Problém s schvhost vytezuje PC na 100% kratce po startu..

[Caroprd111]

Co jste zvolil Jsou s PC nějaké problémy

[PajaZ]

Prave jeden proces sem ponechal a jinak vše mimo sandbox, problem neni žádny zatim

[Caroprd111]

Pokud bude problém, tak se ozvěte. Poradil bych se s kolegy.

[PajaZ]

Oki, díky

[Caroprd111]

Nemáte zač

[PajaZ]

Zdravím opet píši, vše ok, ale asi jsem na neco prisel, jakmile se mi chtela updatovat Java automaticky tak mi začal skakat FW a psat že proces schvhost se pripojuje atd., zakázal jsem update Javy a blokl pro jistotu schvhost ale jen jednou ne zapamatovat a ted asi za 2 dny opet hlaska viz screen.
Jak se mam zachovat? Jestli dočasne nebo stale?
Mám strach to povolit jeslti v PC neco nemam, vše funguje OK, nerad bych opet celou proceduru opakoval s combofixem, mam ted hodne prace


Dekuji za odpoved

[Caroprd111]

Dejte log z RSIT.

[PajaZ]

Tady je:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Zdenek at 2010-05-15 15:17:09
Systém Microsoft Windows XP Professional Service Pack 2
System drive D: has 32 GB (61%) free of 52 GB
Total RAM: 1023 MB (28% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:17:25, on 15.5.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Alwil Software\Avast5\AvastSvc.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Software\Aplikace\Motherboard Monitor 5\MBM5.EXE
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
D:\WINDOWS\TBPanel.exe
D:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
D:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\Canon\CAL\CALMAIN.exe
D:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
D:\Program Files\COMODO\COMODO Internet Security\cfp.exe
D:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\20Dollars2Surf\20dollars2surf.exe
D:\Program Files\MICROSTAR\Bluetooth Software\BTTray.exe
D:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe
D:\Program Files\MICROSTAR\Bluetooth Software\btsendto_explorer.exe
D:\WINDOWS\system32\wscntfy.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Software\Aplikace\Sysmetrix\SysMetrix.exe
D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Plocha\websurf.exe
D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Plocha\websurf.exe
D:\Program Files\Auto Clicker Typer\Auto Clicker Typer.exe
D:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Plocha\RSIT.exe
D:\Program Files\trend micro\Zdenek.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://tea-earth.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - D:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - D:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - D:\PROGRA~1\FlashGet\getflash.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - D:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [MBM 5] "D:\Software\Aplikace\Motherboard Monitor 5\MBM5.EXE"
O4 - HKLM\..\Run: [LogonStudio] "D:\Software\Aplikace\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [PinnacleDriverCheck] D:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] D:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "D:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "D:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] D:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Gainward] D:\WINDOWS\TBPanel.exe /A
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Google Desktop Search] "D:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [AppleSyncNotifier] D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast5] D:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [COMODO Internet Security] "D:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [RocketDock] "D:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [swg] "D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: Logitech Touch Mouse Server.lnk = D:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe
O4 - Startup: RocketDock.lnk = D:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: 20Dollars2Surf.lnk = D:\Program Files\20Dollars2Surf\20dollars2surf.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: &ICQ Toolbar Search - res://D:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://D:\Software\Aplikace\OFFICE~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint - Náhled - res://D:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Přidat na seznam k tisku - res://D:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint - Tisk - res://D:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Vysokorychlostní tisk - res://D:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Stáhnout pomocí FlashGet - D:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Stáhnout vše pomocí FlashGet - D:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://D:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - D:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Software\Aplikace\OFFICE~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6.5\ICQ.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: D:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: avgrsstarter - D:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - D:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - Unknown owner - D:\Program Files\AVG\AVG9\avgemc.exe (file missing)
O23 - Service: AVG Free WatchDog (avg9wd) - Unknown owner - D:\Program Files\AVG\AVG9\avgwdsvc.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - D:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - D:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - D:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - D:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate1c99e7bd27b9410) (gupdate1c99e7bd27b9410) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - D:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe

--
End of file - 12582 bytes

======Scheduled tasks folder======

D:\WINDOWS\tasks\AppleSoftwareUpdate.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-484763869-343818398-839522115-1003Core.job
D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-484763869-343818398-839522115-1003UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-05-26 1088296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
IeCatch5 Class - D:\PROGRA~1\FlashGet\jccatch.dll [2006-05-16 81920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
EWPBrowseObject Class - D:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-04-18 34304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-01-01 263280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - D:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2010-01-01 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-02-19 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-02-19 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
gFlash Class - D:\PROGRA~1\FlashGet\getflash.dll [2006-09-12 126976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - D:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2006-04-18 552960]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} - FlashGet Bar - D:\PROGRA~1\FlashGet\fgiebar.dll [2005-06-07 86016]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-01-01 263280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MBM 5"=D:\Software\Aplikace\Motherboard Monitor 5\MBM5.EXE [2003-01-08 577536]
"LogonStudio"=D:\Software\Aplikace\LogonStudio\logonstudio.exe [2002-09-03 987187]
"PinnacleDriverCheck"=D:\WINDOWS\System32\PSDrvCheck.exe [2004-03-10 406016]
"HPDJ Taskbar Utility"=D:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe [2003-07-28 188416]
"SSBkgdUpdate"=D:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-09-30 155648]
"OpwareSE4"=D:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-03-21 69632]
"IMJPMIG8.1"=D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-03 208952]
"MSPY2002"=D:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-03 59392]
"PHIME2002ASync"=D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-03 455168]
"PHIME2002A"=D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-03 455168]
"Gainward"=D:\WINDOWS\TBPanel.exe [2007-04-23 2173744]
"NvCplDaemon"=D:\WINDOWS\system32\NvCpl.dll [2007-04-19 7700480]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=D:\WINDOWS\system32\NvMcTray.dll [2007-04-19 86016]
"Google Desktop Search"=D:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-02-04 30192]
"AppleSyncNotifier"=D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-08-13 177440]
"QuickTime Task"=D:\Program Files\QuickTime\qttask.exe [2009-09-05 417792]
"iTunesHelper"=D:\Program Files\iTunes\iTunesHelper.exe [2009-09-08 305440]
"NeroFilterCheck"=D:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"avast5"=D:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-05-06 2815192]
"COMODO Internet Security"=D:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2010-04-09 2029456]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=D:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-19 630784]
"swg"=D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-01-01 39408]
"ctfmon.exe"=D:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"Google Update"=D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-03-18 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
D:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe [2007-09-11 67488]

D:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění
20Dollars2Surf.lnk - D:\Program Files\20Dollars2Surf\20dollars2surf.exe
BTTray.lnk - D:\Program Files\MICROSTAR\Bluetooth Software\BTTray.exe

D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Nabídka Start\Programy\Po spuštění
Logitech Touch Mouse Server.lnk - D:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe
RocketDock.lnk - D:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=" D:\WINDOWS\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
D:\WINDOWS\system32\avgrsstx.dll [2009-10-28 12464]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CLPSLS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Sony\Vegas 6.0\VegSrv60.exe"="D:\Program Files\Sony\Vegas 6.0\VegSrv60.exe:*:Enabled:Sony Vegas Network Render Service Control"
"D:\Program Files\Mozilla Firefox\firefox.exe"="D:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"D:\wincmd\WINCMD32.EXE"="D:\wincmd\WINCMD32.EXE:*:Enabled:Windows Commander 32 bit international version, file manager replacement for Windows"
"D:\WINDOWS\system32\dpvsetup.exe"="D:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"D:\Program Files\Ubisoft\Crytek\Far Cry\Bin32\FarCry.exe"="D:\Program Files\Ubisoft\Crytek\Far Cry\Bin32\FarCry.exe:*:Disabled:Far Cry"
"D:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe"="D:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe:*:Enabled:Google Desktop"
"D:\Program Files\B!Soft\RSS Builder\RSSBuilder.exe"="D:\Program Files\B!Soft\RSS Builder\RSSBuilder.exe:*:Enabled:RSS Builder"
"D:\Program Files\KompoZer 0.7.10\kompozer.exe"="D:\Program Files\KompoZer 0.7.10\kompozer.exe:*:Enabled:Composer"
"D:\Program Files\ICQ6.5\ICQ.exe"="D:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"D:\Program Files\Bonjour\mDNSResponder.exe"="D:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"D:\Software\Games\UT\UnrealTournament\System\UnrealTournament.exe"="D:\Software\Games\UT\UnrealTournament\System\UnrealTournament.exe:*:Enabled:UnrealTournament"
"D:\Program Files\iPhone Tunnel Suite\iTunnel\iTunnel.exe"="D:\Program Files\iPhone Tunnel Suite\iTunnel\iTunnel.exe:*:Enabled:iTunnel"
"D:\Program Files\iTunes\iTunes.exe"="D:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"D:\Program Files\Ripdev\JuiceDrop\JuiceDrop.exe"="D:\Program Files\Ripdev\JuiceDrop\JuiceDrop.exe:*:Enabled:JuiceDrop"
"D:\Program Files\Java\jre6\launch4j-tmp\frd.exe"="D:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"D:\Program Files\Opera\opera.exe"="D:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"D:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe"="D:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe:*:Enabled:Logitech"
"D:\Program Files\Kooperativa\KalkZiv\Kalk_Ziv.exe"="D:\Program Files\Kooperativa\KalkZiv\Kalk_Ziv.exe:*:Enabled:Kalk_Ziv"
"D:\Program Files\TVAnts\Tvants.exe"="D:\Program Files\TVAnts\Tvants.exe:*:Enabled:TVAnts"
"D:\Program Files\TeamViewer\Version5\TeamViewer.exe"="D:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-05-15 15:17:09 ----D---- D:\rsit
2010-05-15 00:30:41 ----D---- D:\Program Files\20Dollars2Surf
2010-05-14 16:02:59 ----D---- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Geotag Photos
2010-05-12 15:26:04 ----D---- D:\Documents and Settings\All Users.WINDOWS\Data aplikací\VOWSoft
2010-05-12 15:26:01 ----D---- D:\Program Files\iPodRobot
2010-04-25 12:50:12 ----D---- D:\Program Files\Auto Clicker Typer
2010-04-22 21:28:58 ----A---- D:\WINDOWS\system32\pthreadGC2.dll
2010-04-22 21:28:46 ----D---- D:\Program Files\Haali
2010-04-22 21:28:37 ----D---- D:\Program Files\AviSynth 2.5
2010-04-22 21:28:25 ----D---- D:\Program Files\Common Files\SourceTec
2010-04-22 21:28:25 ----A---- D:\WINDOWS\system32\pncrt.dll
2010-04-22 21:28:17 ----A---- D:\WINDOWS\system32\wvc1dmod.dll
2010-04-22 21:28:16 ----D---- D:\Program Files\SourceTec
2010-04-18 11:27:56 ----D---- D:\Program Files\NirSoft

