Kontrolu logu prosím

[tommmmm]

Někdy mi přijde že internet jde pomalu.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Tom at 2010-12-31 18:47:22
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 105 GB (35%) free of 305 GB
Total RAM: 4094 MB (23% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:47:29, on 31.12.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18999)
Boot mode: Normal

Running processes:
C:\Program Files\ASUS\Six Engine\SixEngine.exe
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files (x86)\Panasonic\VideoCam Suite 2\VideoCamSuiteAutoStart.exe
C:\Program Files (x86)\WinFast\WFDTV\DTVSchdl.exe
C:\Program Files (x86)\WinFast\WFDTV\WFWIZ.exe
C:\Program Files (x86)\IOI\IOI\ButtonMonitor.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Program Files (x86)\AVG\AVG10\avgtray.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\ICQ6.5\ICQ.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Opera 10 Preview\opera.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\Tom.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:4001
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
R3 - URLSearchHook: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyn0.dll
O1 - Hosts: ::1 localhost
O2 - BHO: PriceGong - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.1.0\PriceGongIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyn0.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyn0.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [WinFastDTV] "C:\Program Files (x86)\WinFast\WFDTV\DTVSchdl.exe"
O4 - HKLM\..\Run: [WinFast Schedule] "C:\Program Files (x86)\WinFast\WFDTV\WFWIZ.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ButtonMonitor] C:\Program Files (x86)\IOI\IOI\ButtonMonitor.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundTray] "C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ICQ] ~"C:\Program Files (x86)\ICQ6.5\ICQ.exe" silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O4 - Global Startup: VideoCam Suite 2.0.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Stavová služba ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\Windows\SysWOW64\bgsvcgen.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14272 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG10\avgchsva.exe /boot
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
atieclxx
"C:\Windows\system32\Dwm.exe"
taskeng.exe {B01AD733-213C-48B9-9872-18F2EEB73763}
C:\Windows\Explorer.EXE
taskeng.exe {79045D35-F200-4448-B57F-8FF90BC0C846}
"C:\Program Files\ASUS\Six Engine\SixEngine.exe"
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
"C:\Windows\ehome\ehtray.exe"
"C:\Program Files\Logitech\SetPoint\SetPoint.exe"
"C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe"
C:\Windows\ehome\ehmsas.exe -Embedding
"C:\Program Files (x86)\Panasonic\VideoCam Suite 2\VideoCamSuiteAutoStart.exe"
"C:\Program Files (x86)\WinFast\WFDTV\DTVSchdl.exe"
"C:\Program Files (x86)\WinFast\WFDTV\WFWIZ.exe"
"C:\Program Files (x86)\IOI\IOI\ButtonMonitor.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Winamp\winampa.exe"
"C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe"
"C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"
"C:\Program Files (x86)\AVG\AVG10\avgtray.exe"
"C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe"
C:\Windows\system32\AEADISRV.EXE
"C:\Program Files (x86)\AVG\AVG10\avgfws.exe"
"C:\Program Files (x86)\ICQ6.5\ICQ.exe" silent
"C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe"
"C:\Windows\SysWOW64\bgsvcgen.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
KHALMNPR.EXE /API
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-9651e602-ce9d-4030-8003-19a30e0b4a08 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-765b7000-1976-4021-9ad5-895b244b7770 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-9473e6a8-93c1-4578-991d-a203172fcd2c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:62223c13-1ca7-466e-9507-71db6f2a0adb
"C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe"
WLIDSvcM.exe 1856
"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe"
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe" -Embedding
"C:\Program Files (x86)\AVG\AVG10\avgam.exe"
"C:\Program Files\Windows Media Player\wmpnscfg.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\AVG\AVG10\avgnsa.exe"
taskeng.exe {ECB462FF-ECC6-4840-83C5-261E1D0B1102}
C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe /pipeName=791af35b-e27a-4850-bed4-a203a6901902 /coreSdkOptions=18 /logConfFile="C:\ProgramData\AVG10\temp\add5cc24-de02-403b-be0b-b33b0ad00f57-e98-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG10\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg10" /tempPath="C:\ProgramData\AVG10\temp\"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Opera 10 Preview\opera.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=6092.12ec1d60.205750147 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" 6092 plugin \\.\pipe\gecko-crash-server-pipe.6092
C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe /pipeName=a33cd326-2e43-4c40-8a5a-416094aa6400 /coreSdkOptions=30 /logConfFile="C:\ProgramData\AVG10\temp\d69b8a38-bb0a-4a11-b114-ef093e4fa80b-12d0-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG10\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg10" /tempPath="C:\ProgramData\AVG10\temp\"
splwow64
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 668 672 680 65536 676
"C:\Users\Tom\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\COMODO System Cleaner Update.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll [2010-11-22 3848032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-08-05 132448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}]
PriceGongBHO Class - C:\Program Files (x86)\PriceGong\2.1.0\PriceGongIE.dll [2010-08-18 353656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG10\avgssie.dll [2010-11-22 2732896]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]
Zynga Toolbar - C:\Program Files (x86)\Zynga\tbZyn0.dll [2010-02-22 2353176]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll [2010-10-25 2475336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-09-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2010-10-18 1485112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2009-04-23 1529800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2009-04-23 937416]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2010-10-18 1485112]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{7b13ec3e-999a-4b70-b9cb-2617b8323822} - Zynga Toolbar - C:\Program Files (x86)\Zynga\tbZyn0.dll [2010-02-22 2353176]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll [2010-10-25 2475336]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1584184]
"UpdateUSB"=C:\Windows\inf\UpdateUSB.exe [2006-06-23 30720]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-11 689488]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-18 2114376]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 138240]
"msnmsgr"=~C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background []
"ICQ"=~C:\Program Files (x86)\ICQ6.5\ICQ.exe silent []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-03-17 61440]
"WinFastDTV"=C:\Program Files (x86)\WinFast\WFDTV\DTVSchdl.exe [2007-07-30 90112]
"WinFast Schedule"=C:\Program Files (x86)\WinFast\WFDTV\WFWIZ.exe [2007-07-27 409600]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"ButtonMonitor"=C:\Program Files (x86)\IOI\IOI\ButtonMonitor.exe [2007-01-30 53248]
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2005-12-09 35328]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2007-06-29 286720]
"SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2008-03-16 1302528]
"SoundTray"=C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe [2008-03-26 143360]
"CloneCDTray"=C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [2009-01-29 57344]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"SweetIM"=C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [2010-10-13 111928]
"AVG_TRAY"=C:\Program Files (x86)\AVG\AVG10\avgtray.exe [2010-10-22 2745696]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
VideoCam Suite 2.0.lnk - C:\Program Files (x86)\Panasonic\VideoCam Suite 2\VideoCamSuiteAutoStart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-12-31 18:44:26 ----D---- C:\rsit
2010-12-31 18:44:26 ----D---- C:\Program Files\trend micro
2010-12-30 15:26:04 ----D---- C:\Program Files (x86)\DOSBox-0.74
2010-12-30 14:11:21 ----D---- C:\racrally
2010-12-29 11:15:23 ----D---- C:\rc
2010-12-24 13:54:11 ----HD---- C:\$AVG
2010-12-15 21:02:09 ----D---- C:\Program Files (x86)\PriceGong
2010-12-14 20:44:57 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2010-12-14 20:44:57 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2010-12-14 20:44:57 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2010-12-14 20:44:57 ----A---- C:\Windows\system32\fontsub.dll
2010-12-14 20:44:57 ----A---- C:\Windows\system32\atmlib.dll
2010-12-14 20:44:57 ----A---- C:\Windows\system32\atmfd.dll
2010-12-14 20:44:53 ----A---- C:\Windows\system32\consent.exe
2010-12-14 20:44:51 ----A---- C:\Windows\system32\win32k.sys
2010-12-14 20:44:47 ----A---- C:\Windows\system32\mshtml.dll
2010-12-14 20:44:45 ----A---- C:\Windows\system32\iertutil.dll
2010-12-14 20:44:45 ----A---- C:\Windows\system32\ieframe.dll
2010-12-14 20:44:44 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2010-12-14 20:44:44 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2010-12-14 20:44:44 ----A---- C:\Windows\system32\mstime.dll
2010-12-14 20:44:43 ----A---- C:\Windows\SYSWOW64\mstime.dll
2010-12-14 20:44:43 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2010-12-14 20:44:43 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2010-12-14 20:44:43 ----A---- C:\Windows\system32\wininet.dll
2010-12-14 20:44:43 ----A---- C:\Windows\system32\urlmon.dll
2010-12-14 20:44:42 ----A---- C:\Windows\SYSWOW64\wininet.dll
2010-12-14 20:44:42 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2010-12-14 20:44:42 ----A---- C:\Windows\system32\msfeeds.dll
2010-12-14 20:44:42 ----A---- C:\Windows\system32\iedkcs32.dll
2010-12-14 20:44:41 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2010-12-14 20:44:41 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2010-12-14 20:44:41 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2010-12-14 20:44:41 ----A---- C:\Windows\system32\occache.dll
2010-12-14 20:44:41 ----A---- C:\Windows\system32\mshtmled.dll
2010-12-14 20:44:41 ----A---- C:\Windows\system32\msfeedssync.exe
2010-12-14 20:44:41 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-12-14 20:44:41 ----A---- C:\Windows\system32\licmgr10.dll
2010-12-14 20:44:41 ----A---- C:\Windows\system32\jsproxy.dll
2010-12-14 20:44:41 ----A---- C:\Windows\system32\ieui.dll
2010-12-14 20:44:41 ----A---- C:\Windows\system32\iesetup.dll
2010-12-14 20:44:41 ----A---- C:\Windows\system32\iernonce.dll
2010-12-14 20:44:41 ----A---- C:\Windows\system32\iepeers.dll
2010-12-14 20:44:40 ----A---- C:\Windows\SYSWOW64\occache.dll
2010-12-14 20:44:40 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2010-12-14 20:44:40 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2010-12-14 20:44:40 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2010-12-14 20:44:40 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2010-12-14 20:44:40 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2010-12-14 20:44:40 ----A---- C:\Windows\SYSWOW64\ieui.dll
2010-12-14 20:44:40 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2010-12-14 20:44:40 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2010-12-14 20:44:40 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2010-12-14 20:44:40 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2010-12-14 20:44:40 ----A---- C:\Windows\system32\ieUnatt.exe
2010-12-14 20:44:40 ----A---- C:\Windows\system32\iesysprep.dll
2010-12-14 20:44:40 ----A---- C:\Windows\system32\ie4uinit.exe
2010-12-14 20:44:26 ----A---- C:\Windows\SYSWOW64\tzres.dll
2010-12-14 20:44:26 ----A---- C:\Windows\system32\tzres.dll
2010-12-14 20:43:44 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2010-12-14 20:43:44 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2010-12-14 20:43:44 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2010-12-14 20:43:44 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-12-14 20:43:44 ----A---- C:\Windows\system32\taskschd.dll
2010-12-14 20:43:44 ----A---- C:\Windows\system32\taskeng.exe
2010-12-14 20:43:44 ----A---- C:\Windows\system32\taskcomp.dll
2010-12-14 20:43:44 ----A---- C:\Windows\system32\schedsvc.dll
2010-12-08 04:12:36 ----A---- C:\Windows\system32\drivers\avgldx64.sys
2010-12-05 11:08:28 ----D---- C:\Program Files\Zrychleni Pocitace
2010-12-02 21:49:47 ----D---- C:\Users\Tom\AppData\Roaming\TweakNow RegCleaner
2010-12-02 21:49:47 ----D---- C:\Program Files (x86)\TweakNow RegCleaner
2010-12-01 20:45:30 ----D---- C:\Users\Tom\AppData\Roaming\AVG10
2010-12-01 20:44:22 ----HD---- C:\ProgramData\Common Files
2010-12-01 20:43:53 ----D---- C:\ProgramData\AVG Security Toolbar
2010-12-01 20:43:12 ----D---- C:\Windows\SYSWOW64\drivers\AVG
2010-12-01 20:41:39 ----D---- C:\Windows\system32\drivers\AVG
2010-12-01 20:41:39 ----D---- C:\ProgramData\AVG10
2010-12-01 20:39:55 ----D---- C:\Program Files (x86)\AVG
2010-12-01 20:24:27 ----D---- C:\ProgramData\MFAData
2010-12-01 20:03:44 ----A---- C:\Windows\SYSWOW64\InstLog.txt
2010-12-01 19:44:23 ----D---- C:\ProgramData\Comodo
2010-12-01 19:44:16 ----A---- C:\Windows\SYSWOW64\MSVCRTD.DLL
2010-12-01 19:44:16 ----A---- C:\Windows\SYSWOW64\monln.dll

