WINDOWS\SHELLNEW
2012-08-10 11:55:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-08-10 11:49:34 ----D---- C:\Program Files\PowerISO
2012-08-10 11:03:25 ----D---- C:\Program Files\Microsoft.NET
2012-08-10 10:46:59 ----N---- C:\WINDOWS\system32\spmsg2.dll
2012-08-10 10:46:58 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2012-08-10 10:22:58 ----A---- C:\WINDOWS\imsins.BAK
2012-08-10 10:21:34 ----HDC---- C:\WINDOWS\ie8
2012-08-10 09:11:48 ----D---- C:\Program Files\trend micro
2012-08-10 09:04:59 ----D---- C:\Program Files\Mozilla Thunderbird
2012-08-10 09:01:01 ----D---- C:\Program Files\VS Revo Group
2012-08-10 09:00:40 ----D---- C:\Program Files\Notepad++
2012-08-10 08:59:45 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-08-10 08:59:41 ----D---- C:\Program Files\Mozilla Firefox
2012-08-10 08:56:03 ----D---- C:\Program Files\WinRAR
2012-08-10 08:54:59 ----D---- C:\Program Files\totalcmd
2012-08-10 08:48:32 ----D---- C:\Program Files\xerox
2012-08-10 08:48:32 ----D---- C:\Program Files\microsoft frontpage
2012-08-09 21:34:25 ----D---- C:\Documents and Settings\IBM\Data aplikací\Mozilla
2012-08-09 20:44:04 ----D---- C:\Documents and Settings\IBM\Data aplikací\Notepad++
2012-08-08 09:48:04 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-08-08 09:10:01 ----A---- C:\WINDOWS\ODBC.INI
2012-08-08 09:09:37 ----A---- C:\WINDOWS\system32\mdimon.dll
2012-08-08 09:04:35 ----D---- C:\Program Files\Microsoft Visual Studio
2012-08-08 09:03:46 ----D---- C:\Program Files\Microsoft Office
2012-08-08 09:01:43 ----RHD---- C:\MSOCache
2012-08-08 08:12:35 ----D---- C:\Documents and Settings\IBM\Data aplikací\PowerISO
2012-08-07 20:00:14 ----A---- C:\user.js

======List of files/folders modified in the last 1 month======

2012-08-10 22:18:17 ----D---- C:\WINDOWS\system32\CatRoot2
2012-08-10 22:11:35 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-08-10 22:11:08 ----D---- C:\WINDOWS\system32
2012-08-10 22:11:08 ----D---- C:\Program Files
2012-08-10 21:29:40 ----D---- C:\WINDOWS
2012-08-10 14:26:13 ----D---- C:\Program Files\Comodo
2012-08-10 14:26:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\CPA_VA
2012-08-10 14:13:29 ----SHD---- C:\WINDOWS\Installer
2012-08-10 14:13:10 ----D---- C:\WINDOWS\system32\drivers
2012-08-10 14:12:32 ----SD---- C:\WINDOWS\Tasks
2012-08-10 13:11:10 ----RSD---- C:\WINDOWS\assembly
2012-08-10 13:10:37 ----D---- C:\WINDOWS\Microsoft.NET
2012-08-10 13:09:53 ----A---- C:\WINDOWS\win.ini
2012-08-10 13:09:51 ----D---- C:\Program Files\Common Files\System
2012-08-10 12:42:59 ----HD---- C:\WINDOWS\inf
2012-08-10 12:42:59 ----D---- C:\WINDOWS\system32\CatRoot
2012-08-10 12:38:29 ----RSD---- C:\WINDOWS\Fonts
2012-08-10 12:37:23 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-08-10 12:37:13 ----D---- C:\WINDOWS\WinSxS
2012-08-10 12:07:43 ----SD---- C:\Documents and Settings\IBM\Data aplikací\Microsoft
2012-08-10 12:03:03 ----D---- C:\WINDOWS\system32\config
2012-08-10 12:01:08 ----D---- C:\Program Files\Common Files
2012-08-10 11:59:47 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2012-08-10 11:59:23 ----D---- C:\Documents and Settings\IBM\Data aplikací\uTorrent
2012-08-10 11:52:51 ----SH---- C:\boot.ini
2012-08-10 11:52:51 ----A---- C:\WINDOWS\system.ini
2012-08-10 11:46:11 ----D---- C:\WINDOWS\Help
2012-08-10 11:27:35 ----D---- C:\WINDOWS\Temp
2012-08-10 11:27:27 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-08-10 11:07:46 ----D---- C:\WINDOWS\system32\cs-cz
2012-08-10 11:03:36 ----D---- C:\WINDOWS\system32\en-US
2012-08-10 10:46:43 ----D---- C:\WINDOWS\system32\XPSViewer
2012-08-10 10:46:14 ----D---- C:\WINDOWS\system32\mui
2012-08-10 10:40:19 ----SD---- C:\WINDOWS\Downloaded Program Files
2012-08-10 10:36:08 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-08-10 10:36:06 ----D---- C:\WINDOWS\ie8updates
2012-08-10 10:27:01 ----D---- C:\Program Files\Internet Explorer
2012-08-10 10:24:25 ----HD---- C:\WINDOWS\$hf_mig$
2012-08-10 10:22:44 ----D---- C:\WINDOWS\WBEM
2012-08-10 10:22:36 ----D---- C:\WINDOWS\Media
2012-08-10 09:41:00 ----D---- C:\WINDOWS\Prefetch
2012-08-10 08:48:28 ----D---- C:\Program Files\Windows Media Player