======List of files/folders modified in the last 1 months======

2010-05-15 15:17:25 ----D---- D:\Program Files\Trend Micro
2010-05-15 15:13:01 ----D---- D:\WINDOWS\Temp
2010-05-15 15:12:54 ----A---- D:\WINDOWS\DFC.INI
2010-05-15 13:25:03 ----D---- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Canon
2010-05-15 13:11:23 ----AD---- D:\WINDOWS\system32
2010-05-15 12:37:23 ----A---- D:\WINDOWS\wincmd.ini
2010-05-15 12:37:13 ----D---- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\vlc
2010-05-15 11:08:00 ----A---- D:\WINDOWS\SchedLgU.Txt
2010-05-15 10:56:31 ----AC---- D:\WINDOWS\system32\PerfStringBackup.INI
2010-05-15 10:51:32 ----A---- D:\WINDOWS\LogonStudio.ini
2010-05-15 10:51:05 ----D---- D:\WINDOWS\system32\CatRoot2
2010-05-15 10:50:46 ----D---- D:\WINDOWS
2010-05-15 10:39:52 ----A---- D:\WINDOWS\system32\logonuiX.exe
2010-05-15 01:21:36 ----A---- D:\WINDOWS\wcx_ftp.ini
2010-05-15 00:51:02 ----SHD---- D:\WINDOWS\Installer
2010-05-15 00:51:02 ----D---- D:\Config.Msi
2010-05-15 00:30:41 ----RD---- D:\Program Files
2010-05-13 23:02:40 ----D---- D:\Program Files\EurotelSMS
2010-05-12 23:52:55 ----A---- D:\WINDOWS\winamp.ini
2010-05-12 15:26:01 ----D---- D:\Program Files\Common Files\Apple
2010-05-11 16:44:11 ----RSD---- D:\WINDOWS\Fonts
2010-05-10 12:32:05 ----A---- D:\WINDOWS\NeroDigital.ini
2010-05-09 22:50:30 ----D---- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Skype
2010-05-09 21:38:39 ----D---- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\skypePM
2010-05-06 22:59:36 ----A---- D:\WINDOWS\system32\aswBoot.exe
2010-05-05 15:51:49 ----D---- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\dvdcss
2010-05-03 16:59:50 ----D---- D:\WINDOWS\system32\drivers
2010-04-29 22:38:52 ----D---- D:\Program Files\Mozilla Thunderbird
2010-04-29 21:51:09 ----D---- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Thunderbird
2010-04-25 12:52:38 ----D---- D:\WINDOWS\Prefetch
2010-04-22 21:29:09 ----D---- D:\Program Files\ffdshow
2010-04-22 21:28:25 ----D---- D:\Program Files\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; D:\WINDOWS\system32\drivers\Aavmker4.sys [2010-05-06 28880]
R1 AmdK7;Ovladač procesoru AMD K7; D:\WINDOWS\System32\DRIVERS\amdk7.sys [2004-08-17 41216]
R1 aswSP;aswSP; D:\WINDOWS\system32\drivers\aswSP.sys [2010-05-06 164048]
R1 aswTdi;avast! Network Shield Support; D:\WINDOWS\system32\drivers\aswTdi.sys [2010-05-06 46672]
R1 ATITool;ATITool Overclocking Utility; D:\WINDOWS\system32\DRIVERS\ATITool.sys [2005-12-30 24064]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; D:\WINDOWS\System32\Drivers\avgldx86.sys [2009-10-28 333192]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; D:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-10-28 28424]
R1 AvgTdiX;AVG Free Network Redirector; D:\WINDOWS\System32\Drivers\avgtdix.sys [2009-11-10 360584]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; D:\WINDOWS\System32\DRIVERS\cmdguard.sys [2010-04-09 225344]
R1 cmdHlp;COMODO Internet Security Helper Driver; D:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2010-04-09 25240]
R1 kbdhid;Ovladač klávesnice standardu HID; D:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R1 mbmiodrvr;mbmiodrvr; \??\D:\WINDOWS\System32\mbmiodrvr.sys []
R1 PQNTDrv;PQNTDrv; D:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; D:\WINDOWS\System32\DRIVERS\tcpip6.sys [2004-08-03 223616]
R2 Angelnt;Angelnt; D:\WINDOWS\System32\Drivers\ANGELNT.SYS [2004-05-27 31936]
R2 Aspi32;Aspi32; D:\WINDOWS\System32\drivers\aspi32.sys [2002-07-17 16877]
R2 aswFsBlk;aswFsBlk; D:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-05-06 19024]
R2 aswMon2;avast! Standard Shield Support; D:\WINDOWS\system32\drivers\aswMon2.sys [2010-05-06 100432]
R2 BT848;WinFast TV2000 XP WDM Video Capture; D:\WINDOWS\system32\drivers\wf2kvcap.sys [2002-06-24 81356]
R2 BTSERIAL;Bluetooth Serial Driver; \??\D:\WINDOWS\system32\drivers\btserial.sys []
R2 BTSLBCSP;Bluetooth Port Client Driver; \??\D:\WINDOWS\system32\drivers\btslbcsp.sys []
R2 Dev_CBIDDRV;Dev_CBIDDRV; \??\D:\WINDOWS\System32\Drivers\CBID.SYS []
R2 PStrip;PStrip; D:\WINDOWS\system32\drivers\PStrip.sys [2004-11-10 21968]
R2 TBPanel;TBPanel; D:\WINDOWS\system32\drivers\TBPanel.sys [2007-03-16 12256]
R2 tv2ktunr;WinFast TV2000 XP WDM TVTuner; D:\WINDOWS\system32\drivers\wf2ktunr.sys [2002-06-24 39182]
R2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar; D:\WINDOWS\system32\drivers\wf2kxbar.sys [2002-06-24 9804]
R3 Arp1394;Protokol 1394 ARP Client; D:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-03 60800]
R3 ASAPIW2k;ASAPIW2K; D:\WINDOWS\system32\drivers\ASAPIW2k.sys [2004-03-10 11264]
R3 aswRdr;aswRdr; D:\WINDOWS\system32\drivers\aswRdr.sys [2010-05-06 23376]
R3 BtAudio;Bluetooth Audio; D:\WINDOWS\System32\DRIVERS\btaudio.sys [2003-01-16 21701]
R3 BTDriver;Bluetooth Virtual Communications Driver; D:\WINDOWS\System32\DRIVERS\btport.sys [2003-01-16 30043]
R3 BTWDNDIS;Bluetooth LAN Access Server; D:\WINDOWS\System32\DRIVERS\btwdndis.sys [2003-01-16 144608]
R3 cmuda;C-Media WDM Audio Interface; D:\WINDOWS\system32\drivers\cmuda.sys [2003-07-01 733248]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; D:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 hidusb;Ovladač třídy standardu HID; D:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 mouhid;Ovladač myši standardu HID; D:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; D:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
R3 NIC1394;1394 Net Driver; D:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-03 61824]
R3 nv;nv; D:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-04-19 3988384]
R3 NVENET;NVIDIA nForce MCP Networking Controller Driver; D:\WINDOWS\System32\DRIVERS\NVENET.sys [2002-11-27 80896]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; D:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 SKYNET;TechniSat DVB-PC TV Star PCI; D:\WINDOWS\system32\DRIVERS\SkyNET.SYS [2004-10-13 462212]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; D:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-03 12416]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; D:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-04 31616]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; D:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Ovladač standardního rozbočovače USB; D:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; D:\WINDOWS\System32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; D:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 wanlink;wanlink; D:\WINDOWS\System32\DRIVERS\wanlink.sys [2002-06-24 47968]
S1 SysTool;SysTool Overclocking Utility; D:\WINDOWS\system32\DRIVERS\SysTool.sys [2005-12-30 24064]
S3 Bridge;Most MAC; D:\WINDOWS\System32\DRIVERS\bridge.sys [2004-08-03 71552]
S3 BridgeMP;Miniport mostu MAC; D:\WINDOWS\System32\DRIVERS\bridge.sys [2004-08-03 71552]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; D:\WINDOWS\System32\Drivers\btwusb.sys [2003-01-16 65076]
S3 Cardex;Cardex; \??\D:\WINDOWS\system32\drivers\TBPANEL.SYS []
S3 CCDECODE;Dekodér Closed Caption; D:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 CV2K1;CommView Network Monitor; D:\WINDOWS\system32\DRIVERS\cv2k1.sys []
S3 dtscsi;dtscsi; D:\WINDOWS\System32\Drivers\dtscsi.sys [2006-08-16 223128]
S3 ENTECH;ENTECH; \??\D:\WINDOWS\System32\DRIVERS\ENTECH.SYS []
S3 GMSIPCI;GMSIPCI; \??\H:\INSTALL\GMSIPCI.SYS []
S3 HidBatt;Ovladač baterie zdroje UPS standardu HID; D:\WINDOWS\System32\DRIVERS\HidBatt.sys [2001-08-17 19200]
S3 hidgame;Microsoft Hid to Joystick Port Enabler; D:\WINDOWS\System32\DRIVERS\hidgame.sys [2001-08-17 8576]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; D:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; D:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; D:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 Netaapl;Apple Mobile Device Ethernet Service; D:\WINDOWS\system32\DRIVERS\netaapl.sys [2009-06-05 17408]
S3 nm;Ovladač programu Sledování sítě; D:\WINDOWS\System32\DRIVERS\NMnt.sys [2004-08-03 40320]
S3 RivaTuner32;RivaTuner32; \??\D:\Program Files\RivaTuner v2.0 RC 16\RivaTuner32.sys []
S3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; D:\WINDOWS\System32\DRIVERS\R8139n51.SYS [2003-02-19 46976]
S3 SLIP;BDA Slip De-Framer; D:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; D:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 TVicHW32;TVicHW32; \??\D:\WINDOWS\System32\DRIVERS\TVicHW32.SYS []
S3 USBAAPL;Apple Mobile USB Driver; D:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbprint;Třída USB Printer; D:\WINDOWS\System32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; D:\WINDOWS\System32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 Wdf01000;Wdf01000; D:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WSTCODEC;Dálnopisný kodek světového standardu; D:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; D:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; D:\WINDOWS\System32\Drivers\sptd.sys []
S4 sr;Ovladač filtru Obnovy systému; D:\WINDOWS\System32\DRIVERS\sr.sys [2004-08-17 73344]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Pomocná služba protokolu IPv6; D:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6; D:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-09-11 124832]
R2 Apple Mobile Device;Apple Mobile Device; D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 avast! Antivirus;avast! Antivirus; D:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R2 Bonjour Service;Bonjour Service; D:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 CCALib8;Canon Camera Access Library 8; D:\Program Files\Canon\CAL\CALMAIN.exe [2006-03-30 96341]
R2 CLPSLS;COMODO livePCsupport Service; D:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe [2010-02-19 148744]
R2 cmdAgent;COMODO Internet Security Helper Service; D:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2010-04-09 1769216]
R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2009-12-17 153376]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; D:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 NVSvc;NVIDIA Display Driver Service; D:\WINDOWS\system32\nvsvc32.exe [2007-04-19 159810]
R2 UMWdf;Windows User Mode Driver Framework; D:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R3 avast! Mail Scanner;avast! Mail Scanner; D:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R3 avast! Web Scanner;avast! Web Scanner; D:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R3 iPod Service;iPod Service; D:\Program Files\iPod\bin\iPodService.exe [2009-09-08 545568]
S2 avg9emc;AVG Free E-mail Scanner; D:\Program Files\AVG\AVG9\avgemc.exe []
S2 avg9wd;AVG Free WatchDog; D:\Program Files\AVG\AVG9\avgwdsvc.exe []
S2 gupdate1c99e7bd27b9410;Google Update Service (gupdate1c99e7bd27b9410); D:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-06 133104]
S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-09-04 654848]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589; D:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-02-04 30192]
S3 gusvc;Google Software Updater; D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-01-01 182768]
S3 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; D:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
S3 MSSQLServerADHelper;MSSQLServerADHelper; D:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; D:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]

-----------------EOF-----------------

[Caroprd111]

Doporučuji odinstalovat (pokud nepoužíváte) toolbary (lišty) v Přidat nebo odebrat programy.


Následující soubor/y otestujte na http://www.virustotal.com/cs/
D:\WINDOWS\system32\svchost.exe

(Soubor/y nehledejte, jenom vložíte tučně označenou cestu, v případě hlášky "Soubor již byl testován" dejte otestovat znovu. Výsledek analýzy sem v podobě odkazu vložte.)