======List of files/folders modified in the last 1 months======

2010-12-31 18:47:28 ----D---- C:\Windows\Temp
2010-12-31 18:44:26 ----RD---- C:\Program Files
2010-12-31 17:47:45 ----D---- C:\Program Files (x86)\Full Tilt Poker.Net
2010-12-31 09:38:11 ----D---- C:\Windows\SysWOW64
2010-12-30 15:26:04 ----RD---- C:\Program Files (x86)
2010-12-29 11:09:15 ----D---- C:\Windows\System32
2010-12-29 11:09:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-12-29 11:09:14 ----D---- C:\Windows\inf
2010-12-29 08:54:39 ----D---- C:\Users\Tom\AppData\Roaming\ICQ
2010-12-28 09:35:07 ----SHD---- C:\Windows\Installer
2010-12-28 09:35:07 ----SHD---- C:\Config.Msi
2010-12-25 09:45:10 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-12-24 13:45:05 ----D---- C:\Windows\SYSWOW64\drivers
2010-12-19 19:18:51 ----SHD---- C:\System Volume Information
2010-12-17 21:30:34 ----D---- C:\Program Files (x86)\Opera 10 Preview
2010-12-17 17:11:02 ----D---- C:\Windows\system32\drivers
2010-12-15 19:47:00 ----D---- C:\Windows\rescache
2010-12-15 19:33:26 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-12-15 08:35:59 ----D---- C:\Program Files (x86)\Internet Explorer
2010-12-15 08:35:58 ----D---- C:\Windows\SYSWOW64\migration
2010-12-15 08:35:58 ----D---- C:\Program Files\Internet Explorer
2010-12-15 08:35:55 ----D---- C:\Windows\system32\migration
2010-12-15 08:35:53 ----D---- C:\Program Files\Windows Mail
2010-12-15 08:35:53 ----D---- C:\Program Files (x86)\Windows Mail
2010-12-15 08:35:52 ----D---- C:\Windows\SYSWOW64\cs-CZ
2010-12-15 08:35:52 ----D---- C:\Windows\system32\cs-CZ
2010-12-14 22:34:28 ----D---- C:\ProgramData\Microsoft Help
2010-12-14 22:34:03 ----D---- C:\Windows\winsxs
2010-12-14 22:32:23 ----A---- C:\Windows\system32\mrt.exe
2010-12-14 22:31:39 ----D---- C:\Windows\system32\catroot
2010-12-14 20:43:37 ----D---- C:\Windows\system32\catroot2
2010-12-07 21:58:36 ----D---- C:\ProgramData\CanonIJPLM
2010-12-04 20:02:25 ----HD---- C:\ProgramData
2010-12-04 20:02:00 ----AD---- C:\Windows
2010-12-04 20:02:00 ----A---- C:\Windows\Ascd_tmp.ini
2010-12-01 19:44:23 ----D---- C:\Program Files (x86)\COMODO
2010-12-01 19:44:16 ----A---- C:\Windows\SYSWOW64\MSVCR71.dll
2010-12-01 19:44:16 ----A---- C:\Windows\SYSWOW64\MSVCP71.dll
2010-12-01 19:44:16 ----A---- C:\Windows\SYSWOW64\MFC71.dll
2010-12-01 19:43:49 ----D---- C:\Windows\system32\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2010-09-13 27216]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2010-09-07 30288]
R0 mv61xx;mv61xx; C:\Windows\system32\DRIVERS\mv61xx.sys [2008-05-19 173096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-07-08 871408]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2007-12-17 14392]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2010-07-12 57696]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2010-12-08 308304]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2010-09-07 41040]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2010-11-12 382032]
R1 cdrbsdrv;cdrbsdrv; C:\Windows\system32\drivers\cdrbsdrv.sys [2006-08-25 39208]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-01-01 34472]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2008-03-20 467456]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-02-20 110096]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-03-16 5203968]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2010-08-19 133712]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2010-08-19 35920]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 40648]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2009-06-17 55312]
R3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-31 15680]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-08-07 82816]
R3 WFSONORA;WinFast PxDVR3200 H; C:\Windows\system32\drivers\wfsonora.sys [2007-04-27 336512]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 108544]
R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x64.sys [2007-08-15 369152]
S3 aux2st0k;aux2st0k; C:\Windows\system32\drivers\aux2st0k.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 61280]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 275456]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2009-02-09 25088]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2009-02-09 18944]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2009-02-09 8192]
S3 usbser;Nokia USB Serial Port; C:\Windows\system32\drivers\usbser.sys [2009-04-11 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys [2009-02-09 8192]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 46592]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2007-10-19 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-03-16 211968]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG10\avgfws.exe [2010-11-22 3226632]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-11-23 6128208]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2010-10-22 265400]
R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\Windows\SysWOW64\bgsvcgen.exe [2007-06-15 145504]
R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2007-08-23 79136]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2010-10-25 517448]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 27648]
S3 fsssvc;Služba Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2009-07-20 160784]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]

-----------------EOF-----------------

[motji]

Dobrý večer

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

[tommmmm]

Zdravíčko.

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 5429

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999

31.12.2010 21:05:34
mbam-log-2010-12-31 (21-05-34).txt

Typ kontroly: Rychlý test
Testované objekty: 159562
Uplynulý čas: 5 minut, 20 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

[motji]

Odinstalujte toolbary, které nepoužíváte, hlavně Zynga toolbar a Asktoolbar

Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
-nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
-po analýze klikněte na Spustit Ccleaner

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.


Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT 

- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde

[tommmmm]

Log OTL je příliš veliký proto ho rozdělím

OTL logfile created on: 31.12.2010 22:15:52 - Run 1
OTL by OldTimer - Version 3.2.18.2 Folder = C:\Users\Tom\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 39,00% Memory free
8,00 Gb Paging File | 5,00 Gb Available in Paging File | 65,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298,09 Gb Total Space | 106,84 Gb Free Space | 35,84% Space Free | Partition Type: NTFS
Drive E: | 596,17 Gb Total Space | 442,09 Gb Free Space | 74,16% Space Free | Partition Type: NTFS

Computer Name: TOM-PC | User Name: Tom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010.12.31 22:14:18 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Tom\Desktop\OTL.exe
PRC - [2010.12.15 16:55:46 | 000,944,496 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera 10 Preview\opera.exe
PRC - [2010.11.23 13:34:16 | 000,724,048 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2010.11.23 13:34:14 | 006,128,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010.11.22 04:48:46 | 003,226,632 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgfws.exe
PRC - [2010.11.16 13:27:08 | 000,172,856 | ---- | M] (ICQ, LLC.) -- C:\Program Files (x86)\ICQ6.5\ICQ.exe
PRC - [2010.10.22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
PRC - [2010.10.22 04:57:54 | 002,745,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgtray.exe
PRC - [2010.10.22 04:56:48 | 000,745,824 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgam.exe
PRC - [2010.10.13 16:21:08 | 000,111,928 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
PRC - [2009.07.20 04:00:00 | 000,077,824 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
PRC - [2009.04.23 14:51:38 | 000,691,656 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
PRC - [2008.12.04 18:24:54 | 000,181,592 | ---- | M] (Panasonic Corporation) -- C:\Program Files (x86)\Panasonic\VideoCam Suite 2\VideoCamSuiteAutoStart.exe
PRC - [2008.05.14 17:42:56 | 005,958,656 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\SixEngine.exe
PRC - [2008.03.26 14:04:48 | 000,143,360 | ---- | M] (Sonic Focus, Inc.) -- C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe
PRC - [2008.03.16 23:40:44 | 001,302,528 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
PRC - [2008.01.22 18:35:52 | 000,103,808 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2007.07.30 08:35:36 | 000,090,112 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files (x86)\WinFast\WFDTV\DTVSchdl.exe
PRC - [2007.07.27 17:09:02 | 000,409,600 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files (x86)\WinFast\WFDTV\WFWIZ.exe
PRC - [2007.06.27 18:04:00 | 001,213,736 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007.06.27 18:03:40 | 000,152,872 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2007.06.15 11:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) -- C:\Windows\SysWOW64\bgsvcgen.exe
PRC - [2007.01.30 04:37:00 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\IOI\IOI\ButtonMonitor.exe
PRC - [2005.12.09 07:30:02 | 000,035,328 | ---- | M] () -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2004.12.13 03:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe


========== Modules (SafeList) ==========

MOD - [2010.12.31 22:14:18 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Tom\Desktop\OTL.exe
MOD - [2010.08.31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009.07.20 12:36:14 | 000,160,784 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009.03.16 21:27:20 | 000,211,968 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2008.01.21 03:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007.10.19 04:10:30 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AEADISRV.EXE -- (AEADIFilters)
SRV - [2010.11.23 13:34:14 | 006,128,208 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010.11.22 04:48:46 | 003,226,632 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\avgfws.exe -- (avgfws)
SRV - [2010.10.25 09:01:42 | 000,517,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010.10.22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.02 09:10:08 | 000,637,952 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.03.30 05:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.01.22 18:35:52 | 000,103,808 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2007.06.15 11:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) [Auto | Running] -- C:\Windows\SysWOW64\bgsvcgen.exe -- (bgsvcgen)
SRV - [2004.12.13 03:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipinip.sys -- (IpInIp)
DRV:64bit: - [2010.12.08 04:12:36 | 000,308,304 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2010.11.12 13:19:38 | 000,382,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2010.09.13 15:27:46 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV:64bit: - [2010.09.07 03:48:56 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2010.09.07 03:48:50 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2010.08.19 20:42:38 | 000,035,920 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\AVGIDSFilter.Sys -- (AVGIDSFilter)
DRV:64bit: - [2010.08.19 20:42:36 | 000,133,712 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\AVGIDSDriver.Sys -- (AVGIDSDriver)
DRV:64bit: - [2010.08.07 22:12:45 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2010.07.12 04:34:00 | 000,057,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2010.01.01 18:20:28 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2009.10.01 01:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009.08.05 23:24:16 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2009.07.08 20:55:23 | 000,871,408 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009.06.17 17:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009.04.11 06:39:37 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009.03.16 22:34:24 | 005,203,968 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.02.20 06:18:02 | 000,110,096 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.02.09 07:38:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:64bit: - [2009.02.09 07:38:34 | 000,018,944 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2009.02.09 07:38:34 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2009.02.09 07:38:32 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:64bit: - [2008.08.28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008.05.19 08:47:48 | 000,173,096 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\mv61xx.sys -- (mv61xx)
DRV:64bit: - [2008.03.20 01:44:34 | 000,467,456 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV:64bit: - [2007.08.15 09:22:00 | 000,369,152 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2007.04.27 09:45:16 | 000,336,512 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wfsonora.sys -- (WFSONORA)
DRV:64bit: - [2007.02.16 01:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV:64bit: - [2006.10.31 16:23:42 | 000,015,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2006.09.18 22:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)
DRV - [2007.02.16 01:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKLM\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyn0.dll (Conduit Ltd.)


IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-268072685-2948217442-678725953-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-268072685-2948217442-678725953-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-268072685-2948217442-678725953-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-268072685-2948217442-678725953-1000\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyn0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-268072685-2948217442-678725953-1000\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-21-268072685-2948217442-678725953-1000\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\S-1-5-21-268072685-2948217442-678725953-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-268072685-2948217442-678725953-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:4001

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "WebHledani"
FF - prefs.js..browser.search.defaulturl: "http://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "WebHledani"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.1.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
FF - prefs.js..extensions.enabledItems: avg@igeared:6.010.023.001
FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0
FF - prefs.js..keyword.URL: "http://www.webhledani.cz/results.aspx?i=42&tp=ab&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG10\Firefox\ [2010.12.17 17:10:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared [2010.12.01 20:43:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.12.15 19:33:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.12.15 19:33:25 | 000,000,000 | ---D | M]

[2009.07.08 20:03:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tom\AppData\Roaming\Mozilla\Extensions
[2010.12.31 21:59:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\3exgfxpo.default\extensions
[2010.04.28 15:04:53 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\3exgfxpo.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.11.26 19:56:38 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\3exgfxpo.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2010.09.18 07:52:05 | 000,000,000 | ---D | M] (Personas) -- C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\3exgfxpo.default\extensions\personas@christopher.beard
[2010.12.01 12:04:32 | 000,002,387 | ---- | M] () -- C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\3exgfxpo.default\searchplugins\askcom.xml
[2009.07.08 21:04:37 | 000,002,399 | ---- | M] () -- C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\3exgfxpo.default\searchplugins\daemon-search.xml
[2010.11.26 19:56:14 | 000,003,915 | ---- | M] () -- C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\3exgfxpo.default\searchplugins\sweetim.xml
[2010.10.28 17:52:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.06.10 04:59:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.22 08:33:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.10.28 17:52:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.12.17 17:10:52 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES (X86)\AVG\AVG10\FIREFOX
[2010.12.01 20:43:53 | 000,000,000 | ---D | M] ("urn:mozilla:install-manifest" em:id="avg@igeared" em:name="AVG Security Toolbar" em:version="6.010.023.001" em:displayname="AVG Security Toolbar" em:iconURL="chrome://tavgp/skin/logo.ico" em:creator="AVG Technologies" em:description="AVG Security Toolbar" em:homepageURL="http://www.avg.com" >) -- C:\PROGRAM FILES (X86)\AVG\AVG10\TOOLBAR\FIREFOX\AVG@IGEARED
[2010.12.15 21:02:09 | 000,000,000 | ---D | M] (PriceGong) -- C:\PROGRAM FILES (X86)\PRICEGONG\2.1.0\FF
[2010.09.15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.10.30 11:16:04 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.10.30 11:16:04 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.10.30 11:16:05 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.10.30 11:16:05 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.10.30 11:16:05 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2006.09.18 22:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.1.0\PriceGongIE.dll (PriceGong)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Zynga Toolbar) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyn0.dll (Conduit Ltd.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll ()
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Zynga Toolbar) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyn0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3:64bit: - HKU\S-1-5-21-268072685-2948217442-678725953-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKU\S-1-5-21-268072685-2948217442-678725953-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-268072685-2948217442-678725953-1000\..\Toolbar\WebBrowser: (Zynga Toolbar) - {7B13EC3E-999A-4B70-B9CB-2617B8323822} - C:\Program Files (x86)\Zynga\tbZyn0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-268072685-2948217442-678725953-1000\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKU\S-1-5-21-268072685-2948217442-678725953-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-268072685-2948217442-678725953-1000\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [UpdateUSB] C:\Windows\inf\UpdateUSB.exe (AsusTek Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ButtonMonitor] C:\Program Files (x86)\IOI\IOI\ButtonMonitor.exe ()
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundTray] C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe (Sonic Focus, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe ()
O4 - HKLM..\Run: [WinFast Schedule] C:\Program Files (x86)\WinFast\WFDTV\WFWIZ.exe (Leadtek Research Inc.)
O4 - HKLM..\Run: [WinFastDTV] C:\Program Files (x86)\WinFast\WFDTV\DTVSchdl.exe (Leadtek Research Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-268072685-2948217442-678725953-1000..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-268072685-2948217442-678725953-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-268072685-2948217442-678725953-1000..\Run: [ICQ] C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://icq.oberon-media.com/Gameshell/G ... meHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Tom\Desktop\Accord2_1024.jpg
O24 - Desktop BackupWallPaper: C:\Users\Tom\Desktop\Accord2_1024.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{337b9785-6bf8-11de-8786-00221548c12c}\Shell - "" = AutoRun
O33 - MountPoints2\{337b9785-6bf8-11de-8786-00221548c12c}\Shell\AutoRun\command - "" = K:\autorun.exe -- File not found
O33 - MountPoints2\{35e5d6d2-6bfa-11de-bfca-00221548c12c}\Shell - "" = AutoRun
O33 - MountPoints2\{35e5d6d2-6bfa-11de-bfca-00221548c12c}\Shell\AutoRun\command - "" = L:\ral.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync) - C:\Program Files (x86)\AVG\AVG10\avgchsva.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart) - C:\Program Files (x86)\AVG\AVG10\avgrsa.exe (AVG Technologies CZ, s.r.o.)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.ffds - C:\Program Files (x86)\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll ()

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2010.12.31 22:14:18 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Tom\Desktop\OTL.exe
[2010.12.31 22:05:41 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.12.31 20:58:59 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Tom\Desktop\mbam-setup-1.50.1.1100.exe
[2010.12.31 18:44:26 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.12.31 18:44:26 | 000,000,000 | ---D | C] -- C:\rsit
[2010.12.30 15:26:16 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Local\DOSBox
[2010.12.30 15:26:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DOSBox-0.74
[2010.12.30 15:24:50 | 001,448,809 | ---- | C] (DOSBox Team) -- C:\Users\Tom\Desktop\DOSBox0.74-win32-installer.exe
[2010.12.30 15:05:59 | 000,000,000 | ---D | C] -- C:\Users\Tom\Desktop\racrally
[2010.12.30 15:04:57 | 027,525,853 | ---- | C] (Classic Gaming Network ) -- C:\Users\Tom\Desktop\Network Q RAC Rally Championship [CGN].exe
[2010.12.30 14:11:21 | 000,000,000 | ---D | C] -- C:\racrally
[2010.12.29 11:15:23 | 000,000,000 | ---D | C] -- C:\rc
[2010.12.29 11:07:56 | 000,000,000 | ---D | C] -- C:\Users\Tom\Desktop\RallyChamp
[2010.12.24 13:54:11 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010.12.15 21:02:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PriceGong
[2010.12.14 20:44:57 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2010.12.14 20:44:57 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2010.12.14 20:44:57 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2010.12.14 20:44:57 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2010.12.14 20:44:57 | 000,048,128 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2010.12.14 20:44:57 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2010.12.14 20:44:53 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2010.12.14 20:44:43 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2010.12.14 20:44:42 | 000,710,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2010.12.14 20:44:42 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010.12.14 20:44:41 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2010.12.14 20:44:41 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2010.12.14 20:44:41 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2010.12.14 20:44:41 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010.12.14 20:44:41 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2010.12.14 20:44:41 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010.12.14 20:44:41 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2010.12.14 20:44:41 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2010.12.14 20:44:41 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2010.12.14 20:44:41 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2010.12.14 20:44:41 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010.12.14 20:44:41 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010.12.14 20:44:40 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2010.12.14 20:44:40 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2010.12.14 20:44:40 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010.12.14 20:44:40 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010.12.14 20:44:40 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2010.12.14 20:44:40 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2010.12.14 20:44:40 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2010.12.14 20:44:40 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2010.12.14 20:44:40 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2010.12.14 20:44:40 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2010.12.14 20:44:40 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2010.12.14 20:44:40 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2010.12.14 20:44:40 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2010.12.14 20:43:44 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll
[2010.12.14 20:43:44 | 000,500,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2010.12.14 20:43:44 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
[2010.12.14 20:43:44 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2010.12.14 20:43:44 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2010.12.14 20:43:44 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2010.12.08 04:12:36 | 000,308,304 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2010.12.05 11:08:28 | 000,000,000 | ---D | C] -- C:\Program Files\Zrychleni Pocitace
[2010.12.02 21:49:47 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Roaming\TweakNow RegCleaner
[2010.12.02 21:49:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TweakNow RegCleaner
[2010.08.07 22:12:45 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Tom\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2010.12.31 22:14:18 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Tom\Desktop\OTL.exe
[2010.12.31 22:05:43 | 000,000,770 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2010.12.31 21:29:17 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.12.31 21:29:17 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.12.31 20:59:41 | 000,000,948 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.12.31 20:59:07 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Tom\Desktop\mbam-setup-1.50.1.1100.exe
[2010.12.31 20:19:59 | 000,000,464 | ---- | M] () -- C:\Windows\tasks\COMODO System Cleaner Update.job
[2010.12.31 18:47:12 | 000,832,273 | ---- | M] () -- C:\Users\Tom\Desktop\RSITx64.exe
[2010.12.31 15:32:44 | 103,081,825 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2010.12.31 15:29:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.12.30 20:46:44 | 000,640,789 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavifw.avm
[2010.12.30 15:26:05 | 000,001,757 | ---- | M] () -- C:\Users\Public\Desktop\DOSBox 0.74.lnk
[2010.12.30 15:24:51 | 001,448,809 | ---- | M] (DOSBox Team) -- C:\Users\Tom\Desktop\DOSBox0.74-win32-installer.exe
[2010.12.30 15:05:38 | 027,525,853 | ---- | M] (Classic Gaming Network ) -- C:\Users\Tom\Desktop\Network Q RAC Rally Championship [CGN].exe
[2010.12.30 14:10:00 | 004,361,901 | ---- | M] () -- C:\Users\Tom\Desktop\racrally.zip
[2010.12.29 11:09:15 | 001,628,058 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.12.29 11:09:15 | 000,676,110 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010.12.29 11:09:15 | 000,666,742 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.12.29 11:09:15 | 000,153,720 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010.12.29 11:09:15 | 000,132,478 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.12.29 10:57:46 | 100,431,872 | ---- | M] () -- C:\Users\Tom\Desktop\RallyChamp.part3.rar
[2010.12.28 09:34:30 | 000,000,872 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2010.12.27 17:31:33 | 000,001,087 | ---- | M] () -- C:\Users\Tom\Desktop\shift – zástupce.lnk
[2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.12.20 18:08:40 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.12.17 21:30:36 | 000,000,803 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2010.12.15 08:37:04 | 000,375,808 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.12.11 12:43:45 | 068,862,464 | ---- | M] () -- C:\Users\Tom\Desktop\P1020070.MOV
[2010.12.08 04:12:36 | 000,308,304 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2010.12.04 20:02:00 | 000,034,752 | ---- | M] () -- C:\Windows\Ascd_tmp.ini
[2010.12.02 21:49:49 | 000,000,933 | ---- | M] () -- C:\Users\Public\Desktop\TweakNow RegCleaner.lnk