2012-08-10 08:48:27 ----D---- C:\Program Files\Lenovo
2012-08-10 08:48:25 ----D---- C:\Program Files\Common Files\Adobe
2012-08-10 08:48:25 ----D---- C:\Program Files\Analog Devices
2012-08-10 08:26:57 ----D---- C:\Program Files\Windows NT
2012-08-10 08:26:56 ----D---- C:\Program Files\Outlook Express
2012-08-10 08:26:55 ----D---- C:\Program Files\NetMeeting
2012-08-10 08:26:51 ----D---- C:\Program Files\Movie Maker
2012-08-10 08:25:48 ----D---- C:\Program Files\HP
2012-08-10 08:25:18 ----D---- C:\Program Files\Common Files\Lenovo
2012-08-10 08:25:18 ----D---- C:\Program Files\Common Files\InstallShield
2012-08-09 16:38:54 ----D---- C:\WINDOWS\system32\Restore
2012-08-09 16:22:17 ----HD---- C:\WINDOWS\system32\GroupPolicy
2012-08-08 14:47:02 ----RSHD---- C:\WINDOWS\system32\install
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2567680$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2567053$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2524375$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2510581$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2506223$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2467659$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2412687$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2012-08-08 12:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB952011$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2718523$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2709162$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2686509$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2661637$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2660465$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2659262$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2646524$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2641653$
2012-08-08 12:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2639417$
2012-08-08 12:49:37 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2012-08-08 12:49:37 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2012-08-08 12:49:37 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2012-08-08 12:49:37 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2012-08-08 12:49:37 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2012-08-08 09:42:26 ----D---- C:\WINDOWS\system32\wbem
2012-08-08 09:01:51 ----D---- C:\WINDOWS\system
2012-08-08 08:30:27 ----D---- C:\Documents and Settings\IBM\Data aplikací\GHISLER
2012-08-07 19:58:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2012-08-05 20:36:44 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2012-03-11 97760]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\WINDOWS\System32\DRIVERS\cmderd.sys [2012-03-11 18056]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2012-03-11 494968]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2012-03-11 31704]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 lenovo.smi;Lenovo System Interface Driver; C:\WINDOWS\system32\DRIVERS\smiif32.sys [2010-09-07 13680]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2011-06-15 60156]
R1 TPHKDRV;TPHKDRV; C:\WINDOWS\system32\DRIVERS\TPHKDRV.sys [2008-05-12 17844]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-14 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2000-01-01 12544]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2010-05-19 13952]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2000-01-01 308736]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2000-01-01 103424]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 atmeltpm;atmeltpm; C:\WINDOWS\system32\DRIVERS\atmeltpm.sys [2005-05-17 15872]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2011-10-26 237096]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-08-09 5765056]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2011-02-01 31984]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NETwLx32; Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETwLx32.sys [2010-10-07 6609920]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\WINDOWS\system32\DRIVERS\psadd.sys [2007-02-19 21376]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2012-04-23 324368]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2007-05-02 290816]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2008-02-08 57408]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2000-01-01 1035008]