[PajaZ]

Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.05.10 -
AhnLab-V3 2010.05.16.00 2010.05.15 -
AntiVir 8.2.1.242 2010.05.14 -
Antiy-AVL 2.0.3.7 2010.05.14 -
Authentium 5.2.0.5 2010.05.15 -
Avast 4.8.1351.0 2010.05.15 -
Avast5 5.0.332.0 2010.05.15 -
AVG 9.0.0.787 2010.05.15 -
BitDefender 7.2 2010.05.15 -
CAT-QuickHeal 10.00 2010.05.15 -
ClamAV 0.96.0.3-git 2010.05.15 -
Comodo 4850 2010.05.15 -
DrWeb 5.0.2.03300 2010.05.15 -
eSafe 7.0.17.0 2010.05.13 -
eTrust-Vet 35.2.7490 2010.05.15 -
F-Prot 4.5.1.85 2010.05.15 -
F-Secure 9.0.15370.0 2010.05.15 -
Fortinet 4.1.133.0 2010.05.15 -
GData 21 2010.05.15 -
Ikarus T3.1.1.84.0 2010.05.15 -
Jiangmin 13.0.900 2010.05.15 -
Kaspersky 7.0.0.125 2010.05.15 -
McAfee 5.400.0.1158 2010.05.15 -
McAfee-GW-Edition 2010.1 2010.05.15 -
Microsoft 1.5703 2010.05.14 -
NOD32 5117 2010.05.15 -
Norman 6.04.12 2010.05.15 -
nProtect 2010-05-15.01 2010.05.15 -
Panda 10.0.2.7 2010.05.15 -
PCTools 7.0.3.5 2010.05.15 -
Prevx 3.0 2010.05.15 -
Rising 22.47.04.03 2010.05.14 -
Sophos 4.53.0 2010.05.15 -
Sunbelt 6307 2010.05.15 -
Symantec 20101.1.0.89 2010.05.15 -
TheHacker 6.5.2.0.280 2010.05.14 -
TrendMicro 9.120.0.1004 2010.05.15 -
TrendMicro-HouseCall 9.120.0.1004 2010.05.15 -
VBA32 3.12.12.5 2010.05.14 -
ViRobot 2010.5.15.2318 2010.05.15 -
VirusBuster 5.0.27.0 2010.05.15 -

[PajaZ]

Taky to vypadá že se mi zblaznil Comodo, najednou dnes chce vše znovu, každou aplikaci povoluji, nevim čím to je.
Je v tom logu neco co by tam nemelo byt?

[Caroprd111]

Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu

• Spusťte, poté do spodního políčka vložte následující skript.

Kód: Vybrat vše

 netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys 
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys 
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys 
cdrom.sys 
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav 
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT 

• Označte položku Pro všechny uživatele.
• Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
• Klikněte na tlačítko Prohledat
• Po dokončení, sem vložte logy OTL.Txt a Extras.txt

[PajaZ]

Nechce me to pustit zprava obsahuje hodne znaku, posílam to na vicekrat, ale ted po resetu se PC chova normalne ani FW neblbne.
OTL Extras logfile created on: 16.5.2010 12:18:18 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 023,00 Mb Total Physical Memory | 414,00 Mb Available Physical Memory | 40,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): D:\pagefile.sys 0 0 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 2,93 Gb Total Space | 1,43 Gb Free Space | 48,75% Space Free | Partition Type: FAT32
Drive D: | 50,78 Gb Total Space | 31,25 Gb Free Space | 61,53% Space Free | Partition Type: NTFS
Drive E: | 19,52 Gb Total Space | 16,16 Gb Free Space | 82,75% Space Free | Partition Type: FAT32
Drive F: | 52,05 Gb Total Space | 5,62 Gb Free Space | 10,79% Space Free | Partition Type: FAT32
Drive G: | 98,27 Gb Total Space | 12,96 Gb Free Space | 13,18% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 34,29 Gb Total Space | 5,99 Gb Free Space | 17,48% Space Free | Partition Type: NTFS
Drive M: | 596,17 Gb Total Space | 128,46 Gb Free Space | 21,55% Space Free | Partition Type: NTFS

Computer Name: DZIN
Current User Name: Zdenek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "D:\Software\Aplikace\Office2003\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
https [open] -- "D:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "D:\Software\Aplikace\WinAmp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Software\Aplikace\WinAmp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Software\Aplikace\WinAmp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Program Files\Sony\Vegas 6.0\VegSrv60.exe" = D:\Program Files\Sony\Vegas 6.0\VegSrv60.exe:*:Enabled:Sony Vegas Network Render Service Control -- (Sony Pictures Digital Inc.)
"D:\Program Files\Mozilla Firefox\firefox.exe" = D:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"D:\wincmd\WINCMD32.EXE" = D:\wincmd\WINCMD32.EXE:*:Enabled:Windows Commander 32 bit international version, file manager replacement for Windows -- (C. Ghisler & Co.)
"D:\WINDOWS\system32\dpvsetup.exe" = D:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"D:\Program Files\Ubisoft\Crytek\Far Cry\Bin32\FarCry.exe" = D:\Program Files\Ubisoft\Crytek\Far Cry\Bin32\FarCry.exe:*:Disabled:Far Cry -- (Crytek)
"D:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" = D:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe:*:Enabled:Google Desktop -- (Google)
"D:\Program Files\B!Soft\RSS Builder\RSSBuilder.exe" = D:\Program Files\B!Soft\RSS Builder\RSSBuilder.exe:*:Enabled:RSS Builder -- (B!Soft)
"D:\Program Files\KompoZer 0.7.10\kompozer.exe" = D:\Program Files\KompoZer 0.7.10\kompozer.exe:*:Enabled:Composer -- (Mozilla Foundation)
"D:\Program Files\ICQ6.5\ICQ.exe" = D:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"D:\Software\Games\UT\UnrealTournament\System\UnrealTournament.exe" = D:\Software\Games\UT\UnrealTournament\System\UnrealTournament.exe:*:Enabled:UnrealTournament -- ()
"D:\Program Files\iPhone Tunnel Suite\iTunnel\iTunnel.exe" = D:\Program Files\iPhone Tunnel Suite\iTunnel\iTunnel.exe:*:Enabled:iTunnel -- ()
"D:\Program Files\iTunes\iTunes.exe" = D:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"D:\Program Files\Ripdev\JuiceDrop\JuiceDrop.exe" = D:\Program Files\Ripdev\JuiceDrop\JuiceDrop.exe:*:Enabled:JuiceDrop -- (RiP Dev)
"D:\Program Files\Java\jre6\launch4j-tmp\frd.exe" = D:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"D:\Program Files\Opera\opera.exe" = D:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"D:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe" = D:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe:*:Enabled:Logitech -- (Logitech, Inc.)
"D:\Program Files\Kooperativa\KalkZiv\Kalk_Ziv.exe" = D:\Program Files\Kooperativa\KalkZiv\Kalk_Ziv.exe:*:Enabled:Kalk_Ziv -- ()
"D:\Program Files\TVAnts\Tvants.exe" = D:\Program Files\TVAnts\Tvants.exe:*:Enabled:TVAnts -- (Zhejiang University)
"D:\Program Files\TeamViewer\Version5\TeamViewer.exe" = D:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"!Easy ScreenSaver Studio" = !Easy ScreenSaver Studio
"{05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A}" = Opera 10.51
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0F51A262-1ADF-4914-B448-78AC58C4178A}" = MSI Bluetooth Software
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP600" = Canon MP600
"{132B5F44-9967-4B53-911E-3B87293CF089}" = SysMetrix
"{16E217EA-C3E0-402D-8D4F-6189DB74497A}" = Studio 9.3 Patch
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19024EBA-7B29-4491-BB4E-ECF9446819E4}" = Sony DVD Architect 3.0c
"{1ADE23D7-7A1E-4AEC-BA5D-EB8A01BED943}" = DeepBurner v1.8.0.224
"{1EE9BBA1-312F-4EC0-9DEA-A8FE22BBABAA}_is1" = 20Dollars2Surf 1.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Multimedia Launcher
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 18
"{29D851C2-048C-4B5E-8D1F-25D473342BB5}" = ScanSoft OmniPage SE 4.0
"{2D314DA3-96BC-4FD0-8067-70AAF054C3E2}" = RSS Builder
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{37978330-8FAD-49CF-9AC8-16965FA462C8}" = JuiceDrop
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{3C146518-A710-4110-BF20-1A32E750F4CA}_is1" = iPhone Tunnel Suite v 2.0
"{476330CF-F63D-4BA6-B8A0-757A26DABAE4}" = LS-USBMX 1/2/3 Steering Wheel W/Vibration
"{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour
"{49C09E32-B9FD-4EDC-9152-9BC0CC618A13}" = GetDataBack for FAT and GetDataBack for NTFS
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4C643986-DE3C-4737-8472-CCEC36CCC267}" = Studio Content CD
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{4F68B605-2F2B-42A8-8689-0CA7E67797B0}" = Sony Vegas 6.0d
"{52566307-f43a-4055-bc43-1d9fed8e553c}" = Nero 9 Essentials
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A347920-4AFC-11D5-9FB0-800649886934}" = SDFormatter
"{5D81D227-790A-43D8-BD30-6A7935CD6837}" = MadOnion.com/PCMark2002
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{780FA289-9CE9-4D6A-B91A-838FE6C68449}_is1" = Sothink iPhone Video Converter
"{7F8B6D39-197E-4FD1-A240-3E0A4D62A0C4}" = DesignPro 5
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{8795CBED-55E2-4693-9F14-84EC446935BE}" = SpeechRedist
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{91649626-E343-11D5-BCEF-005004748D87}" = SATARaid
"{91B323B5-A79C-4D23-BD6D-046C565F9BCF}" = MadOnion.com/3DMark2001 SE
"{9578C0CD-8108-4379-9026-4601F59859A0}" = Google Earth Pro
"{961034C0-58DF-11DF-97FD-005056806466}" = Google Earth Plug-in
"{97AA0C55-AFAD-4126-B21C-F1318FB6DADA}" = Realtek RTL8139/810x Fast Ethernet NIC Driver Setup
"{98E8A2EF-4EAE-43B8-A172-74842B764777}" = InterVideo WinDVD 4
"{9E491AB7-4589-48CA-9CBB-874CB2788391}" = Studio 9
"{A31A5DFC-3439-48FC-99BB-5174168AE471}" = COMODO livePCsupport
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{B13F5727-F12F-4253-B6AD-26AFA880B709}" = Sony Media Manager 2.0
"{B1EDEBF1-B4DA-46A5-B346-D1B580548EAA}" = iPhone Folders
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B48F9C44-C904-4FA3-984D-F65AE4C49745}" = Zoner Media Explorer 5
"{B4E96960-5F6B-48B9-A5BD-6A5A9BB4F027}" = Avery Wizard 3.1
"{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BE4AA694-815A-4045-BD49-C94F2BED7458}" = WinFast(R) TV2000 XP Expert / VC100 XP(WDM Driver)
"{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}" = Zálohování osobních složek aplikace Microsoft Outlook
"{C882DE6B-1482-42D6-A7C2-A9F946EDBAF6}" = WinFast PVR
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC6B1BB4-4E06-4A5B-A166-B371B551324B}" = COMODO Internet Security
"{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{DC47022F-8FD7-411C-878F-3EAEFCFED480}" = HD Tach
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EC2A8F27-4FBF-4E41-B27B-FE822511B761}" = iTunes
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.42
"AC3 Decoder" = AC3 Decoder Uninstall
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"ATITool" = ATITool Overclocking Utility
"Auto Clicker Typer_is1" = Auto Clicker Typer 1.0
"avast5" = avast! Free Antivirus
"AviSynth" = AviSynth 2.5
"bike" = bike
"CAL" = Canon Camera Access Library
"Calendar Wizard_is1" = Calendar Wizard 2.3.2
"CalendarPainter_is1" = CalendarPainter
"CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CCleaner" = CCleaner
"C-Media Audio" = C-Media 3D Audio
"Corel Applications" = Corel Applications
"CSCLIB" = Canon Camera Support Core Library
"DivX Codec" = DivX Codec
"DVBViewer_is1" = DVBViewer Technisat Edition
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDx 2.2_is1" = DVDx 2.2
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-WebPrint" = Easy-WebPrint
"EOS Utility" = Canon Utilities EOS Utility
"ESET Online Scanner" = ESET Online Scanner v3
"EurotelSMS_is1" = EurotelSMS 2.33
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v3.01
"ffdshow_is1" = ffdshow [rev 2583] [2009-01-05]
"FireTune1.0.7 for Firefox v1.x" = FireTune
"FlashGet(JetCar)" = FlashGet(JetCar)
"FoxyTunesForFirefox" = FoxyTunes for Firefox
"Fraps" = Fraps
"Gainward" = EXPERTool
"Google Desktop" = Google Desktop
"HaaliMkx" = Haali Media Splitter
"HandBrake" = HandBrake 0.9.3
"HijackThis" = HijackThis 2.0.2
"Hollywood FX 5" = Pinnacle Hollywood FX 5
"HUFFYUV" = Huffyuv AVI lossless video codec (Remove Only)
"ICQ 6 - Noir Skin_is1" = Noir Skin 1.0
"ie8" = Windows Internet Explorer 8
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0 Demo
"InstallShield_{7F8B6D39-197E-4FD1-A240-3E0A4D62A0C4}" = DesignPro 5
"InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry
"InterBase 6 Client Open Edition - 6.0.2.0" = InterBase 6 Client Open Edition - 6.0.2.0
"ISOS_is1" = ISOS 3.3.7 (Externí síť, XP/Vista)
"JuiceDrop" = JuiceDrop
"Katalog filmů_is1" = Katalog filmů 3.20f
"KLiteCodecPack_is1" = K-Lite Codec Pack 2.24 Full
"Last Year" = Last Year
"Logitech Touch Mouse Server" = Logitech Touch Mouse Server 1.0
"LogonStudio" = LogonStudio
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McLoad Preinstaller" = McLoad Preinstaller
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Motherboard Monitor 5.0" = Motherboard Monitor 5.0
"Motherboard Monitor 5.0 Languages" = Motherboard Monitor 5.0 Languages
"moto race" = moto race
"Moto sezona 2005" = Moto sezona 2005
"MotoRace" = MotoRace
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MozBackup_is1" = MozBackup 1.4.5
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"Mozilla Thunderbird (3.0.4)" = Mozilla Thunderbird (3.0.4)
"MP Navigator 3.0" = Canon MP Navigator 3.0
"MrKrax URL Submitter 1.2.7" = MrKrax URL Submitter 1.2.7
"My Cats" = My Cats
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NimoCorp" = Nimo Codecs Pack v5.0 (Remove Only)
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAnForce" = NVIDIA Windows 2000/XP nForce Drivers
"OpenSSL Light (32-bit)_is1" = OpenSSL 0.9.8l Light (32-bit)
"Pack Vista Inspirat 2" = Pack Vista Inspirat 2 1.0
"PhotoStitch" = Canon Utilities PhotoStitch
"Pinnacle Hollywood FX Pack - Extra FX" = Pinnacle Hollywood FX Pack - Extra FX
"plist Editor for Windows" = plist Editor for Windows 1.0.1
"PowerStrip 3 (remove only)" = PowerStrip 3 (remove only)
"ProgDVB" = ProgDVB
"ProgDVB Elecard edition 1.0.60705" = ProgDVB Elecard edition
"Quick Moto" = Quick Moto 2.8c
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"Registrace uživatele zařízení Canon MP600" = Registrace uživatele zařízení Canon MP600
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"Revo Uninstaller" = Revo Uninstaller 1.83
"RivaTuner" = RivaTuner v2.0 RC 16
"Sqirlz Water Reflections" = Sqirlz Water Reflections
"ST5UNST #1" = KROS pro Windows
"Stanza" = Stanza
"Tea Earth" = Tea Earth
"TeamViewer 5" = TeamViewer 5
"TechniSat DVB Receiver" = TechniSat DVB Receiver
"ToolbarICQToolbar.ICQToolbarObjectIEToolbar" = ICQ Toolbar
"Totalcmd" = Total Commander (Remove or Repair)
"TVAnts 1.0" = TVAnts 1.0
"UnrealTournament" = Unreal Tournament
"VLC media player" = VLC media player 1.0.0-rc4
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Winamp" = Winamp (remove only)
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 2
"WinRAR archiver" = Archivátor WinRAR
"winscp3_is1" = WinSCP 4.2.2 beta
"xp-AntiSpy" = xp-AntiSpy 3.94
"ZonerPhotoStudio12_EN_is1" = Zoner Photo Studio 12
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-484763869-343818398-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GeotagPhotos" = GeotagPhotos
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