========== Files Created - No Company Name ==========

[2010.12.31 22:05:43 | 000,000,770 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2010.12.31 18:44:07 | 000,832,273 | ---- | C] () -- C:\Users\Tom\Desktop\RSITx64.exe
[2010.12.30 15:26:05 | 000,001,757 | ---- | C] () -- C:\Users\Public\Desktop\DOSBox 0.74.lnk
[2010.12.30 14:09:55 | 004,361,901 | ---- | C] () -- C:\Users\Tom\Desktop\racrally.zip
[2010.12.29 11:07:31 | 100,431,872 | ---- | C] () -- C:\Users\Tom\Desktop\RallyChamp.part3.rar
[2010.12.27 17:31:33 | 000,001,087 | ---- | C] () -- C:\Users\Tom\Desktop\shift – zástupce.lnk
[2010.12.11 12:43:45 | 068,862,464 | ---- | C] () -- C:\Users\Tom\Desktop\P1020070.MOV
[2010.12.02 21:49:48 | 000,000,933 | ---- | C] () -- C:\Users\Public\Desktop\TweakNow RegCleaner.lnk
[2010.08.07 22:15:13 | 000,001,189 | ---- | C] () -- C:\Users\Tom\AppData\Roaming\vso_ts_preview.xml
[2010.08.07 22:14:40 | 000,000,034 | ---- | C] () -- C:\Users\Tom\AppData\Roaming\pcouffin.log
[2010.08.07 22:12:45 | 000,099,384 | ---- | C] () -- C:\Users\Tom\AppData\Roaming\inst.exe
[2010.08.07 22:12:45 | 000,007,859 | ---- | C] () -- C:\Users\Tom\AppData\Roaming\pcouffin.cat
[2010.08.07 22:12:45 | 000,001,167 | ---- | C] () -- C:\Users\Tom\AppData\Roaming\pcouffin.inf
[2010.08.07 14:29:14 | 000,000,126 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.05.21 15:24:42 | 001,970,176 | ---- | C] () -- C:\Windows\SysWow64\d3dx9.dll
[2010.01.27 19:52:01 | 000,829,132 | ---- | C] () -- C:\Users\Tom\AppData\Local\dd_NET_Framework35_LangPack_MSI64F9.txt
[2010.01.27 19:51:53 | 000,033,023 | ---- | C] () -- C:\Users\Tom\AppData\Local\dd_depcheck_NETFX_EXP_35.txt
[2010.01.27 19:51:51 | 000,075,806 | ---- | C] () -- C:\Users\Tom\AppData\Local\dd_dotnetfx35install_lp.txt
[2010.01.27 19:51:51 | 000,001,602 | ---- | C] () -- C:\Users\Tom\AppData\Local\uxeventlog.txt
[2010.01.27 19:51:51 | 000,000,002 | ---- | C] () -- C:\Users\Tom\AppData\Local\dd_dotnetfx35error_lp.txt
[2010.01.27 19:34:29 | 000,230,290 | ---- | C] () -- C:\Users\Tom\AppData\Local\dd_ATL90SP1_KB973924MSI578E.txt
[2010.01.27 19:34:29 | 000,011,854 | ---- | C] () -- C:\Users\Tom\AppData\Local\dd_ATL90SP1_KB973924UI578E.txt
[2010.01.26 18:22:22 | 000,430,826 | ---- | C] () -- C:\Users\Tom\AppData\Local\dd_vcredistMSI5239.txt
[2010.01.26 18:22:22 | 000,011,372 | ---- | C] () -- C:\Users\Tom\AppData\Local\dd_vcredistUI5239.txt
[2009.11.06 09:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009.10.25 14:36:54 | 001,152,128 | ---- | C] () -- C:\ProgramData\HDForm.evl
[2009.10.20 19:22:25 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009.10.20 19:21:31 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.07.13 20:46:02 | 000,027,136 | ---- | C] () -- C:\Users\Tom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.07.10 14:46:42 | 000,000,091 | ---- | C] () -- C:\Users\Tom\AppData\Local\fusioncache.dat
[2009.07.09 14:37:26 | 001,622,060 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009.07.08 20:45:48 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\WFEXEC.DLL
[2009.07.08 19:48:05 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2009.07.08 19:48:05 | 000,014,392 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2009.07.08 19:48:02 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2009.07.08 19:48:02 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2009.07.08 19:19:29 | 000,035,127 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2009.07.08 19:18:50 | 000,034,752 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009.07.08 19:00:04 | 000,000,732 | ---- | C] () -- C:\Users\Tom\AppData\Local\d3d9caps64.dat
[2009.06.19 19:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2008.01.21 03:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2007.12.28 08:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS

========== LOP Check ==========

[2010.12.01 20:45:30 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\AVG10
[2009.08.30 20:02:45 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\BlackBean
[2009.10.11 09:42:17 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\CD-LabelPrint
[2009.07.08 21:05:49 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\DAEMON Tools Lite
[2010.05.05 15:14:11 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\GlarySoft
[2010.12.29 08:54:39 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\ICQ
[2010.05.14 15:44:24 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\JonDo
[2009.12.24 23:19:43 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Leadertech
[2010.01.07 17:05:24 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\myPhotoFrame
[2009.09.12 09:36:02 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Nokia
[2009.08.25 17:18:52 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Opera
[2009.10.25 14:20:05 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Panasonic
[2009.09.16 15:44:04 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\PC Suite
[2009.07.08 19:43:40 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\TMP
[2010.12.02 21:49:47 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\TweakNow RegCleaner
[2010.09.03 17:57:29 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Vso
[2010.12.30 23:01:07 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.04.11 08:10:53 | 001,555,968 | ---- | M] (Microsoft Corporation)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun -- [2009.04.23 14:51:38 | 000,691,656 | ---- | M] (DT Soft Ltd)
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" -- [2007.06.27 18:03:40 | 000,152,872 | ---- | M] (Nero AG)
"ehTray.exe" = C:\Windows\ehome\ehTray.exe -- [2008.01.21 03:51:33 | 000,138,240 | ---- | M] (Microsoft Corporation)
"msnmsgr" = ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background -- [2009.07.26 16:45:00 | 003,883,840 | ---- | M] (Microsoft Corporation)
"ICQ" = ~"C:\Program Files (x86)\ICQ6.5\ICQ.exe" silent -- [2010.11.16 13:27:08 | 000,172,856 | ---- | M] (ICQ, LLC.)

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

[tommmmm]

< %APPDATA%\*. >
[2009.07.15 18:42:36 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Adobe
[2010.09.03 18:45:53 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Ahead
[2009.07.08 19:14:01 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\ATI
[2010.12.01 20:45:30 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\AVG10
[2009.08.30 20:02:45 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\BlackBean
[2009.10.11 09:42:17 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\CD-LabelPrint
[2010.11.29 20:23:12 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\ComodoGroup
[2009.07.08 21:05:49 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\DAEMON Tools Lite
[2010.05.05 15:14:11 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\GlarySoft
[2010.12.29 08:54:39 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\ICQ
[2009.07.08 19:00:12 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Identities
[2009.11.19 11:31:33 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\InstallShield
[2010.05.14 15:44:24 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\JonDo
[2009.12.24 23:19:43 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Leadertech
[2009.12.24 23:19:48 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Logitech
[2009.07.08 19:45:21 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Macromedia
[2010.11.29 20:41:38 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Malwarebytes
[2006.11.02 16:07:25 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Media Center Programs
[2010.12.31 22:11:31 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Media Player Classic
[2010.05.17 15:24:36 | 000,000,000 | --SD | M] -- C:\Users\Tom\AppData\Roaming\Microsoft
[2010.05.14 15:32:52 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Mozilla
[2010.01.07 17:05:24 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\myPhotoFrame
[2009.09.12 09:36:02 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Nokia
[2009.08.25 17:18:52 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Opera
[2009.10.25 14:20:05 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Panasonic
[2009.09.16 15:44:04 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\PC Suite
[2009.07.08 19:43:40 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\TMP
[2010.12.02 21:49:47 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\TweakNow RegCleaner
[2010.09.03 17:57:29 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Vso
[2009.07.11 10:07:52 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2010.08.07 22:12:45 | 000,099,384 | ---- | M] () -- C:\Users\Tom\AppData\Roaming\inst.exe
[2009.07.09 14:38:45 | 000,001,078 | R--- | M] () -- C:\Users\Tom\AppData\Roaming\Microsoft\Installer\{17068829-10EE-4581-BDC8-C53C483694A3}\ARPPRODUCTICON.exe
[2009.07.09 14:38:45 | 000,001,078 | R--- | M] () -- C:\Users\Tom\AppData\Roaming\Microsoft\Installer\{17068829-10EE-4581-BDC8-C53C483694A3}\ButtonMonitor.exe1_1706882910EE4581BDC8C53C483694A3.exe
[2009.07.09 14:38:45 | 000,001,078 | R--- | M] () -- C:\Users\Tom\AppData\Roaming\Microsoft\Installer\{17068829-10EE-4581-BDC8-C53C483694A3}\ButtonMonitor.exe_1706882910EE4581BDC8C53C483694A3.exe
[2009.07.08 19:08:03 | 000,010,134 | R--- | M] () -- C:\Users\Tom\AppData\Roaming\Microsoft\Installer\{8356F0AB-7382-88C9-FF97-1687DB17703A}\ARPPRODUCTICON.exe


< MD5 for: AGP440.SYS >
[2006.11.02 13:03:16 | 000,062,056 | ---- | M] (Microsoft Corporation) MD5=5CCDD13BC602AE33CD8B62D33C29AB72 -- C:\Windows.old.000\Windows\System32\DriverStore\FileRepository\machine.inf_c41411ff\AGP440.sys
[2008.01.21 03:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows.old.000\Windows\System32\drivers\AGP440.sys
[2008.01.21 03:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows.old.000\Windows\System32\DriverStore\FileRepository\machine.inf_986ce78a\AGP440.sys
[2008.01.21 03:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows.old.000\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys
[2008.01.21 03:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys
[2008.01.21 03:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.01.21 03:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows.old.000\Windows\System32\drivers\atapi.sys
[2008.01.21 03:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows.old.000\Windows\System32\DriverStore\FileRepository\mshdc.inf_1d87dda2\atapi.sys
[2008.01.21 03:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows.old.000\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2008.01.21 03:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2006.11.02 13:01:02 | 000,020,072 | ---- | M] (Microsoft Corporation) MD5=DF96CF8885724430024B7522E5C95722 -- C:\Windows.old.000\Windows\System32\DriverStore\FileRepository\mshdc.inf_f8cccc79\atapi.sys
[2009.04.11 08:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys

< MD5 for: CDROM.SYS >
[2008.01.21 03:46:54 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=3B2FB35363423ED60C8FBF15FC8680BD -- C:\Windows.old.000\Windows\System32\drivers\cdrom.sys
[2008.01.21 03:46:54 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=3B2FB35363423ED60C8FBF15FC8680BD -- C:\Windows.old.000\Windows\System32\DriverStore\FileRepository\cdrom.inf_b2045cb8\cdrom.sys
[2008.01.21 03:46:54 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=3B2FB35363423ED60C8FBF15FC8680BD -- C:\Windows.old.000\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_bbc7f7665c24db80\cdrom.sys
[2008.01.21 03:46:54 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=3B2FB35363423ED60C8FBF15FC8680BD -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_bbc7f7665c24db80\cdrom.sys
[2006.11.02 10:38:24 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=3B70B898241C890D91ECF1C8F254680A -- C:\Windows.old.000\Windows\System32\DriverStore\FileRepository\cdrom.inf_1691dd07\cdrom.sys
[2009.04.11 06:34:39 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C025AA69BE3D0D25C7A2E746EF6F94FC -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_bdb370725946a6cc\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2006.11.02 12:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows.old.000\Windows\System32\cngaudit.dll
[2006.11.02 12:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[2006.11.02 12:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows.old.000\Windows\SysWOW64\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows.old.000\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009.04.11 08:11:14 | 000,166,912 | ---- | M] (Microsoft Corporation) MD5=18918613E63F387CDE4D95CA7D49DCF7 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_d409adf4504e8a6b\cryptsvc.dll
[2008.01.21 03:49:08 | 000,165,376 | ---- | M] (Microsoft Corporation) MD5=4374F784121D8B3BB466B03F5E5EBD33 -- C:\Windows.old.000\Windows\System32\cryptsvc.dll
[2008.01.21 03:49:08 | 000,165,376 | ---- | M] (Microsoft Corporation) MD5=4374F784121D8B3BB466B03F5E5EBD33 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_d21e34e8532cbf1f\cryptsvc.dll
[2008.01.21 03:49:08 | 000,165,376 | ---- | M] (Microsoft Corporation) MD5=4374F784121D8B3BB466B03F5E5EBD33 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_d21e34e8532cbf1f\cryptsvc.dll
[2008.01.21 03:49:56 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows.old.000\Windows\SysWOW64\cryptsvc.dll
[2008.01.21 03:49:56 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows.old.000\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2008.01.21 03:49:56 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2009.04.11 07:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.04.11 07:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.04.11 07:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.12.01 17:44:46 | 000,032,768 | ---- | M] (Panasonic Corporation) MD5=8CBD782203A074BA4E087A096895A83A -- C:\Program Files (x86)\Panasonic\VideoCam Suite 2\EventLog.dll

< MD5 for: EXPLORER.EXE >
[2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_b5f700fe698beb14\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_b7eb106e66a7ac19\explorer.exe
[2008.10.29 07:15:50 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=50514057C28A74BAC2BD04B7B990D615 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe
[2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_b8583e9d7fda0512\explorer.exe
[2009.04.11 08:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\explorer.exe
[2009.04.11 08:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe
[2008.10.28 03:30:12 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=72B9990E45C25AA3C75C4FB50A9D6CE0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe
[2008.10.29 07:49:22 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=BBD8E74F23D7605CB0CDB57A1B25D826 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SysWOW64\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SysWOW64\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_ba1365f4639c6d3c\explorer.exe
[2008.10.30 06:30:07 | 003,081,216 | ---- | M] (Microsoft Corporation) MD5=E404A65EF890140410E9F3D405841C95 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe
[2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_b6a7112f828bcc3c\explorer.exe
[2008.01.21 03:48:44 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=F6D765FB6B457542D954682F50C26E4F -- C:\Windows.old.000\Windows\explorer.exe
[2008.01.21 03:48:44 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=F6D765FB6B457542D954682F50C26E4F -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe
[2008.01.21 03:48:44 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=F6D765FB6B457542D954682F50C26E4F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe
[2008.01.21 03:49:23 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows.old.000\Windows\SysWOW64\explorer.exe
[2008.01.21 03:49:23 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows.old.000\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_b827ece8667aa1f0\explorer.exe
[2008.01.21 03:49:23 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_b827ece8667aa1f0\explorer.exe

< MD5 for: HAL.DLL >
[2006.11.02 12:51:43 | 000,269,928 | ---- | M] (Microsoft Corporation) MD5=05FE7852F58677F7351202E305F97603 -- C:\Windows.old.000\Windows\System32\DriverStore\FileRepository\hal.inf_8bcee68b\hal.dll
[2009.04.11 08:15:31 | 000,233,448 | ---- | M] (Microsoft Corporation) MD5=822EA80D8E91D1BD5F31954348842AAA -- C:\Windows\winsxs\amd64_hal.inf_31bf3856ad364e35_6.0.6002.18005_none_612624babd6ea012\hal.dll
[2008.01.21 03:46:51 | 000,233,528 | ---- | M] (Microsoft Corporation) MD5=D63C785A6EF1A3DE684781698A0CC9AF -- C:\Windows.old.000\Windows\System32\DriverStore\FileRepository\hal.inf_bafb150f\hal.dll
[2008.01.21 03:46:51 | 000,233,528 | ---- | M] (Microsoft Corporation) MD5=D63C785A6EF1A3DE684781698A0CC9AF -- C:\Windows.old.000\Windows\System32\hal.dll
[2008.01.21 03:46:51 | 000,233,528 | ---- | M] (Microsoft Corporation) MD5=D63C785A6EF1A3DE684781698A0CC9AF -- C:\Windows.old.000\Windows\winsxs\amd64_hal.inf_31bf3856ad364e35_6.0.6001.18000_none_5f3aabaec04cd4c6\hal.dll
[2008.01.21 03:46:51 | 000,233,528 | ---- | M] (Microsoft Corporation) MD5=D63C785A6EF1A3DE684781698A0CC9AF -- C:\Windows\winsxs\amd64_hal.inf_31bf3856ad364e35_6.0.6001.18000_none_5f3aabaec04cd4c6\hal.dll

< MD5 for: IASTORV.SYS >
[2008.01.21 03:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows.old.000\Windows\System32\drivers\iaStorV.sys
[2008.01.21 03:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows.old.000\Windows\System32\DriverStore\FileRepository\iastorv.inf_fbe95c71\iaStorV.sys
[2008.01.21 03:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows.old.000\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys
[2008.01.21 03:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys
[2006.11.02 12:51:48 | 000,280,680 | ---- | M] (Intel Corporation) MD5=72C3EE7EA3CD75A772E62AE0E5DF8B8C -- C:\Windows.old.000\Windows\System32\DriverStore\FileRepository\iastorv.inf_69d79584\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2008.01.21 03:46:51 | 000,023,608 | ---- | M] (Microsoft Corporation) MD5=0672BFCEDC6FC468A2B0500D81437F4F -- C:\Windows.old.000\Windows\System32\drivers\isapnp.sys
[2008.01.21 03:46:51 | 000,023,608 | ---- | M] (Microsoft Corporation) MD5=0672BFCEDC6FC468A2B0500D81437F4F -- C:\Windows.old.000\Windows\System32\DriverStore\FileRepository\machine.inf_986ce78a\isapnp.sys
[2008.01.21 03:46:51 | 000,023,608 | ---- | M] (Microsoft Corporation) MD5=0672BFCEDC6FC468A2B0500D81437F4F -- C:\Windows.old.000\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\isapnp.sys
[2008.01.21 03:46:51 | 000,023,608 | ---- | M] (Microsoft Corporation) MD5=0672BFCEDC6FC468A2B0500D81437F4F -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\isapnp.sys
[2008.01.21 03:46:51 | 000,023,608 | ---- | M] (Microsoft Corporation) MD5=0672BFCEDC6FC468A2B0500D81437F4F -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\isapnp.sys
[2006.11.02 13:01:10 | 000,021,096 | ---- | M] (Microsoft Corporation) MD5=D3BB520B31F28C1A065CD058E762EE73 -- C:\Windows.old.000\Windows\System32\DriverStore\FileRepository\machine.inf_c41411ff\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.06.15 14:21:28 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=02474FBCB00AA5C622E92F620DB9A041 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_02bcb9272e6ecc60\lsass.exe
[2009.09.10 16:22:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=1104B18819392FEA12FB5F9E170E66B3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_00fbc3d9312b9991\lsass.exe
[2009.02.13 09:52:40 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1979F94B28107233315DD6220F2304DD -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_02ad19252e799f25\lsass.exe
[2008.01.21 03:48:17 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1B461E9F6DB0EF829B4369F47A24BBEC -- C:\Windows.old.000\Windows\System32\lsass.exe
[2008.01.21 03:48:17 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1B461E9F6DB0EF829B4369F47A24BBEC -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_026926461528a96c\lsass.exe
[2008.01.21 03:48:17 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1B461E9F6DB0EF829B4369F47A24BBEC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_026926461528a96c\lsass.exe
[2008.01.21 03:48:17 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1B461E9F6DB0EF829B4369F47A24BBEC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_02635b98152c3e5e\lsass.exe
[2008.01.21 03:48:17 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1B461E9F6DB0EF829B4369F47A24BBEC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_04549f52124a74b8\lsass.exe
[2009.06.15 14:34:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=1E766E4C5BF9E230AD37A56BF7DB6C94 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_00d282d7314a3edc\lsass.exe
[2009.06.15 14:32:30 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=306E4503E083A498AE797FF59FA72839 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_00373bf8183ad660\lsass.exe
[2009.06.15 14:15:02 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=40348DCEC0712ED42231C5F90A69A690 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_041a8e8e12769b11\lsass.exe
[2009.09.09 12:32:36 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=41FB90DF49F203672F459122EF1F13B1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_02effd0d2e47247b\lsass.exe
[2009.02.13 06:14:46 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=563B71CEF1D46A24C5980FA2988DB67F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_0101906d312801c6\lsass.exe
[2009.06.15 14:26:45 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=80F4593E92FF960E4763380D3168E498 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_021f7b32155f99ff\lsass.exe
[2009.09.10 15:57:16 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=BBBCE2DACDCCD5EA60A50D0023AE2DE9 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_04c69d972b7a16dd\lsass.exe
[2009.02.13 08:46:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=E231BDBD7D69857EEFFDEB3A48A53824 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_006d4b9418124aab\lsass.exe
[2009.06.15 14:12:52 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=EBDAEE60E442BEA413E5D7CEDFB09463 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_04a52ba32b935432\lsass.exe