S3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2000-01-01 201600]
S3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-14 28672]
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2011-05-16 111280]
S3 VBoxNetFlt;VBoxNetFlt Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys []
S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2000-01-01 718464]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2012-03-11 1983232]
R2 IBMPMSVC;ThinkPad PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2011-02-01 38760]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -service -config C:\Program Files\Oracle\JavaFX 2.1 Runtime\lib\deploy\jqs\jqs.conf []
S2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE []
S2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe []
S2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-05 250056]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 acs;Atheros Configuration Service; C:\WINDOWS\system32\acs.exe [2009-09-24 475220]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe []
S4 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe []
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMSAccess;NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe []
S4 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-10-19 477456]
S4 S24EventMonitor;Intel(R) PROSet/Wireless WiFi Service; C:\Program Files\Intel\WiFi\bin\S24EvMon.exe []
S4 SUService;System Update; C:\Program Files\Lenovo\System Update\SUService.exe []
S4 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2007-09-26 644408]
S4 TpKmpSVC;IBM KCU Service; C:\WINDOWS\system32\TpKmpSVC.exe [2006-06-29 32768]
S4 TVT Scheduler;TVT Scheduler; C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [2008-03-04 1122304]
S4 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe []

-----------------EOF-----------------


OTL log

========== SERVICES/DRIVERS ==========
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gusvc stopped successfully!
Service gusvc deleted successfully!
Service SWDUMon stopped successfully!
Service SWDUMon deleted successfully!
========== FILES ==========
C:\Program Files\Google\Picasa3\web\templates\xml folder moved successfully.
C:\Program Files\Google\Picasa3\web\templates\whitefrm\assets folder moved successfully.
C:\Program Files\Google\Picasa3\web\templates\whitefrm folder moved successfully.
C:\Program Files\Google\Picasa3\web\templates\whitebg\assets folder moved successfully.
C:\Program Files\Google\Picasa3\web\templates\whitebg folder moved successfully.
C:\Program Files\Google\Picasa3\web\templates\greyfrm\assets folder moved successfully.
C:\Program Files\Google\Picasa3\web\templates\greyfrm folder moved successfully.
C:\Program Files\Google\Picasa3\web\templates\greybg\assets folder moved successfully.
C:\Program Files\Google\Picasa3\web\templates\greybg folder moved successfully.
C:\Program Files\Google\Picasa3\web\templates\blackfrm\assets folder moved successfully.
C:\Program Files\Google\Picasa3\web\templates\blackfrm folder moved successfully.
C:\Program Files\Google\Picasa3\web\templates\blackbg\assets folder moved successfully.
C:\Program Files\Google\Picasa3\web\templates\blackbg folder moved successfully.
C:\Program Files\Google\Picasa3\web\templates folder moved successfully.
C:\Program Files\Google\Picasa3\web\documentation\examples\assets folder moved successfully.
C:\Program Files\Google\Picasa3\web\documentation\examples folder moved successfully.
C:\Program Files\Google\Picasa3\web\documentation folder moved successfully.
C:\Program Files\Google\Picasa3\web folder moved successfully.
C:\Program Files\Google\Picasa3\update\LifeScapeUpdater folder moved successfully.
C:\Program Files\Google\Picasa3\update folder moved successfully.
C:\Program Files\Google\Picasa3\runtime\slingshot folder moved successfully.
C:\Program Files\Google\Picasa3\runtime\geotag folder moved successfully.
C:\Program Files\Google\Picasa3\runtime folder moved successfully.