[PajaZ]

OTL logfile created on: 16.5.2010 12:18:18 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 023,00 Mb Total Physical Memory | 414,00 Mb Available Physical Memory | 40,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): D:\pagefile.sys 0 0 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 2,93 Gb Total Space | 1,43 Gb Free Space | 48,75% Space Free | Partition Type: FAT32
Drive D: | 50,78 Gb Total Space | 31,25 Gb Free Space | 61,53% Space Free | Partition Type: NTFS
Drive E: | 19,52 Gb Total Space | 16,16 Gb Free Space | 82,75% Space Free | Partition Type: FAT32
Drive F: | 52,05 Gb Total Space | 5,62 Gb Free Space | 10,79% Space Free | Partition Type: FAT32
Drive G: | 98,27 Gb Total Space | 12,96 Gb Free Space | 13,18% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 34,29 Gb Total Space | 5,99 Gb Free Space | 17,48% Space Free | Partition Type: NTFS
Drive M: | 596,17 Gb Total Space | 128,46 Gb Free Space | 21,55% Space Free | Partition Type: NTFS

Computer Name: DZIN
Current User Name: Zdenek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.05.16 12:17:14 | 000,570,880 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Plocha\OTL.exe
PRC - [2010.05.06 22:59:42 | 002,815,192 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.04.09 01:26:14 | 001,769,216 | ---- | M] () -- D:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2010.04.09 01:26:02 | 002,029,456 | ---- | M] (COMODO) -- D:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2010.02.19 17:00:24 | 000,148,744 | ---- | M] (COMODO) -- D:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe
PRC - [2010.02.04 20:51:15 | 000,030,192 | ---- | M] (Google) -- D:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2010.01.28 18:57:04 | 000,089,088 | ---- | M] (20Dollars2Surf.com) -- D:\Program Files\20Dollars2Surf\20dollars2surf.exe
PRC - [2010.01.16 05:11:42 | 000,910,296 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.01.01 17:01:42 | 000,039,408 | ---- | M] (Google Inc.) -- D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009.10.23 23:59:56 | 000,228,352 | ---- | M] (Logitech, Inc.) -- D:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe
PRC - [2009.07.20 11:51:52 | 000,935,208 | ---- | M] (Nero AG) -- D:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2007.09.11 00:45:04 | 000,124,832 | ---- | M] () -- D:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
PRC - [2007.04.23 13:18:05 | 002,173,744 | ---- | M] (Gainward Co.) -- D:\WINDOWS\TBPanel.exe
PRC - [2007.03.19 00:05:02 | 000,630,784 | ---- | M] () -- D:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
PRC - [2006.03.30 10:15:44 | 000,096,341 | ---- | M] (Canon Inc.) -- D:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2006.03.21 14:19:40 | 000,069,632 | ---- | M] (ScanSoft, Inc.) -- D:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
PRC - [2004.08.17 15:49:24 | 000,974,848 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
PRC - [2003.01.16 07:12:28 | 000,360,509 | R--- | M] () -- D:\Program Files\MICROSTAR\Bluetooth Software\BTTray.exe
PRC - [2003.01.16 07:12:24 | 000,045,056 | R--- | M] () -- D:\Program Files\MICROSTAR\Bluetooth Software\btsendto_explorer.exe
PRC - [2003.01.08 19:32:20 | 000,577,536 | ---- | M] (Alex van Kaam) -- D:\Software\Aplikace\Motherboard Monitor 5\MBM5.exe


========== Modules (SafeList) ==========

MOD - [2010.05.16 12:17:14 | 000,570,880 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Plocha\OTL.exe
MOD - [2010.04.09 01:26:12 | 000,277,240 | ---- | M] (COMODO) -- D:\WINDOWS\system32\guard32.dll
MOD - [2007.03.19 00:04:22 | 000,069,632 | ---- | M] () -- D:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
MOD - [2005.12.19 20:16:10 | 000,135,168 | ---- | M] (ScanSoft, Inc.) -- D:\Program Files\ScanSoft\OmniPageSE4.0\OpHookSE4.dll
MOD - [2004.08.17 15:48:02 | 001,050,624 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004.08.03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (avg9wd)
SRV - File not found [Auto | Stopped] -- -- (avg9emc)
SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- D:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.04.09 01:26:14 | 001,769,216 | ---- | M] () [Auto | Running] -- D:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2010.02.19 17:00:24 | 000,148,744 | ---- | M] (COMODO) [Auto | Running] -- D:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe -- (CLPSLS)
SRV - [2010.02.04 20:51:15 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- D:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-110309-193829)
SRV - [2009.07.20 11:51:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- D:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008.09.04 22:33:27 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007.09.11 00:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- D:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2006.03.30 10:15:44 | 000,096,341 | ---- | M] (Canon Inc.) [Auto | Running] -- D:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2002.12.17 17:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR)
SRV - [2002.12.17 17:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR)