< MD5 for: NDIS.SYS >
[2008.01.21 03:50:38 | 000,739,384 | ---- | M] (Microsoft Corporation) MD5=2A2EE457AF36C5C9A6808C768BD3A12B -- C:\Windows.old.000\Windows\System32\drivers\ndis.sys
[2008.01.21 03:50:38 | 000,739,384 | ---- | M] (Microsoft Corporation) MD5=2A2EE457AF36C5C9A6808C768BD3A12B -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_03e5c74ad46c7e4e\ndis.sys
[2008.01.21 03:50:38 | 000,739,384 | ---- | M] (Microsoft Corporation) MD5=2A2EE457AF36C5C9A6808C768BD3A12B -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_03e5c74ad46c7e4e\ndis.sys
[2009.04.11 08:15:34 | 000,738,264 | ---- | M] (Microsoft Corporation) MD5=65950E07329FCEE8E6516B17C8D0ABB6 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_05d14056d18e499a\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.01.21 03:51:03 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows.old.000\Windows\System32\netlogon.dll
[2008.01.21 03:51:03 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll
[2008.01.21 03:51:03 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll
[2009.04.11 08:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll
[2008.01.21 03:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows.old.000\Windows\SysWOW64\netlogon.dll
[2008.01.21 03:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows.old.000\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll
[2008.01.21 03:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll

< MD5 for: NVRAID.SYS >
[2008.01.21 03:46:54 | 000,128,056 | ---- | M] (NVIDIA Corporation) MD5=2C040B7ADA5B06F6FACADAC8514AA034 -- C:\Windows.old.000\Windows\System32\drivers\nvraid.sys
[2008.01.21 03:46:54 | 000,128,056 | ---- | M] (NVIDIA Corporation) MD5=2C040B7ADA5B06F6FACADAC8514AA034 -- C:\Windows.old.000\Windows\System32\DriverStore\FileRepository\nvraid.inf_63cdbcfd\nvraid.sys
[2008.01.21 03:46:54 | 000,128,056 | ---- | M] (NVIDIA Corporation) MD5=2C040B7ADA5B06F6FACADAC8514AA034 -- C:\Windows.old.000\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvraid.sys
[2008.01.21 03:46:54 | 000,128,056 | ---- | M] (NVIDIA Corporation) MD5=2C040B7ADA5B06F6FACADAC8514AA034 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvraid.sys
[2006.11.02 12:50:24 | 000,112,744 | ---- | M] (NVIDIA Corporation) MD5=840EEB44DC49317A6161961F7682CD99 -- C:\Windows.old.000\Windows\System32\DriverStore\FileRepository\nvraid.inf_a5403adf\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2006.11.02 13:02:51 | 000,048,232 | ---- | M] (NVIDIA Corporation) MD5=94C5334040A5D500897F4C5FD12AEEDE -- C:\Windows.old.000\Windows\System32\DriverStore\FileRepository\nvraid.inf_a5403adf\nvstor.sys
[2008.01.21 03:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows.old.000\Windows\System32\drivers\nvstor.sys
[2008.01.21 03:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows.old.000\Windows\System32\DriverStore\FileRepository\nvraid.inf_63cdbcfd\nvstor.sys
[2008.01.21 03:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows.old.000\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys
[2008.01.21 03:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008.01.21 03:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows.old.000\Windows\SysWOW64\scecli.dll
[2008.01.21 03:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows.old.000\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll
[2008.01.21 03:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll
[2008.01.21 03:49:49 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows.old.000\Windows\System32\scecli.dll
[2008.01.21 03:49:49 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll
[2008.01.21 03:49:49 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll
[2009.04.11 08:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll

< MD5 for: SMSS.EXE >
[2008.01.21 03:50:36 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=9FC8E8C0F344EAE043740B72794DA3CC -- C:\Windows.old.000\Windows\System32\smss.exe
[2008.01.21 03:50:36 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=9FC8E8C0F344EAE043740B72794DA3CC -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_08594380d18f10f0\smss.exe
[2008.01.21 03:50:36 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=9FC8E8C0F344EAE043740B72794DA3CC -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_08594380d18f10f0\smss.exe
[2009.04.11 08:10:54 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=C17704EA5B0F83D78F1377075FFE1C89 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_0a44bc8cceb0dc3c\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.01.21 03:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows.old.000\Windows\SysWOW64\svchost.exe
[2008.01.21 03:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows.old.000\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2008.01.21 03:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\SysWOW64\svchost.exe
[2008.01.21 03:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\SysWOW64\svchost.exe
[2008.01.21 03:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2008.01.21 03:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows.old.000\Windows\System32\svchost.exe
[2008.01.21 03:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_11d9f524bdab2f1b\svchost.exe
[2008.01.21 03:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_11d9f524bdab2f1b\svchost.exe

< MD5 for: TCPIP.SYS >
[2010.06.16 18:14:29 | 001,424,264 | ---- | M] (Microsoft Corporation) MD5=0011810B5211FDACD784DE585262ECFE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_119c298735134c99\tcpip.sys
[2009.12.08 19:22:57 | 001,199,616 | ---- | M] (Microsoft Corporation) MD5=2F822AF5E70467F827F5B4010A7FD57F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_bb7549d64ac6920e\tcpip.sys
[2010.02.18 16:01:57 | 001,420,688 | ---- | M] (Microsoft Corporation) MD5=30C4ABC8075DEA44D7E775D434AF1753 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_0f2e179c1ecd900b\tcpip.sys
[2009.08.14 15:44:27 | 001,200,640 | ---- | M] (Microsoft Corporation) MD5=34B30202AECCB530FDDC6C6CCFA2FB46 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_bbc5fabc4a894d2a\tcpip.sys
[2010.02.18 13:25:21 | 001,200,640 | ---- | M] (Microsoft Corporation) MD5=396CF3FD8D2A4FDF55570C01894DB9DF -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_bba931004aa006ed\tcpip.sys
[2009.08.14 19:05:16 | 001,418,840 | ---- | M] (Microsoft Corporation) MD5=3BCD46BE9988B09D3510A0EF54F0D65B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_0f32e3e61ecadee9\tcpip.sys
[2010.02.18 16:04:06 | 001,414,032 | ---- | M] (Microsoft Corporation) MD5=4680D08A2E8A2509CD9B751D7AF59606 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys
[2010.02.18 15:22:15 | 001,423,752 | ---- | M] (Microsoft Corporation) MD5=4AD4600DF1F09EE7462152C061B683C8 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_118286a1352721f8\tcpip.sys
[2009.08.14 17:42:31 | 001,413,208 | ---- | M] (Microsoft Corporation) MD5=74B776CA1B328095FE23A3306B1613A3 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_0f6c030d3823f645\tcpip.sys
[2008.01.21 03:51:16 | 001,421,368 | ---- | M] (Microsoft Corporation) MD5=7A1183FBB802F5ABAD7FA18BC67E0858 -- C:\Windows.old.000\Windows\System32\drivers\tcpip.sys
[2008.01.21 03:51:16 | 001,421,368 | ---- | M] (Microsoft Corporation) MD5=7A1183FBB802F5ABAD7FA18BC67E0858 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_0f3cadd61ec3b22c\tcpip.sys
[2008.01.21 03:51:16 | 001,421,368 | ---- | M] (Microsoft Corporation) MD5=7A1183FBB802F5ABAD7FA18BC67E0858 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_0f3cadd61ec3b22c\tcpip.sys
[2010.02.18 13:27:40 | 001,198,080 | ---- | M] (Microsoft Corporation) MD5=7B0B928E318CADC23C87226BE0A1097D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_bc37d12363b92291\tcpip.sys
[2010.06.16 17:40:37 | 001,420,176 | ---- | M] (Microsoft Corporation) MD5=7D86275FB640011B372FD566C0EAFA8D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_0ede67001f09ee46\tcpip.sys
[2009.12.08 21:59:37 | 001,418,840 | ---- | M] (Microsoft Corporation) MD5=8C94F5E4F9DE14A495BAA86F643CF31D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_0ef8061a1ef61e99\tcpip.sys
[2008.04.26 09:55:25 | 001,421,368 | ---- | M] (Microsoft Corporation) MD5=8E041924441FF8755E5B4F135C8C3767 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_0efecf2c1ef1a5d7\tcpip.sys
[2010.06.16 18:11:35 | 001,426,816 | ---- | M] (Microsoft Corporation) MD5=973658A2EA9C06B2976884B9046DFC6C -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_10d97a5c1c20ef58\tcpip.sys
[2009.04.11 08:15:48 | 001,426,408 | ---- | M] (Microsoft Corporation) MD5=99D07AD0EF2C535610F6573C29BC045E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_112826e21be57d78\tcpip.sys
[2009.08.14 17:39:38 | 001,425,992 | ---- | M] (Microsoft Corporation) MD5=A7BFF59C2F610F62E6C292074FF36A1E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_10c2d66e1c321395\tcpip.sys
[2010.02.18 15:28:06 | 001,427,336 | ---- | M] (Microsoft Corporation) MD5=B4B7B375FDD672AF79B0CBE9B9A48B47 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_112c2bd61be1dd22\tcpip.sys
[2009.12.08 19:21:46 | 001,196,032 | ---- | M] (Microsoft Corporation) MD5=BB6FB43B431CCAD6FC367648C87205C0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_bc00bf5763e297c8\tcpip.sys
[2009.12.08 22:13:33 | 001,411,656 | ---- | M] (Microsoft Corporation) MD5=D1A6D398865E0686533E13DD2558D64B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_0f81a4cb3813bb8a\tcpip.sys
[2010.06.17 00:28:33 | 001,414,544 | ---- | M] (Microsoft Corporation) MD5=D43D5336BE9DD93E02EE124297295713 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys
[2009.08.14 17:32:21 | 001,424,952 | ---- | M] (Microsoft Corporation) MD5=D45D67A18C9FD4CC637BC9D4585C0646 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_11acc42135079bb6\tcpip.sys
[2009.08.15 23:55:23 | 001,196,032 | ---- | M] (Microsoft Corporation) MD5=D4E30E6BADFF21865C3A075457CF9C00 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_bc4f6fa963a72036\tcpip.sys
[2009.12.08 21:22:19 | 001,425,480 | ---- | M] (Microsoft Corporation) MD5=E52F99B1160A1A1DE83223379D2C1828 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_10e247ce1c1aa392\tcpip.sys
[2009.12.08 21:04:59 | 001,423,944 | ---- | M] (Microsoft Corporation) MD5=EE84432AD7DCADE2931528C319C55097 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_1159459f3545c743\tcpip.sys
[2008.04.26 09:47:15 | 001,421,368 | ---- | M] (Microsoft Corporation) MD5=F10A60005FB50698E33A1940C6EBB010 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_0f8c6d1f380baafd\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.01.21 03:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows.old.000\Windows\SysWOW64\userinit.exe
[2008.01.21 03:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows.old.000\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2008.01.21 03:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe
[2008.01.21 03:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe
[2008.01.21 03:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2008.01.21 03:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows.old.000\Windows\System32\userinit.exe
[2008.01.21 03:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe
[2008.01.21 03:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.04.11 08:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[2008.01.21 03:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows.old.000\Windows\System32\winlogon.exe
[2008.01.21 03:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[2008.01.21 03:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 03:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows.old.000\Windows\SysWOW64\winlogon.exe
[2008.01.21 03:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows.old.000\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
[2008.01.21 03:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.01.21 03:49:45 | 000,265,216 | ---- | M] (Microsoft Corporation) MD5=63944ECFE4878C1C4889689324CABFAB -- C:\Windows.old.000\Windows\System32\ws2_32.dll
[2008.01.21 03:49:45 | 000,265,216 | ---- | M] (Microsoft Corporation) MD5=63944ECFE4878C1C4889689324CABFAB -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_4ed64c4686b376fa\ws2_32.dll
[2008.01.21 03:49:45 | 000,265,216 | ---- | M] (Microsoft Corporation) MD5=63944ECFE4878C1C4889689324CABFAB -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_4ed64c4686b376fa\ws2_32.dll
[2008.01.21 03:50:35 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows.old.000\Windows\SysWOW64\ws2_32.dll
[2008.01.21 03:50:35 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows.old.000\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
[2008.01.21 03:50:35 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\SysWOW64\ws2_32.dll
[2008.01.21 03:50:35 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\SysWOW64\ws2_32.dll
[2008.01.21 03:50:35 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
[2008.01.21 03:50:35 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6002.18005_none_f4a329cecb77d110\ws2_32.dll
[2009.04.11 08:11:31 | 000,264,704 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6002.18005_none_50c1c55283d54246\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