C:\Program Files\Google\Picasa3\plugins\expwebsites folder moved successfully.
C:\Program Files\Google\Picasa3\plugins\CDVDR folder moved successfully.
C:\Program Files\Google\Picasa3\plugins folder moved successfully.
C:\Program Files\Google\Picasa3\licenses folder moved successfully.
C:\Program Files\Google\Picasa3\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\zh_TW.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\zh_TW.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\zh_TW.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\zh_CN.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\zh_CN.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\zh_CN.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\uk.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\uk.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\uk.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\tr.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\tr.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\tr.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\tl.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\tl.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\tl.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\sv.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\sv.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\sv.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\sr.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\sr.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\sr.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\sl.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\sl.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\sl.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\sk.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\sk.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\sk.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\ru.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\ru.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\ru.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\ro.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\ro.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\ro.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\pt_PT.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\pt_PT.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\pt_PT.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\pt_BR.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\pt_BR.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\pt_BR.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\pt.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\pt.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\pt.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\pl.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\pl.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\pl.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\no.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\no.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\no.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\nl.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\nl.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\nl.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\lv.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\lv.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\lv.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\lt.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\lt.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\lt.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\ko.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\ko.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\ko.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\ja.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\ja.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\ja.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\it.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\it.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\it.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\id.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\id.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\id.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\hu.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\hu.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\hu.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\hr.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\hr.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\hr.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\fr.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\fr.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\fr.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\fil.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\fil.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\fil.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\fi.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\fi.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\fi.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\es.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\es.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\es.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\en_GB.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\en_GB.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\en_GB.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\English.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\English.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\en.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\en.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\el.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\el.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\el.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\de.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\de.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\de.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\da.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\da.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\da.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\cs.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\cs.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\cs.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\ca.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\ca.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\ca.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\bg.lproj\PRMainMenu.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\bg.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources\bg.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Resources folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\MacOS folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Frameworks\GoogleBreakpad.framework\Versions\A\Resources\Reporter.app\Contents\Resources\zh_TW.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Frameworks\GoogleBreakpad.framework\Versions\A\Resources\Reporter.app\Contents\Resources\zh_CN.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Frameworks\GoogleBreakpad.framework\Versions\A\Resources\Reporter.app\Contents\Resources\nl.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Frameworks\GoogleBreakpad.framework\Versions\A\Resources\Reporter.app\Contents\Resources\ja.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Frameworks\GoogleBreakpad.framework\Versions\A\Resources\Reporter.app\Contents\Resources\it.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Frameworks\GoogleBreakpad.framework\Versions\A\Resources\Reporter.app\Contents\Resources\fr.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Frameworks\GoogleBreakpad.framework\Versions\A\Resources\Reporter.app\Contents\Resources\es.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Frameworks\GoogleBreakpad.framework\Versions\A\Resources\Reporter.app\Contents\Resources\en_GB.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Frameworks\GoogleBreakpad.framework\Versions\A\Resources\Reporter.app\Contents\Resources\English.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Frameworks\GoogleBreakpad.framework\Versions\A\Resources\Reporter.app\Contents\Resources\de.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Frameworks\GoogleBreakpad.framework\Versions\A\Resources\Reporter.app\Contents\Resources folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Frameworks\GoogleBreakpad.framework\Versions\A\Resources\Reporter.app\Contents\MacOS folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Frameworks\GoogleBreakpad.framework\Versions\A\Resources\Reporter.app\Contents folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Frameworks\GoogleBreakpad.framework\Versions\A\Resources\Reporter.app folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Frameworks\GoogleBreakpad.framework\Versions\A\Resources folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Frameworks\GoogleBreakpad.framework\Versions\A folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Frameworks\GoogleBreakpad.framework\Versions folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Frameworks\GoogleBreakpad.framework folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents\Frameworks folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app\Contents folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa Restore.app folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\zh_TW.