========== Driver Services (SafeList) ==========

DRV - [2010.05.06 22:39:23 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.05.06 22:39:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.05.06 22:34:27 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.05.06 22:33:59 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.05.06 22:33:47 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.05.06 22:33:29 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010.04.09 01:25:48 | 000,086,800 | ---- | M] (COMODO) [Kernel | Boot | Running] -- D:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect)
DRV - [2010.04.09 01:25:46 | 000,225,344 | ---- | M] (COMODO) [File_System | System | Running] -- D:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2010.04.09 01:25:46 | 000,025,240 | ---- | M] (COMODO) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2009.11.10 12:26:52 | 000,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- D:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2009.10.28 19:39:41 | 000,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- D:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009.10.28 19:39:38 | 000,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- D:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009.06.05 11:42:28 | 000,017,408 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\netaapl.sys -- (Netaapl)
DRV - [2007.04.19 06:26:00 | 003,988,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2007.03.16 04:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\TBPanel.sys -- (TBPanel)
DRV - [2007.03.16 04:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex)
DRV - [2006.08.16 19:05:02 | 000,223,128 | ---- | M] (DT Soft Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi)
DRV - [2006.05.21 19:00:00 | 000,008,320 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\Program Files\RivaTuner v2.0 RC 16\RivaTuner32.sys -- (RivaTuner32)
DRV - [2005.12.30 01:04:24 | 000,024,064 | ---- | M] () [Kernel | System | Stopped] -- D:\WINDOWS\system32\drivers\SysTool.sys -- (SysTool)
DRV - [2005.12.30 01:04:24 | 000,024,064 | ---- | M] () [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\ATITool.sys -- (ATITool)
DRV - [2004.11.10 00:32:10 | 000,021,968 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\PStrip.sys -- (PStrip)
DRV - [2004.10.17 21:10:21 | 000,002,656 | ---- | M] (TwinSSoft Co.) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\CBID.SYS -- (Dev_CBIDDRV)
DRV - [2004.10.13 12:56:10 | 000,462,212 | ---- | M] (B2C2, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\SkyNET.sys -- (SKYNET)
DRV - [2004.08.03 23:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004.08.03 23:07:46 | 000,223,616 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2004.08.03 22:59:52 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2004.05.27 16:23:51 | 000,031,936 | ---- | M] (Identcode Ltd.) [Kernel | Auto | Running] -- D:\WINDOWS\System32\Drivers\ANGELNT.SYS -- (Angelnt)
DRV - [2004.03.10 17:27:18 | 000,011,264 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\asapiW2k.sys -- (ASAPIW2k)
DRV - [2003.03.26 17:26:50 | 000,610,403 | R--- | M] (ASUSCOM) [Kernel | Boot | Running] -- D:\WINDOWS\System32\DRIVERS\linkisdn.sys -- (isdnlink)
DRV - [2003.03.11 12:17:00 | 000,085,265 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\si3112r.sys -- (si3112r)
DRV - [2003.03.11 12:17:00 | 000,009,600 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\SiWinAcc.sys -- (SiWinAcc)
DRV - [2003.03.11 12:17:00 | 000,009,600 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- D:\WINDOWS\System32\DRIVERS\SiWinAcc.sys -- (SiFilter)
DRV - [2003.02.19 08:58:44 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2003.01.16 07:12:30 | 000,065,076 | R--- | M] () [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2003.01.16 07:12:28 | 000,144,608 | R--- | M] () [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2003.01.16 07:12:26 | 000,222,164 | R--- | M] () [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\btslbcsp.sys -- (BTSLBCSP)
DRV - [2003.01.16 07:12:24 | 000,022,119 | R--- | M] () [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2003.01.16 07:12:20 | 000,030,043 | R--- | M] () [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2003.01.16 07:12:16 | 001,149,978 | R--- | M] () [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2003.01.16 07:12:10 | 000,021,701 | R--- | M] () [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\btaudio.sys -- (BtAudio)
DRV - [2002.11.27 13:52:00 | 000,080,896 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET)
DRV - [2002.11.13 09:10:00 | 000,020,224 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\nvidesm.sys -- (nvidesm)
DRV - [2002.09.16 17:14:32 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\PQNTDRV.sys -- (PQNTDrv)
DRV - [2002.09.06 05:24:00 | 000,013,568 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- D:\WINDOWS\System32\DRIVERS\nv_agp.sys -- (nv_agp)
DRV - [2002.07.17 08:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2002.07.11 05:16:10 | 000,003,480 | ---- | M] (cansoft@livewiredev.com) [Kernel | System | Running] -- D:\WINDOWS\system32\mbmiodrvr.sys -- (mbmiodrvr)
DRV - [2002.06.24 11:57:58 | 000,039,182 | ---- | M] (Leadtek Research Inc.) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\wf2ktunr.sys -- (tv2ktunr)
DRV - [2002.06.24 11:57:58 | 000,009,804 | ---- | M] (Leadtek Research Inc.) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\wf2kXbar.sys -- (Tv2kXbar)
DRV - [2002.06.24 11:57:56 | 000,081,356 | ---- | M] (Leadtek Research Inc.) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\wf2kvcap.sys -- (BT848)
DRV - [2002.06.24 10:47:42 | 000,047,968 | R--- | M] (ASUSCOM) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\wanlink.sys -- (wanlink)
DRV - [2001.08.18 00:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001.08.17 22:02:32 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\hidgame.sys -- (hidgame)
DRV - [2001.08.17 21:58:00 | 000,019,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\hidbatt.sys -- (HidBatt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-484763869-343818398-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://google.icq.com
IE - HKU\S-1-5-21-484763869-343818398-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://tea-earth.net/
IE - HKU\S-1-5-21-484763869-343818398-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-484763869-343818398-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-484763869-343818398-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "http://www.yodl.de/href.php?hrefname=FF-splug_google&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: aging-tabs@design-noir.de:0.7.1
FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.11
FF - prefs.js..extensions.enabledItems: {3C9A65A6-9563-4485-BA4A-4BCD698BCFB4}:5.3.2
FF - prefs.js..extensions.enabledItems: chineseperakun@gmail.com:2.1
FF - prefs.js..extensions.enabledItems: {6e84150a-d526-41f1-a480-a67d3fed910d}:1.4.5.1
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1
FF - prefs.js..extensions.enabledItems: {c151d79e-e61b-4a90-a887-5a46d38fba99}:2.5
FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe30}:0.6.7.4
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.2
FF - prefs.js..extensions.enabledItems: cs@dictionaries.addons.mozilla.org:1.0.1
FF - prefs.js..extensions.enabledItems: peraperakun-chinese@gmail.com:1.0
FF - prefs.js..extensions.enabledItems: {ea614400-e918-4741-9a97-7a972ff7c30b}:2.0.6
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.17
FF - prefs.js..keyword.URL: "http://search.sweetim.com/search.asp?src=2&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: D:\Program Files\AVG\AVG9\Firefox
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2010.03.03 14:32:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2010.03.03 00:27:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components: D:\Program Files\Mozilla Thunderbird\components [2010.04.29 21:51:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Plugins: D:\Program Files\Mozilla Thunderbird\plugins

[2010.04.29 21:51:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Extensions
[2010.04.29 21:51:16 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.04.24 23:18:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\extensions
[2010.03.03 00:35:48 | 000,000,000 | ---D | M] (All-in-One Sidebar) -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}
[2008.03.29 00:55:08 | 000,000,000 | ---D | M] (Cylence Theme 2: Extra Black Edition RC1) -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\extensions\{10df925e-9821-45fa-b8c1-27601aa054c1}
[2010.03.03 00:35:50 | 000,000,000 | ---D | M] (Session Manager) -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}
[2010.03.21 22:39:30 | 000,000,000 | ---D | M] (FlashGot) -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2007.09.07 14:04:11 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\extensions\{1DEAE5AA-E19E-458b-9C8C-73CB651B9A58}
[2008.03.29 00:54:19 | 000,000,000 | ---D | M] (Abstract Classic) -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\extensions\{2fbc1200-ad13-11db-abbd-0800200c9a66}
[2010.03.03 00:35:49 | 000,000,000 | ---D | M] (PDF Download) -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2010.03.03 00:35:48 | 000,000,000 | ---D | M] (Back to Top) -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\extensions\{3C9A65A6-9563-4485-BA4A-4BCD698BCFB4}
[2008.03.29 01:36:07 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2010.03.03 00:35:50 | 000,000,000 | ---D | M] (FoxyTunes) -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
[2010.03.03 00:35:47 | 000,000,000 | ---D | M] (IE View) -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}
[2008.03.29 00:54:12 | 000,000,000 | ---D | M] (Aquatint Black Gloss) -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66}
[2008.03.29 13:49:41 | 000,000,000 | ---D | M] (Firefox Zune) -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\extensions\{7ef7f4d6-947d-11dc-8314-0800200c9a66}
[2008.03.29 00:54:44 | 000,000,000 | ---D | M] (BlackJapanMAX) -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\extensions\{8e12f188-352c-4476-8198-e9b8f4a4353a}
[2006.08.27 15:15:31 | 000,000,000 | ---D | M] (Firefox (default)) -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007.09.07 14:04:30 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
[2007.09.07 14:04:18 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\extensions\{a0f7b384-a625-4ba8-82cb-e33d6d2fd021}
[2010.03.03 00:35:50 | 000,000,000 | ---D | M] (Pearl Crescent Page Saver Basic) -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\extensions\{c151d79e-e61b-4a90-a887-5a46d38fba99}
[2010.03.03 00:35:47 | 000,000,000 | ---D | M] (Adblock Plus) -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.03.03 00:35:58 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2010.03.03 11:43:25 | 000,000,000 | ---D | M] (Seznam lištiÄŤka) -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2010.03.03 00:35:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\extensions\aging-tabs@design-noir.de
[2007.09.07 14:04:04 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\extensions\blue
[2010.03.03 00:35:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\extensions\cs@dictionaries.addons.mozilla.org
[2010.03.03 00:35:46 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\extensions\chineseperakun@gmail.com
[2008.03.29 13:54:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\extensions\nasanightlaunch@example.com
[2010.03.03 00:57:38 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\extensions\peraperakun-chinese@gmail.com
[2010.03.21 22:39:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\extensions\staged-xpis
[2008.03.29 00:29:09 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\extensions\temp
[2010.03.03 00:40:22 | 000,002,049 | ---- | M] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\searchplugins\firmycz.xml
[2008.03.29 00:37:40 | 000,000,951 | ---- | M] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\searchplugins\icqplugin.xml
[2010.03.03 00:40:22 | 000,002,044 | ---- | M] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\searchplugins\mapycz.xml
[2009.12.22 17:37:20 | 000,003,915 | ---- | M] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\searchplugins\sweetim.xml
[2010.03.03 00:40:22 | 000,002,210 | ---- | M] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\searchplugins\zbocz.xml
[2010.04.24 23:18:20 | 000,000,000 | ---D | M] -- D:\Program Files\Mozilla Firefox\extensions
[2010.01.16 02:50:40 | 000,000,638 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.01.16 02:50:40 | 000,001,687 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.01.16 02:50:40 | 000,001,367 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.01.16 02:50:40 | 000,000,654 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.01.16 02:50:40 | 000,001,179 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.04.07 16:41:26 | 000,000,027 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (IeCatch5 Class) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - D:\Program Files\FlashGet\Jccatch.dll (FlashGet)
O2 - BHO: (EWPBrowseObject Class) - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - D:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (gFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - D:\Program Files\FlashGet\getflash.dll ()
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - D:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (FlashGet Bar) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\Program Files\FlashGet\fgiebar.dll (Amaze Soft)
O3 - HKU\S-1-5-21-484763869-343818398-839522115-1003\..\Toolbar\ShellBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-484763869-343818398-839522115-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [AppleSyncNotifier] D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avast5] D:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [COMODO Internet Security] D:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [Gainward] D:\WINDOWS\TBPanel.exe (Gainward Co.)
O4 - HKLM..\Run: [Google Desktop Search] D:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] D:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe (HP)
O4 - HKLM..\Run: [IMJPMIG8.1] D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LogonStudio] D:\Software\Aplikace\LogonStudio\logonstudio.exe (Stardock and Luca Saggese)
O4 - HKLM..\Run: [MBM 5] D:\Software\Aplikace\Motherboard Monitor 5\MBM5.EXE (Alex van Kaam)
O4 - HKLM..\Run: [MSPY2002] D:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] D:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] D:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] D:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [OpwareSE4] D:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [PHIME2002A] D:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] D:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PinnacleDriverCheck] D:\WINDOWS\System32\PSDrvCheck.exe ()
O4 - HKLM..\Run: [SSBkgdUpdate] D:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Scansoft, Inc.)
O4 - HKU\S-1-5-21-484763869-343818398-839522115-1003..\Run: [RocketDock] D:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-21-484763869-343818398-839522115-1003..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\.DEFAULT..\RunOnce: [RunNarrator] D:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [RunNarrator] D:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O4 - Startup: D:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\20Dollars2Surf.lnk = D:\Program Files\20Dollars2Surf\20dollars2surf.exe (20Dollars2Surf.com)
O4 - Startup: D:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\BTTray.lnk = D:\Program Files\MICROSTAR\Bluetooth Software\BTTray.exe ()
O4 - Startup: D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Nabídka Start\Programy\Po spuštění\Logitech Touch Mouse Server.lnk = D:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe (Logitech, Inc.)
O4 - Startup: D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Nabídka Start\Programy\Po spuštění\RocketDock.lnk = D:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-484763869-343818398-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-484763869-343818398-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-484763869-343818398-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-484763869-343818398-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - D:\Software\Aplikace\Office2003\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Easy-WebPrint - Náhled - D:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint - Přidat na seznam k tisku - D:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint - Tisk - D:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint - Vysokorychlostní tisk - D:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Stáhnout pomocí FlashGet - D:\Program Files\FlashGet\jc_link.htm ()
O8 - Extra context menu item: Stáhnout vše pomocí FlashGet - D:\Program Files\FlashGet\jc_all.htm ()
O8 - Extra context menu item: WikiKomentáře Google... - D:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - D:\Program Files\Bonjour\ExplorerPlugin.dll (Apple Inc.)
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Software\Aplikace\Office2003\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Program Files\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Program Files\ICQLite\ICQLite.exe File not found
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - D:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-484763869-343818398-839522115-1003\..Trusted Domains: localhost ([]http in Místní intranet)
O15 - HKU\S-1-5-21-484763869-343818398-839522115-1003\..Trusted Ranges: GD ([http] in Místní intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://active.macromedia.com/flash2/cabs/swflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://D:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://D:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 0.0.0.0
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (D:\WINDOWS\system32\guard32.dll) - D:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (D:\WINDOWS\system32\logonuiX.exe) - D:\WINDOWS\system32\logonuiX.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - D:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.08.17 17:23:18 | 000,000,254 | ---- | M] () - C:\AUTOEXEC.BAK -- [ FAT32 ]
O32 - AutoRun File - [2006.08.17 17:23:18 | 000,000,254 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2006.08.17 17:19:32 | 000,000,254 | ---- | M] () - C:\AUTOEXEC._AV -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[PajaZ]