========== Alternate Data Streams ==========

@Alternate Data Stream - 24 bytes -> C:\Windows:A2F62C1FF3011FA7
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:CB0AACC9

< End of report >

[tommmmm]

Log EXTRAS

OTL Extras logfile created on: 31.12.2010 22:15:52 - Run 1
OTL by OldTimer - Version 3.2.18.2 Folder = C:\Users\Tom\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 39,00% Memory free
8,00 Gb Paging File | 5,00 Gb Available in Paging File | 65,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298,09 Gb Total Space | 106,84 Gb Free Space | 35,84% Space Free | Partition Type: NTFS
Drive E: | 596,17 Gb Total Space | 442,09 Gb Free Space | 74,16% Space Free | Partition Type: NTFS

Computer Name: TOM-PC | User Name: Tom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-268072685-2948217442-678725953-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 50 83 C9 E0 67 52 CA 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-268072685-2948217442-678725953-1000]
"EnableNotificationsRef" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{6EC3E9E8-5DE9-4A62-B431-B34053E28304}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8D77FB95-1234-43CF-9D0A-F12DB9A34DBA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02C1053A-CA4B-403C-9D21-C7521692B646}" = protocol=6 | dir=in | app=c:\users\tom\appdata\local\microsoft\windows\temporary internet files\content.ie5\65utwol7\sweetimsetup[1].exe |
"{155C8E70-3989-4230-916C-FC8301CEF043}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
"{39CD7D08-E5DC-486B-ACC4-D93F3654B0AE}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{46E3FF9B-054F-43FB-9B3D-D733E49FB685}" = protocol=6 | dir=in | app=c:\users\tom\appdata\local\microsoft\windows\temporary internet files\content.ie5\kelmajel\sweetimsetup[1].exe |
"{4D4C7A26-79E9-4120-A10D-B84701DBE101}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgam.exe |
"{5F53CBA9-8FEF-4864-BB2F-B1D81C4C5836}" = protocol=17 | dir=in | app=c:\users\tom\appdata\local\microsoft\windows\temporary internet files\content.ie5\kelmajel\sweetimsetup[1].exe |
"{63401AAE-5AA1-440C-A77F-319A275998DD}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |
"{6D02E63F-E02F-489A-BE4C-D44737C08823}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"{7663AAFA-36B1-4064-884D-7D597BF4D72F}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |
"{7688139B-0526-4683-B467-2E6623F5EEB1}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgam.exe |
"{7A4F08FD-A9AA-4583-825D-7FB3F50A5E79}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{83130B7F-3FD4-48C1-B98A-4704D42F3C70}" = protocol=6 | dir=in | app=c:\program files (x86)\opera 10 preview\opera.exe |
"{A0C8B504-E705-40D2-9370-BAD506C6B15B}" = protocol=6 | dir=in | app=c:\programdata\sweetim\messenger\update\sweetimsetup.exe |
"{B219CEC2-CD97-417F-B6CA-BC5DAECF2137}" = protocol=17 | dir=in | app=c:\program files (x86)\opera 10 preview\opera.exe |
"{B8A533AA-76C4-4A16-8316-48122D80AAC7}" = protocol=17 | dir=in | app=c:\users\tom\appdata\local\microsoft\windows\temporary internet files\content.ie5\65utwol7\sweetimsetup[1].exe |
"{DAD44441-1564-4565-BD7E-73038C3B110B}" = protocol=17 | dir=in | app=c:\programdata\sweetim\messenger\update\sweetimsetup.exe |
"{DD6A267D-7C99-43DC-9503-15E20624399E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
"{E472D009-A659-4F42-8CC2-9D2EF4F78E8D}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{EF7A772E-E725-4BC9-8798-4B12C48C0B0E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"{F194EF6C-E8B2-4C9C-9CC9-AB3AD44E70F8}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"TCP Query User{0A946146-1F9E-4782-AB27-543B302BD43B}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"TCP Query User{32B77B30-804F-41B6-874D-E8F7A13025D4}C:\program files (x86)\codemasters\dirt 2\dirt2_game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\dirt 2\dirt2_game.exe |
"TCP Query User{57B3B0CD-8B7C-46CD-BB8F-591178C9DDDB}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{9DB2DE13-A65C-4CDA-9B3A-8A525D3BD79A}C:\program files (x86)\activision\call of duty - world at war\codwaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |
"TCP Query User{C69E182D-BFD3-4726-AEDD-71E3E15A7908}C:\program files (x86)\activision\call of duty - world at war\codwaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |
"UDP Query User{1CC6B5EA-E10A-4DE9-96A6-78DAD8F85107}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{22282700-7AA7-4582-BE46-7FDED153AC3F}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"UDP Query User{3B70A102-1F8F-4DE5-A9AA-2B3A54708168}C:\program files (x86)\codemasters\dirt 2\dirt2_game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\dirt 2\dirt2_game.exe |
"UDP Query User{6914FC65-26F8-47B1-AB79-D8BFBF032ED9}C:\program files (x86)\activision\call of duty - world at war\codwaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |
"UDP Query User{7361D14D-3764-44EE-9C50-21A5422E4F9E}C:\program files (x86)\activision\call of duty - world at war\codwaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4600_series" = Canon iP4600 series Printer Driver
"{544974E3-D015-401C-900C-E5D137BC930E}" = AVG 2011
"{5DDF6B75-2369-4D52-9867-10EFD8878185}" = AVG 2011
"{66B4A073-2DDA-591F-A875-C311B4076F05}" = ccc-utility64
"{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Pomocník pro přihlášení ke službě Windows Live ID
"{9C81B8DC-A1C2-56E3-A22B-FC00C0DE1454}" = ATI Catalyst Install Manager
"{A6A6319B-4AD7-4699-BB7E-2E0515E5B04E}" = Windows Live Zabezpečení rodiny
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Balíček ovladače systému Windows - Nokia Modem (02/15/2007 3.1)
"AVG" = AVG 2011
"B726756F5B5A5AA9D798B399386FC6205A45F19E" = Balíček ovladače systému Windows - Nokia Modem (02/15/2007 3.1)
"CCleaner" = CCleaner
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{02EBDBB9-4600-41D3-B566-40CB861511D2}" = World of Warcraft FREE Trial
"{04AA8DF8-D7B9-AE86-F4A6-5257BD20DF53}" = CCC Help English
"{068B46A0-8858-4CEB-80BC-A4AE787A05FC}" = Windows Live Sync
"{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution
"{17068829-10EE-4581-BDC8-C53C483694A3}" = Smart Sync
"{183AB714-2AA6-9073-2D2F-60B7FEC2F653}" = Catalyst Control Center Graphics Full Existing
"{1AEBE79A-63F4-0FB2-0269-282FB8CC5129}" = Catalyst Control Center HydraVision Full
"{1D097338-B4FA-4F29-9C43-8D7A970A007E}" = Windows Live Fotogalerie
"{1D301950-EA2F-4882-9AA0-49467756842A}" = SweetIM for Messenger 3.3
"{1EE88B84-7BE5-4FB5-8DEA-B81D5409D62E}" = Opera 11.00
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 22
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{37288DA4-0426-2B76-ED1F-6E2DC8DB291A}" = Catalyst Control Center Graphics Full New
"{3D39E775-DDDA-4327-B747-0BDC5F191331}" = Nokia PC Suite
"{42DE940E-8037-4266-9FBF-5A3AEDA39E96}" = Holdem Manager
"{45D4F727-43B5-49CD-B474-B9866A8F4FB8}" = Nokia Map Loader
"{479A749B-1684-4881-8266-BF8DD22251E7}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{56B83336-FBC1-4C46-8613-90A9E3B440D6}" = Six Engine
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
"{5F638781-7754-411F-974C-F20F27292E24}" = VideoCam Suite
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D0C6BE4-F674-43D2-96BC-3509345108C9}_is1" = PokerStove version 1.23
"{6D49FC3F-1C9C-9A22-ADAB-17356CEA1BF5}" = ccc-core-static
"{6E257F26-57FA-4BC9-AE3B-D50AF937DA7F}" = Windows Live Toolbar
"{71E40B32-5173-4538-8996-5822DD18E8D4}" = Windows Live Messenger
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74EC78BC-B379-4E29-9006-8F161DCAABA6}" = Apple Software Update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{817829FB-7E96-4B58-95B4-8732AA92F30A}" = SBK®08
"{8356F0AB-7382-88C9-FF97-1687DB17703A}" = Catalyst Control Center InstallProxy
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E72B982-D54F-486F-B35A-C24B6F171029}" = Nero 7 Essentials
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}" = QuickTime
"{9B63540D-D942-4C38-B42E-A48AE0145970}" = Virtua Tennis 3
"{9EDF1A5D-D8E0-413E-9782-75DD4A8C831B}" = VideoCam Suite 2.0
"{A05DD3BB-90A7-EC2D-D4F4-1439183ECB1A}" = Catalyst Control Center Graphics Previews Common
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{ABBFD29E-6744-D0E4-4353-5089DAA21CAA}" = Catalyst Control Center Core Implementation
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.1 - Czech
"{ADB1EEBA-43DD-40C5-B753-F476158EA85E}" = WinFast PxDVR3200 H Driver
"{AEA1A0DE-99F6-4036-2839-E48DA43CB76E}" = Skins
"{B0490CEE-D5ED-431A-88EB-772D9DB70C0C}" = Windows Live Movie Maker
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BF67F764-95B6-4360-BB57-B2E5AA6C814B}" = SweetIM Toolbar for Internet Explorer 4.0
"{C92C584E-C781-475E-A8E2-C67D993A6B95}" = WinFast PVR2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC4A73BF-938E-4C19-A553-853C035C9BA1}" = LightScribe System Software 1.10.13.1
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.12.327
"{E07B7A31-E160-466D-A003-3BB7B8989D52}" = Full Tilt Poker.Net
"{E1D3B4A5-CB7D-572B-A807-E1D266DA1DD2}" = Catalyst Control Center Graphics Light
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3F328E4-EB9F-4ABF-8FF3-5AD0472743D8}" = Windows Live Essentials
"{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}" = Windows Live Mail
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4DBD804-BB68-B437-34CA-619267E43596}" = Catalyst Control Center Graphics Previews Vista
"{F76A0D31-7144-447C-9CC7-8F0C2FE932A7}" = SBK®08
"{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}" = Nokia Software Updater
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"CadStd" = CadStd
"CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2008-09-21 16:18
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"'DIRT 2'_is1" = 'DIRT 2'
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.00
"FarmingSimulator2009DE_is1" = Landwirtschafts-Simulator 2009
"German Truck Simulator" = German Truck Simulator 1.00
"Glary Registry Repair_is1" = Glary Registry Repair 3.3.0.852
"Host OpenAL (ADI)" = Host OpenAL (ADI)
"Cheat Engine 5.5_is1" = Cheat Engine 5.5
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"JonDoUninstall" = JonDo
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Marvell Miniport Driver" = Marvell Miniport Driver
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Nokia Maps Updater_is1" = Nokia Maps Updater 1.0.12
"Nokia PC Suite" = Nokia PC Suite
"NSS" = NSS (remove only)
"OpenAL" = OpenAL
"PriceGong" = PriceGong 2.1.0
"Registrace uživatele zařízení Canon iP4600 series" = Registrace uživatele zařízení Canon iP4600 series
"TweakNow RegCleaner_is1" = TweakNow RegCleaner
"UnrealCommander_is1" = Unreal Commander v0.96
"Winamp" = Winamp (remove only)
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Zynga Toolbar" = Zynga Toolbar