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\zh_TW.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\zh_CN.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\zh_CN.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\uk.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\uk.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\tr.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\tr.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\tl.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\tl.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\sv.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\sv.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\sr.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\sr.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\sl.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\sl.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\sk.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\sk.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\ru.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\ru.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\ro.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\ro.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\pt_PT.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\pt_PT.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\pt_BR.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\pt_BR.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\pt.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\pt.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\pl.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\pl.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\no.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\no.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\nl.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\nl.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\lv.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\lv.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\lt.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\lt.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\ko.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\ko.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\ja.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\ja.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\it.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\it.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\id.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\id.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\hu.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\hu.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\hr.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\hr.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\fr.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\fr.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\fil.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\fil.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\fi.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\fi.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\es.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\es.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\en_GB.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\en_GB.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\en.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\en.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\el.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\el.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\Dialogs.nib folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\de.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\de.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\da.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\da.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\cs.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\cs.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\ca.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\ca.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\bg.lproj\i18n folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources\bg.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Resources folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\MacOS folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Frameworks\GoogleBreakpad.framework\Versions\A\Resources\Reporter.app\Contents\Resources\zh_TW.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Frameworks\GoogleBreakpad.framework\Versions\A\Resources\Reporter.app\Contents\Resources\zh_CN.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Frameworks\GoogleBreakpad.framework\Versions\A\Resources\Reporter.app\Contents\Resources\nl.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Frameworks\GoogleBreakpad.framework\Versions\A\Resources\Reporter.app\Contents\Resources\ja.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Frameworks\GoogleBreakpad.framework\Versions\A\Resources\Reporter.app\Contents\Resources\it.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Frameworks\GoogleBreakpad.framework\Versions\A\Resources\Reporter.app\Contents\Resources\fr.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Frameworks\GoogleBreakpad.framework\Versions\A\Resources\Reporter.app\Contents\Resources\es.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Frameworks\GoogleBreakpad.framework\Versions\A\Resources\Reporter.app\Contents\Resources\en_GB.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Frameworks\GoogleBreakpad.framework\Versions\A\Resources\Reporter.app\Contents\Resources\English.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Frameworks\GoogleBreakpad.framework\Versions\A\Resources\Reporter.app\Contents\Resources\de.lproj folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Frameworks\GoogleBreakpad.framework\Versions\A\Resources\Reporter.app\Contents\Resources folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Frameworks\GoogleBreakpad.framework\Versions\A\Resources\Reporter.app\Contents\MacOS folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Frameworks\GoogleBreakpad.framework\Versions\A\Resources\Reporter.app\Contents folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Frameworks\GoogleBreakpad.framework\Versions\A\Resources\Reporter.app folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Frameworks\GoogleBreakpad.framework\Versions\A\Resources folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Frameworks\GoogleBreakpad.framework\Versions\A folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Frameworks\GoogleBreakpad.framework\Versions folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Frameworks\GoogleBreakpad.framework folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents\Frameworks folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app\Contents folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun\Picasa CD Slideshow.app folder moved successfully.
C:\Program Files\Google\Picasa3\cdautorun folder moved successfully.
C:\Program Files\Google\Picasa3\buttons folder moved successfully.
C:\Program Files\Google\Picasa3 folder moved successfully.
C:\Program Files\Google\Common\Google Updater folder moved successfully.
C:\Program Files\Google\Common folder moved successfully.
C:\Program Files\Google folder moved successfully.
========== OTL ==========
Use Chrome's Settings page to change the HomePage.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to change the HomePage.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Add to Google Photos Screensa&ver\ deleted successfully.
C:\WINDOWS\system32\GPhotos.scr moved successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xportovat do aplikace Microsoft Excel\ deleted successfully.
C:\Program Files\Microsoft Office\Office12\EXCEL.EXE moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ not found.
C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ not found.
File C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{92780B25-18CC-41C8-B9BE-3C9C571A8263}\ not found.
C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\ deleted successfully.
File Protocol\Handler\ipp - No CLSID value found not found.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.56.0 log created on 08102012_221044

[Goguna]

Takže vše v pořádku? Už žádnej bordel?