NetSvcs: Ias - D:\WINDOWS\system32\ias [2005.01.07 17:15:52 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.l3acm - D:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - D:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - D:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - D:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: VIDC.CFHD - D:\WINDOWS\System32\cfhd.dll (CineForm Inc.)
Drivers32: vidc.cvid - D:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - D:\WINDOWS\System32\DivX.dll (DivXNetworks, Inc.)
Drivers32: VIDC.FPS1 - D:\WINDOWS\System32\frapsvid.dll ()
Drivers32: VIDC.HFYU - D:\WINDOWS\System32\HUFFYUV.DLL (Disappearing Inc.)
Drivers32: vidc.iv31 - D:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - D:\WINDOWS\System32\ir32_32.dll ()
Drivers32: VIDC.MJPG - D:\WINDOWS\System32\pvmjpg21.dll (Pegasus Imaging Corporation)
Drivers32: VIDC.MP42 - D:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: VIDC.MPG4 - D:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: VIDC.PIM1 - D:\WINDOWS\System32\pclepim1.dll (Pinnacle Systems)
Drivers32: vidc.VP60 - D:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - D:\WINDOWS\system32\vp6vfw.dll (On2.com)
Unable to start service SrService!

========== Files/Folders - Created Within 30 Days ==========

[2010.05.16 12:17:14 | 000,570,880 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Plocha\OTL.exe
[2010.05.16 12:11:34 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Recent
[2010.05.16 11:00:19 | 001,563,298 | ---- | C] (Galactic Brothers LTD ) -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Plocha\setup.exe
[2010.05.15 15:17:09 | 000,000,000 | ---D | C] -- D:\rsit
[2010.05.15 00:30:42 | 000,059,904 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\wbemdisp.tlb
[2010.05.15 00:30:41 | 000,000,000 | ---D | C] -- D:\Program Files\20Dollars2Surf
[2010.05.14 16:02:59 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Geotag Photos
[2010.05.12 15:26:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users.WINDOWS\Data aplikací\VOWSoft
[2010.05.12 15:26:01 | 000,000,000 | ---D | C] -- D:\Program Files\iPodRobot
[2010.05.09 22:17:59 | 004,580,352 | ---- | C] (i-Funbox.com) -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Plocha\iFunBox.exe
[2010.04.25 12:50:12 | 000,000,000 | ---D | C] -- D:\Program Files\Auto Clicker Typer
[2010.04.22 21:28:58 | 000,060,273 | ---- | C] (Open Source Software community project) -- D:\WINDOWS\System32\pthreadGC2.dll
[2010.04.22 21:28:46 | 000,000,000 | ---D | C] -- D:\Program Files\Haali
[2010.04.22 21:28:37 | 000,000,000 | ---D | C] -- D:\Program Files\AviSynth 2.5
[2010.04.22 21:28:27 | 000,290,816 | ---- | C] (SourceTec Software Co., LTD) -- D:\WINDOWS\System32\stFLVSource.ax
[2010.04.22 21:28:25 | 000,278,528 | ---- | C] (Real Networks, Inc) -- D:\WINDOWS\System32\pncrt.dll
[2010.04.22 21:28:25 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\SourceTec
[2010.04.22 21:28:17 | 001,184,984 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\wvc1dmod.dll
[2010.04.22 21:28:17 | 000,217,088 | ---- | C] (-) -- D:\WINDOWS\System32\CoreFLACDecoder.ax
[2010.04.22 21:28:16 | 000,438,272 | ---- | C] (Gabest) -- D:\WINDOWS\System32\Mpeg2DecFilter.ax
[2010.04.22 21:28:16 | 000,000,000 | ---D | C] -- D:\Program Files\SourceTec
[2010.04.18 11:27:56 | 000,000,000 | ---D | C] -- D:\Program Files\NirSoft

========== Files - Modified Within 30 Days ==========

[2010.05.16 12:24:28 | 000,000,558 | ---- | M] () -- D:\WINDOWS\DFC.INI
[2010.05.16 12:19:40 | 001,008,962 | ---- | M] () -- D:\WINDOWS\System32\PerfStringBackup.INI
[2010.05.16 12:19:40 | 000,421,798 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat
[2010.05.16 12:19:40 | 000,419,884 | ---- | M] () -- D:\WINDOWS\System32\perfh005.dat
[2010.05.16 12:19:40 | 000,082,222 | ---- | M] () -- D:\WINDOWS\System32\perfc005.dat
[2010.05.16 12:19:40 | 000,070,988 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat
[2010.05.16 12:17:14 | 000,570,880 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Plocha\OTL.exe
[2010.05.16 12:15:01 | 019,483,648 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\System32\logonuiX.exe
[2010.05.16 12:14:46 | 000,088,723 | ---- | M] () -- D:\WINDOWS\System32\nvapps.xml
[2010.05.16 12:14:21 | 000,000,024 | ---- | M] () -- D:\WINDOWS\LogonStudio.ini
[2010.05.16 12:14:19 | 000,000,936 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.05.16 12:14:12 | 000,000,006 | -H-- | M] () -- D:\WINDOWS\tasks\SA.DAT
[2010.05.16 12:13:54 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2010.05.16 12:11:42 | 009,961,472 | ---- | M] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\ntuser.dat
[2010.05.16 12:11:42 | 000,000,272 | -HS- | M] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\ntuser.ini
[2010.05.16 12:11:13 | 000,005,394 | ---- | M] () -- D:\WINDOWS\wincmd.ini
[2010.05.16 12:08:53 | 000,001,062 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-484763869-343818398-839522115-1003UA.job
[2010.05.16 11:13:05 | 000,000,940 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.05.16 11:03:41 | 000,000,704 | ---- | M] () -- D:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\20Dollars2Surf.lnk
[2010.05.16 11:03:41 | 000,000,692 | ---- | M] () -- D:\Documents and Settings\All Users.WINDOWS\Plocha\20Dollars2Surf.lnk
[2010.05.16 11:00:21 | 001,563,298 | ---- | M] (Galactic Brothers LTD ) -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Plocha\setup.exe
[2010.05.15 22:51:58 | 000,000,664 | ---- | M] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Plocha\Zástupce - BrowseWin.lnk
[2010.05.15 22:08:03 | 000,001,010 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-484763869-343818398-839522115-1003Core.job
[2010.05.15 18:51:59 | 000,003,187 | ---- | M] () -- D:\WINDOWS\wcx_ftp.ini
[2010.05.15 17:45:09 | 000,000,122 | ---- | M] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Local Settings\Data aplikací\rssbuilder.config
[2010.05.15 17:45:07 | 000,000,333 | ---- | M] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Local Settings\Data aplikací\rssbuilder.ftpconfig
[2010.05.15 10:50:46 | 000,000,000 | ---- | M] () -- D:\WINDOWS\MEMORY.DMP
[2010.05.14 15:13:57 | 000,002,206 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2010.05.13 12:00:08 | 000,000,012 | ---- | M] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\qvjsge.dat
[2010.05.12 23:52:55 | 000,000,095 | ---- | M] () -- D:\WINDOWS\winamp.ini
[2010.05.12 15:24:19 | 000,098,939 | -H-- | M] () -- D:\treeinfo.wc
[2010.05.12 11:38:17 | 000,207,304 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2010.05.11 20:49:07 | 000,027,648 | ---- | M] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.05.11 16:44:34 | 000,057,064 | ---- | M] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.05.10 12:32:05 | 000,000,116 | ---- | M] () -- D:\WINDOWS\NeroDigital.ini
[2010.05.09 22:58:45 | 000,000,186 | ---- | M] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Dokumenty\bestmanualchat.act
[2010.05.07 15:45:05 | 000,002,595 | ---- | M] () -- D:\WINDOWS\System32\config.nt
[2010.05.06 22:59:36 | 000,165,032 | ---- | M] (ALWIL Software) -- D:\WINDOWS\System32\aswBoot.exe
[2010.05.06 22:39:23 | 000,046,672 | ---- | M] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aswTdi.sys
[2010.05.06 22:39:00 | 000,164,048 | ---- | M] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aswSP.sys
[2010.05.06 22:34:27 | 000,023,376 | ---- | M] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aswRdr.sys
[2010.05.06 22:33:59 | 000,100,432 | ---- | M] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aswmon2.sys
[2010.05.06 22:33:55 | 000,094,800 | ---- | M] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aswmon.sys
[2010.05.06 22:33:47 | 000,019,024 | ---- | M] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.05.06 22:33:29 | 000,028,880 | ---- | M] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aavmker4.sys
[2010.05.06 19:21:36 | 004,288,512 | ---- | M] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Plocha\restaurace.doc
[2010.05.06 19:21:36 | 001,530,368 | ---- | M] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Plocha\nabizime.doc
[2010.05.06 19:21:28 | 007,898,624 | ---- | M] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Plocha\ubytovani.doc
[2010.05.06 19:20:45 | 003,371,520 | ---- | M] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Plocha\HOTYLEK BELVEDER.doc
[2010.05.06 18:54:53 | 000,000,131 | ---- | M] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Dokumenty\bestamanual.act
[2010.05.01 10:37:53 | 000,000,105 | ---- | M] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Dokumenty\best.act
[2010.04.25 12:50:14 | 000,000,732 | ---- | M] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Plocha\Auto Clicker Typer.lnk
[2010.04.19 15:33:21 | 000,027,648 | ---- | M] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Plocha\LF.doc