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 27.12.2010 4:04:34 | Computer Name = Tom-PC | Source = WinMgmt | ID = 10
Description =

Error - 27.12.2010 11:05:38 | Computer Name = Tom-PC | Source = WinMgmt | ID = 10
Description =

Error - 28.12.2010 4:28:14 | Computer Name = Tom-PC | Source = WinMgmt | ID = 10
Description =

Error - 29.12.2010 3:55:23 | Computer Name = Tom-PC | Source = WinMgmt | ID = 10
Description =

Error - 29.12.2010 19:13:23 | Computer Name = Tom-PC | Source = Application Hang | ID = 1002
Description = Program ICQ.exe verze 6.5.0.2026 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení problémů.
ID
procesu: 8c8 Čas zahájení: 01cba72d97ec9785 Čas ukončení: 15

Error - 30.12.2010 6:51:39 | Computer Name = Tom-PC | Source = WinMgmt | ID = 10
Description =

Error - 30.12.2010 6:52:34 | Computer Name = Tom-PC | Source = SideBySide | ID = 16842787
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Windows Live\Photo
Gallery\MovieMaker.Exe se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program
Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL na řádku 8. Identita komponenty
nalezená v manifestu nesouhlasí s identitou požadované komponenty. Odkaz je WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definice
je WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Podrobnější
diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 31.12.2010 4:38:32 | Computer Name = Tom-PC | Source = SideBySide | ID = 16842787
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Windows Live\Photo
Gallery\MovieMaker.Exe se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program
Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL na řádku 8. Identita komponenty
nalezená v manifestu nesouhlasí s identitou požadované komponenty. Odkaz je WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definice
je WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Podrobnější
diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 31.12.2010 4:39:00 | Computer Name = Tom-PC | Source = WinMgmt | ID = 10
Description =

Error - 31.12.2010 13:47:04 | Computer Name = Tom-PC | Source = Application Hang | ID = 1002
Description = Program RSITx64.exe verze 3.3.2.0 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení problémů.
ID
procesu: 1b54 Čas zahájení: 01cba91259a4a920 Čas ukončení: 4

[ OSession Events ]
Error - 29.3.2010 14:22:42 | Computer Name = Tom-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 18 seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 23.12.2010 11:45:50 | Computer Name = Tom-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 24.12.2010 8:42:13 | Computer Name = Tom-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 25.12.2010 4:46:29 | Computer Name = Tom-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 26.12.2010 4:40:00 | Computer Name = Tom-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 27.12.2010 4:04:37 | Computer Name = Tom-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 27.12.2010 11:05:39 | Computer Name = Tom-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 28.12.2010 4:28:15 | Computer Name = Tom-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 29.12.2010 3:55:27 | Computer Name = Tom-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 30.12.2010 6:51:42 | Computer Name = Tom-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 31.12.2010 4:39:04 | Computer Name = Tom-PC | Source = Service Control Manager | ID = 7026
Description =


< End of report >

[motji]

Spustte OTL
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - [2010.10.13 16:21:08 | 000,111,928 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKLM\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyn0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-268072685-2948217442-678725953-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-268072685-2948217442-678725953-1000\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyn0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-268072685-2948217442-678725953-1000\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaulturl: "http://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..browser.search.order.1: "Ask.com"
O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.1.0\PriceGongIE.dll (PriceGong)
O2 - BHO: (Zynga Toolbar) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyn0.dll (Conduit Ltd.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Zynga Toolbar) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyn0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-268072685-2948217442-678725953-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-268072685-2948217442-678725953-1000\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O33 - MountPoints2\{337b9785-6bf8-11de-8786-00221548c12c}\Shell - "" = AutoRun
O33 - MountPoints2\{337b9785-6bf8-11de-8786-00221548c12c}\Shell\AutoRun\command - "" = K:\autorun.exe -- File not found
O33 - MountPoints2\{35e5d6d2-6bfa-11de-bfca-00221548c12c}\Shell - "" = AutoRun
O33 - MountPoints2\{35e5d6d2-6bfa-11de-bfca-00221548c12c}\Shell\AutoRun\command - "" = L:\ral.exe -- File not found
@Alternate Data Stream - 24 bytes -> C:\Windows:A2F62C1FF3011FA7
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:CB0AACC9

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
C:\Program Files (x86)\SweetIM\
C:\Program Files (x86)\Ask.com
C:\ProgramData\.zreglib

:commands
[resethosts]
[emptytemp]
[EMPTYFLASH]
[Reboot]

-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde



Co je jednotka L?

[tommmmm]

Jednotka L se mi ukazuje jako jednotka DVD-ROM s vyskou hodnotou zaznamu HD DVD ale fyzicka jednotka DVD je D
jeste jsem zapomel pripomenout ze se me nekdy samovolne vypina brana firewall ve windowsech a nyni mi skoncila zkusebni verze AVG a centrum zabezpeceni hlasi ze ochrana proti malwaru je vypnuty.

Ted ten LOG

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named SweetIM.exe was found!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{7b13ec3e-999a-4b70-b9cb-2617b8323822} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\ deleted successfully.
C:\Program Files (x86)\Zynga\tbZyn0.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-268072685-2948217442-678725953-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ deleted successfully.
C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-268072685-2948217442-678725953-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{7b13ec3e-999a-4b70-b9cb-2617b8323822} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\ not found.
File C:\Program Files (x86)\Zynga\tbZyn0.dll not found.
Registry value HKEY_USERS\S-1-5-21-268072685-2948217442-678725953-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EEE6C35D-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}\ deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll moved successfully.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "http://search.sweetim.com/search.asp?src=2&q=" removed from browser.search.defaulturl
Prefs.js: "Ask.com" removed from browser.search.order.1
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}\ deleted successfully.
C:\Program Files (x86)\PriceGong\2.1.0\PriceGongIE.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\ not found.
File C:\Program Files (x86)\Zynga\tbZyn0.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}\ deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7b13ec3e-999a-4b70-b9cb-2617b8323822} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\ not found.
File C:\Program Files (x86)\Zynga\tbZyn0.dll not found.
Registry value HKEY_USERS\S-1-5-21-268072685-2948217442-678725953-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-268072685-2948217442-678725953-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ deleted successfully.
File C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SweetIM deleted successfully.
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{337b9785-6bf8-11de-8786-00221548c12c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{337b9785-6bf8-11de-8786-00221548c12c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{337b9785-6bf8-11de-8786-00221548c12c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{337b9785-6bf8-11de-8786-00221548c12c}\ not found.
File K:\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{35e5d6d2-6bfa-11de-bfca-00221548c12c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{35e5d6d2-6bfa-11de-bfca-00221548c12c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{35e5d6d2-6bfa-11de-bfca-00221548c12c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{35e5d6d2-6bfa-11de-bfca-00221548c12c}\ not found.
File L:\ral.exe not found.
ADS C:\Windows:A2F62C1FF3011FA7 deleted successfully.
ADS C:\ProgramData\TEMP:CB0AACC9 deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP20F9.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP24CE.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2CB1.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8FE0.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAB0D.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPBB64.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5D9A.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5FEA.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7074.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP78C7.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA297.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPEC70.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPF087.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPFC5C.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI36AF.tmp moved successfully.
C:\WINDOWS\Installer\MSI5428.tmp moved successfully.
C:\WINDOWS\Installer\MSI604E.tmp moved successfully.
C:\WINDOWS\Installer\MSI67D6.tmp moved successfully.
C:\WINDOWS\Installer\MSI74C3.tmp moved successfully.
C:\WINDOWS\Installer\MSI9168.tmp moved successfully.
C:\WINDOWS\Installer\MSICF7F.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wltC161.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\13200dbefb5e02121f5a9d4a3c8a45df\BIT9943.tmp moved successfully.
File move failed. C:\WINDOWS\Temp\avg-51b74f11-7dc8-4838-a3a7-f440f4898b54.tmp scheduled to be moved on reboot.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange folder moved successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green folder moved successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue folder moved successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources folder moved successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT folder moved successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\conf folder moved successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer folder moved successfully.
C:\Program Files (x86)\SweetIM\Toolbars folder moved successfully.
C:\Program Files (x86)\SweetIM\Messenger\resources\images folder moved successfully.
C:\Program Files (x86)\SweetIM\Messenger\resources folder moved successfully.
C:\Program Files (x86)\SweetIM\Messenger folder moved successfully.
C:\Program Files (x86)\SweetIM folder moved successfully.
C:\Program Files (x86)\Ask.com folder moved successfully.
C:\ProgramData\.zreglib moved successfully.
========== COMMANDS ==========
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: AppData

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Tom
->Temp folder emptied: 199370 bytes
->Temporary Internet Files folder emptied: 495851 bytes
->Java cache emptied: 26233509 bytes
->FireFox cache emptied: 48905569 bytes
->Flash cache emptied: 3911 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 2976440 bytes

Total Files Cleaned = 75,00 mb


[EMPTYFLASH]

User: All Users

User: AppData

User: Default

User: Default User

User: Public

User: Tom
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.18.2 log created on 12312010_232050

Files\Folders moved on Reboot...
C:\WINDOWS\Temp\avg-51b74f11-7dc8-4838-a3a7-f440f4898b54.tmp moved successfully.
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.

Registry entries deleted on Reboot...

[motji]

Jestli můžu doporučit, AVG vyměnte třeba za Avasat nebo Aviru
Je to s počítačem lepší?

[tommmmm]

Vypada to ze se vse zrychlilo.
No prave Avast jsem mel pred timhle, ale vyprsela mi free licence a uz po me chteli pouze placenou verzi, tak jsem sahl po tomhle, asi zkusim tu Aviru.
Jeste jedna otazka, jak bezpecne odinstaluju to AVG?
Za vsechny rady velmi dekuji, Tomas.
Preji mnoho uspechu v novem roce.

[motji]

Měl jste Avast free? tam jde licence obnovit. Pokud by Vám nešla, písněte mi sz
AVG odinstalujete třeba tímto
http://www.avg.com/download-tools

Ten internet se zrychlil?

A hezký Nový rok

[tommmmm]

Ano u Avastu jsem myslim jednou licenci obnovil a podruhe mi to myslim uz neslo.
Ano myslim ze internet jde rychleji, stranky se nacitaji o neco rychleji ( snad se me to nezda )
Zkusim tedy jeste jednou Avast.

[motji]

Máte sz

Pokud by byli problémy s pc, ozvěte se