========== Files Created - No Company Name ==========

[2010.05.16 11:03:41 | 000,000,692 | ---- | C] () -- D:\Documents and Settings\All Users.WINDOWS\Plocha\20Dollars2Surf.lnk
[2010.05.15 22:51:58 | 000,000,664 | ---- | C] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Plocha\Zástupce - BrowseWin.lnk
[2010.05.15 15:16:11 | 000,781,909 | ---- | C] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Plocha\RSIT.exe
[2010.05.15 00:30:44 | 000,000,704 | ---- | C] () -- D:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\20Dollars2Surf.lnk
[2010.05.13 12:00:07 | 000,000,012 | ---- | C] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\qvjsge.dat
[2010.05.09 22:58:45 | 000,000,186 | ---- | C] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Dokumenty\bestmanualchat.act
[2010.05.06 19:21:28 | 001,530,368 | ---- | C] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Plocha\nabizime.doc
[2010.05.06 19:21:14 | 004,288,512 | ---- | C] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Plocha\restaurace.doc
[2010.05.06 19:21:02 | 007,898,624 | ---- | C] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Plocha\ubytovani.doc
[2010.05.06 19:20:39 | 003,371,520 | ---- | C] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Plocha\HOTYLEK BELVEDER.doc
[2010.05.05 14:14:11 | 000,000,131 | ---- | C] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Dokumenty\bestamanual.act
[2010.04.26 22:21:56 | 000,000,105 | ---- | C] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Dokumenty\best.act
[2010.04.25 16:17:24 | 000,416,275 | ---- | C] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Plocha\Mofiki's Autoclicker Premium v1.0.0.3.exe
[2010.04.25 12:50:14 | 000,000,732 | ---- | C] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Plocha\Auto Clicker Typer.lnk
[2010.01.23 16:54:36 | 000,000,032 | ---- | C] () -- D:\WINDOWS\CD_Start.INI
[2009.06.18 19:58:05 | 000,065,076 | R--- | C] () -- D:\WINDOWS\System32\drivers\btwusb.sys
[2009.06.18 19:58:05 | 000,017,388 | R--- | C] () -- D:\WINDOWS\System32\drivers\frmupgr.sys
[2007.09.21 16:22:18 | 000,003,187 | ---- | C] () -- D:\WINDOWS\wcx_ftp.ini
[2007.08.07 22:14:11 | 001,703,936 | ---- | C] () -- D:\WINDOWS\System32\nvwdmcpl.dll
[2007.08.07 22:14:11 | 001,474,560 | ---- | C] () -- D:\WINDOWS\System32\nview.dll
[2007.08.07 22:14:11 | 001,019,904 | ---- | C] () -- D:\WINDOWS\System32\nvwimg.dll
[2007.08.07 22:14:11 | 000,581,632 | ---- | C] () -- D:\WINDOWS\System32\nvhwvid.dll
[2007.08.07 22:14:11 | 000,466,944 | ---- | C] () -- D:\WINDOWS\System32\nvshell.dll
[2007.08.07 22:14:11 | 000,286,720 | ---- | C] () -- D:\WINDOWS\System32\nvnt4cpl.dll
[2007.08.07 22:14:11 | 000,212,992 | ---- | C] () -- D:\WINDOWS\System32\nvapi.dll
[2007.08.07 22:13:26 | 000,012,285 | ---- | C] () -- D:\WINDOWS\Cadx3.ini
[2007.08.07 22:13:26 | 000,006,942 | ---- | C] () -- D:\WINDOWS\cadx2.ini
[2007.08.07 21:24:51 | 000,000,558 | ---- | C] () -- D:\WINDOWS\DFC.INI
[2007.08.07 21:22:10 | 000,032,768 | ---- | C] () -- D:\WINDOWS\TBPanelExt.dll
[2007.08.07 21:22:10 | 000,005,120 | ---- | C] () -- D:\WINDOWS\TBManage.dll
[2007.01.12 19:45:19 | 000,000,121 | ---- | C] () -- D:\WINDOWS\EMAS Chinese Numbers.ini
[2007.01.12 19:45:14 | 000,000,158 | ---- | C] () -- D:\WINDOWS\FSaver.ini
[2007.01.12 19:45:14 | 000,000,133 | ---- | C] () -- D:\WINDOWS\EMAS Chinese Calligraphy strokes.ini
[2006.11.23 21:12:27 | 000,000,419 | ---- | C] () -- D:\WINDOWS\MAXLINK.INI
[2006.07.02 18:53:41 | 000,000,478 | ---- | C] () -- D:\WINDOWS\SIERRA.INI
[2006.05.23 16:33:02 | 000,040,960 | ---- | C] () -- D:\WINDOWS\System32\SDPlib.dll
[2005.12.30 01:04:24 | 000,024,064 | ---- | C] () -- D:\WINDOWS\System32\drivers\SysTool.sys
[2005.12.30 01:04:24 | 000,024,064 | ---- | C] () -- D:\WINDOWS\System32\drivers\ATITool.sys
[2005.05.06 19:22:00 | 000,000,478 | ---- | C] () -- D:\WINDOWS\hpbvspst.ini
[2004.12.29 13:26:54 | 000,036,864 | ---- | C] () -- D:\WINDOWS\System32\frapsvid.dll
[2004.11.17 19:08:00 | 000,363,520 | ---- | C] () -- D:\WINDOWS\System32\psisdecd.dll
[2004.11.17 13:45:26 | 000,000,051 | ---- | C] () -- D:\WINDOWS\AKSetup.INI
[2004.10.17 20:57:19 | 000,049,152 | ---- | C] () -- D:\WINDOWS\System32\TVicHW32.dll
[2004.08.19 19:26:51 | 000,004,601 | ---- | C] () -- D:\WINDOWS\hpdj5100.ini
[2004.08.08 15:34:48 | 000,000,024 | ---- | C] () -- D:\WINDOWS\LogonStudio.ini
[2004.08.08 15:34:28 | 000,187,392 | ---- | C] () -- D:\WINDOWS\System32\JPGUtils.dll
[2004.07.18 16:46:21 | 000,000,020 | ---- | C] () -- D:\WINDOWS\level.ini
[2004.05.17 19:26:29 | 000,000,032 | ---- | C] () -- D:\WINDOWS\SUBCONV.INI
[2004.05.09 14:24:02 | 000,000,405 | ---- | C] () -- D:\WINDOWS\System32\ANGELDOS.SYS
[2004.05.09 14:23:46 | 000,181,760 | ---- | C] () -- D:\WINDOWS\System32\IANGEL32.DLL
[2004.05.09 14:23:10 | 000,026,112 | ---- | C] () -- D:\WINDOWS\System32\angel32.dll
[2004.05.03 18:59:21 | 000,000,030 | ---- | C] () -- D:\WINDOWS\TextSpy.ini
[2004.04.27 14:23:16 | 000,000,135 | ---- | C] () -- D:\WINDOWS\huffyuv.ini
[2004.04.27 13:30:14 | 000,000,581 | ---- | C] () -- D:\WINDOWS\ODBC.INI
[2004.04.27 11:29:18 | 000,003,972 | ---- | C] () -- D:\WINDOWS\System32\drivers\PciBus.sys
[2004.04.27 11:21:07 | 000,112,688 | ---- | C] () -- D:\WINDOWS\System32\shw32.dll
[2004.04.27 11:13:48 | 000,000,116 | ---- | C] () -- D:\WINDOWS\NeroDigital.ini
[2004.04.27 11:06:34 | 000,000,095 | ---- | C] () -- D:\WINDOWS\winamp.ini
[2004.04.27 10:16:56 | 000,102,400 | ---- | C] () -- D:\WINDOWS\System32\libbz2.dll
[2004.04.27 10:13:45 | 000,005,394 | ---- | C] () -- D:\WINDOWS\wincmd.ini
[2004.04.27 10:00:37 | 000,000,092 | ---- | C] () -- D:\WINDOWS\CMISETUP.INI
[2004.04.27 10:00:37 | 000,000,026 | ---- | C] () -- D:\WINDOWS\CMCDPLAY.INI
[2004.04.27 10:00:37 | 000,000,010 | ---- | C] () -- D:\WINDOWS\Wininit.ini
[2004.04.27 10:00:34 | 000,058,716 | ---- | C] () -- D:\WINDOWS\Cmuda.ini
[2004.04.27 10:00:28 | 000,028,672 | ---- | C] () -- D:\WINDOWS\CMIRmDriver.dll
[2004.03.27 19:34:13 | 001,900,544 | ---- | C] () -- D:\WINDOWS\System32\cmiwcnfg.dll
[2004.03.27 19:34:13 | 000,028,672 | ---- | C] () -- D:\WINDOWS\System32\cmirmdrv.dll
[2004.02.07 14:55:06 | 000,729,088 | ---- | C] () -- D:\WINDOWS\System32\xvidcore.dll
[2003.12.22 15:40:06 | 001,663,068 | ---- | C] () -- D:\WINDOWS\System32\libmmd.dll
[2003.04.09 15:38:04 | 000,005,664 | ---- | C] () -- D:\WINDOWS\System32\OUTLPERF.INI
[2003.01.16 07:12:38 | 000,462,848 | R--- | C] () -- D:\WINDOWS\System32\WidcommSdk.dll
[2003.01.16 07:12:38 | 000,368,701 | R--- | C] () -- D:\WINDOWS\System32\wbtapi.dll
[2003.01.16 07:12:32 | 001,802,240 | R--- | C] () -- D:\WINDOWS\System32\lcppn21.dll
[2003.01.16 07:12:30 | 000,102,400 | R--- | C] () -- D:\WINDOWS\System32\BTXPPanel.dll
[2003.01.16 07:12:30 | 000,024,576 | R--- | C] () -- D:\WINDOWS\System32\BtXpShell.dll
[2003.01.16 07:12:28 | 000,720,896 | R--- | C] () -- D:\WINDOWS\System32\BtWizard.dll
[2003.01.16 07:12:28 | 000,144,608 | R--- | C] () -- D:\WINDOWS\System32\drivers\btwdndis.sys
[2003.01.16 07:12:28 | 000,040,960 | R--- | C] () -- D:\WINDOWS\System32\btwpimif.dll
[2003.01.16 07:12:26 | 000,222,164 | R--- | C] () -- D:\WINDOWS\System32\drivers\btslbcsp.sys
[2003.01.16 07:12:24 | 000,143,360 | R--- | C] () -- D:\WINDOWS\System32\btsendto_office.dll
[2003.01.16 07:12:24 | 000,094,208 | R--- | C] () -- D:\WINDOWS\System32\btsendto.dll
[2003.01.16 07:12:24 | 000,061,440 | R--- | C] () -- D:\WINDOWS\System32\btsendto_wab.dll
[2003.01.16 07:12:24 | 000,049,152 | R--- | C] () -- D:\WINDOWS\System32\btsendto_notes.dll
[2003.01.16 07:12:24 | 000,049,152 | R--- | C] () -- D:\WINDOWS\System32\btrezxp.dll
[2003.01.16 07:12:24 | 000,040,960 | R--- | C] () -- D:\WINDOWS\System32\btsec.dll
[2003.01.16 07:12:24 | 000,022,119 | R--- | C] () -- D:\WINDOWS\System32\drivers\btserial.sys
[2003.01.16 07:12:22 | 002,166,784 | R--- | C] () -- D:\WINDOWS\System32\btrez.dll
[2003.01.16 07:12:20 | 000,114,688 | R--- | C] () -- D:\WINDOWS\System32\btosif_olx.dll
[2003.01.16 07:12:20 | 000,065,536 | R--- | C] () -- D:\WINDOWS\System32\btprn2k.dll
[2003.01.16 07:12:20 | 000,030,043 | R--- | C] () -- D:\WINDOWS\System32\drivers\btport.sys
[2003.01.16 07:12:18 | 000,757,837 | R--- | C] () -- D:\WINDOWS\System32\BTNeighborhood.dll
[2003.01.16 07:12:18 | 000,143,360 | R--- | C] () -- D:\WINDOWS\System32\btosif_ol.dll
[2003.01.16 07:12:18 | 000,135,168 | R--- | C] () -- D:\WINDOWS\System32\btosif_notes.dll
[2003.01.16 07:12:18 | 000,098,304 | R--- | C] () -- D:\WINDOWS\System32\btosif.dll
[2003.01.16 07:12:18 | 000,065,536 | R--- | C] () -- D:\WINDOWS\System32\BTNCopy.dll
[2003.01.16 07:12:18 | 000,000,607 | R--- | C] () -- D:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2003.01.16 07:12:16 | 001,149,978 | R--- | C] () -- D:\WINDOWS\System32\drivers\btkrnl.sys
[2003.01.16 07:12:14 | 000,212,992 | R--- | C] () -- D:\WINDOWS\System32\btins.dll
[2003.01.16 07:12:12 | 000,184,320 | R--- | C] () -- D:\WINDOWS\System32\btcss.dll
[2003.01.16 07:12:12 | 000,135,168 | R--- | C] () -- D:\WINDOWS\System32\btbigbmp.dll
[2003.01.16 07:12:12 | 000,094,208 | R--- | C] () -- D:\WINDOWS\System32\bthcrpui.dll
[2003.01.16 07:12:12 | 000,086,016 | R--- | C] () -- D:\WINDOWS\System32\bthcrp.dll
[2003.01.16 07:12:12 | 000,032,768 | R--- | C] () -- D:\WINDOWS\System32\btdev.dll
[2003.01.16 07:12:12 | 000,000,597 | R--- | C] () -- D:\WINDOWS\System32\btcss.dll.manifest
[2003.01.16 07:12:10 | 000,090,112 | R--- | C] () -- D:\WINDOWS\System32\bt2k_ins.dll
[2003.01.16 07:12:10 | 000,061,440 | R--- | C] () -- D:\WINDOWS\System32\BtAudioHelper.dll
[2003.01.16 07:12:10 | 000,021,701 | R--- | C] () -- D:\WINDOWS\System32\drivers\btaudio.sys
[2002.05.24 18:43:18 | 000,007,168 | ---- | C] () -- D:\WINDOWS\System32\macrovsn.dll
[2002.03.25 22:02:14 | 000,027,440 | ---- | C] () -- D:\WINDOWS\System32\drivers\secdrv.sys
[2001.09.17 13:20:02 | 000,009,216 | ---- | C] () -- D:\WINDOWS\System32\cpuinf32.dll

========== LOP Check ==========

[2006.08.14 17:50:55 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Data aplikací\ACD Systems
[2010.04.06 17:48:33 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Data aplikací\Alwil Software
[2008.10.20 15:16:18 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Data aplikací\Avery
[2010.03.04 22:39:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Data aplikací\avg9
[2006.11.23 21:07:11 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users.WINDOWS\Data aplikací\CanonBJ
[2009.09.29 17:17:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Data aplikací\Downloaded Installations
[2008.09.09 15:06:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Data aplikací\espionServerData
[2008.10.12 00:24:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Data aplikací\gdRSS
[2008.10.12 00:24:15 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Data aplikací\IProt
[2007.08.07 21:23:15 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Data aplikací\muvee Technologies
[2005.03.04 13:19:53 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Data aplikací\Pinnacle
[2006.11.23 21:12:26 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Data aplikací\ScanSoft
[2006.04.04 16:06:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Data aplikací\SmartSound Software Inc
[2006.08.02 20:52:41 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Data aplikací\Sony
[2010.04.13 21:18:42 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Data aplikací\SweetIM
[2010.05.12 15:26:04 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Data aplikací\VOWSoft
[2009.03.27 23:33:42 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Data aplikací\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2009.09.20 20:23:16 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users.WINDOWS\Data aplikací\{1FE24C3C-F408-450B-A965-0DEB0B627051}
[2009.09.11 12:21:19 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Data aplikací\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009.06.17 09:47:25 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Data aplikací\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009.09.29 17:17:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\4Team
[2010.05.15 13:26:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Canon
[2008.01.01 21:04:47 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\CD-LabelPrint
[2009.07.16 10:00:22 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\DeepBurner
[2010.05.14 16:02:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Geotag Photos
[2010.01.02 20:04:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\ICQ
[2007.08.29 21:02:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\ICQ Toolbar
[2006.09.23 21:26:45 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\ICQLite
[2004.04.27 10:37:47 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\InterTrust
[2004.04.27 12:09:03 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\InterVideo
[2008.01.04 21:41:04 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\KompoZer
[2009.03.11 16:11:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\McLoad
[2010.02.14 15:04:39 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Opera
[2009.02.02 16:22:44 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Publish Providers
[2006.11.23 21:12:26 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\ScanSoft
[2007.05.21 19:17:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Sony
[2010.03.12 21:23:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\TeamViewer
[2010.04.29 21:51:09 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Thunderbird
[2009.10.05 16:56:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\VitySoft
[2010.02.09 17:37:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Zoner

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"RocketDock" = "D:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe" -- [2007.03.19 00:05:02 | 000,630,784 | ---- | M] ()
"swg" = "D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2010.01.01 17:01:42 | 000,039,408 | ---- | M] (Google Inc.)
"ctfmon.exe" = D:\WINDOWS\system32\ctfmon.exe -- [2004.08.17 15:49:24 | 000,015,360 | ---- | M] (Microsoft Corporation)
"Google Update" = "D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c -- [2010.03.18 16:08:25 | 000,136,176 | ---- | M] (Google Inc.)

< c:\windows\*.* /U >
[1 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2009.09.29 17:17:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\4Team
[2008.09.09 15:05:03 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Adobe
[2009.11.26 13:50:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Ahead
[2009.09.11 12:23:10 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Apple Computer
[2007.02.02 14:04:41 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\ArcSoft
[2010.05.15 13:26:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Canon
[2008.01.01 21:04:47 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\CD-LabelPrint
[2004.05.01 01:43:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Corel
[2009.07.16 10:00:22 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\DeepBurner
[2010.05.05 15:51:49 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\dvdcss
[2010.05.14 16:02:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Geotag Photos
[2008.02.03 23:10:51 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Google
[2004.04.27 10:07:14 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Help
[2010.01.02 20:04:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\ICQ
[2007.08.29 21:02:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\ICQ Toolbar
[2006.09.23 21:26:45 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\ICQLite
[2004.04.27 00:43:49 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Identities
[2007.08.25 11:27:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\InstallShield
[2004.04.27 10:37:47 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\InterTrust
[2004.04.27 12:09:03 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\InterVideo
[2008.01.04 21:41:04 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\KompoZer
[2006.09.15 22:45:45 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Macromedia
[2010.04.07 17:20:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Malwarebytes
[2009.03.11 16:11:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\McLoad
[2009.09.26 23:41:04 | 000,000,000 | --SD | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Microsoft
[2010.05.15 22:35:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla
[2009.11.15 21:58:12 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Nero
[2010.02.14 15:04:39 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Opera
[2009.02.02 16:22:44 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Publish Providers
[2006.11.23 21:12:26 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\ScanSoft
[2010.05.09 22:50:30 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Skype
[2010.05.09 21:38:39 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\skypePM
[2007.05.21 19:17:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Sony
[2007.09.25 21:21:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Sun
[2006.08.27 14:54:57 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Talkback
[2010.03.12 21:23:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\TeamViewer
[2010.04.29 21:51:09 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Thunderbird
[2009.10.05 16:56:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\VitySoft
[2010.05.16 00:50:51 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\vlc
[2010.02.09 17:37:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Zoner
[2007.07.31 12:49:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\ZoomBrowser EX

< %APPDATA%\*.exe /s >
[2009.03.11 16:11:35 | 000,196,610 | ---- | M] (ThinkLABs-ltd.) -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\McLoad\Uninstall-Mcload.exe
[2010.05.16 11:01:27 | 000,007,782 | R--- | M] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Microsoft\Installer\{132B5F44-9967-4B53-911E-3B87293CF089}\_3e303372.exe
[2010.05.16 11:01:27 | 000,003,638 | R--- | M] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Microsoft\Installer\{132B5F44-9967-4B53-911E-3B87293CF089}\_696075e6.exe
[2008.10.15 21:27:21 | 000,001,078 | R--- | M] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Microsoft\Installer\{2D314DA3-96BC-4FD0-8067-70AAF054C3E2}\_1A9C5F5148C4E91BA416A5.exe
[2008.10.15 21:27:21 | 000,001,078 | R--- | M] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Microsoft\Installer\{2D314DA3-96BC-4FD0-8067-70AAF054C3E2}\_31E917F491611132CDC121.exe
[2008.10.15 21:27:21 | 000,001,078 | R--- | M] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Microsoft\Installer\{2D314DA3-96BC-4FD0-8067-70AAF054C3E2}\_6FEFF9B68218417F98F549.exe
[2010.03.06 12:54:33 | 000,177,024 | ---- | M] () -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Data aplikací\Mozilla\Firefox\Profiles\tumuhuqj.default\FlashGot.exe


< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- D:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- D:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- D:\WINDOWS\system32\dllcache\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- D:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2002.09.20 20:17:54 | 010,174,968 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- D:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2002.08.29 03:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- D:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2002.08.29 03:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- D:\WINDOWS\system32\ReinstallBackups\0026\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- D:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- D:\WINDOWS\system32\dllcache\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- D:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: CDROM.SYS >
[2002.09.20 20:17:54 | 010,174,968 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- D:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2002.08.29 03:27:56 | 000,047,488 | ---- | M] (Microsoft Corporation) MD5=6506E033AD04CFEC9EE56DBEFD1083DD -- D:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- D:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- D:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2002.09.20 20:03:40 | 000,053,248 | ---- | M] (Microsoft Corporation) MD5=031E7FF41B13B658CAE7D6C98086F76A -- D:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- D:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- D:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- D:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- D:\WINDOWS\system32\eventlog.dll
[2002.09.20 20:03:50 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=E8508E7F865490D8AE71D00C8DF4D227 -- D:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2002.09.20 20:05:24 | 001,004,544 | ---- | M] (Microsoft Corporation) MD5=11D80755545CFB5EB9659EE88440EAE2 -- D:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004.08.17 15:49:24 | 000,974,848 | ---- | M] (Microsoft Corporation) MD5=4D32D7FFC2F583FE21EF0A4F99EABB12 -- D:\WINDOWS\explorer.exe
[2004.08.17 15:49:24 | 000,974,848 | ---- | M] (Microsoft Corporation) MD5=4D32D7FFC2F583FE21EF0A4F99EABB12 -- D:\WINDOWS\ServicePackFiles\i386\explorer.exe

< MD5 for: HAL.DLL >
[2002.09.20 20:17:54 | 010,174,968 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp1.cab:hal.dll
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- D:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2004.08.03 22:59:20 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=C321C95318495909A0066FB0EDC97287 -- D:\WINDOWS\ServicePackFiles\i386\hal.dll
[2002.08.29 03:05:04 | 000,127,872 | ---- | M] (Microsoft Corporation) MD5=E8D2B5D5186A9B93D7019D7A74D77A1E -- D:\WINDOWS\$NtServicePackUninstall$\hal.dll
[2004.08.03 22:59:10 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- D:\WINDOWS\system32\HAL.DLL

< MD5 for: CHANGER.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- D:\WINDOWS\ServicePackFiles\i386\sp2.cab:Changer.sys
[2004.08.03 23:00:14 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- D:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: IASTOR.SYS >
[2003.01.16 00:00:00 | 000,200,960 | ---- | M] (Intel Corporation) MD5=A565427F99247530A0676D6610FC971D -- D:\Program Files\reatogo-313-103-a\plugin\raid\i82801er\iaStor.sys

< MD5 for: ISAPNP.SYS >
[2001.10.25 16:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- D:\WINDOWS\system32\dllcache\isapnp.sys
[2001.10.25 16:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- D:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2002.09.20 20:05:32 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=32F7074BAC9A5F899CCA9C046C9FA6EB -- D:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- D:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- D:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2002.08.29 04:09:26 | 000,167,552 | ---- | M] (Microsoft Corporation) MD5=3B350E5A2A5E951453F3993275A4523A -- D:\WINDOWS\$NtServicePackUninstall$\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- D:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- D:\WINDOWS\system32\dllcache\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- D:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- D:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- D:\WINDOWS\system32\netlogon.dll
[2002.09.20 20:04:34 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=CF03E300B5CEEFFEFBE6F67532BD0EF1 -- D:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- D:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- D:\WINDOWS\system32\scecli.dll
[2002.09.20 20:04:42 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B2666CAB5E8C8A741D63F18D551A47FB -- D:\WINDOWS\$NtServicePackUninstall$\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- D:\WINDOWS\ServicePackFiles\i386\smss.exe
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- D:\WINDOWS\system32\smss.exe
[2002.09.20 20:05:44 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=7763D73255AD4046FA999D42EAF22C26 -- D:\WINDOWS\$NtServicePackUninstall$\smss.exe

< MD5 for: SVCHOST.EXE >
[2001.10.25 16:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=329945887A0C684C38A4845330BC9100 -- D:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2010.05.15 12:07:25 | 000,016,896 | ---- | M] (Flint) MD5=77F5913A8545667D78E51ED4F8DA9A9B -- D:\Documents and Settings\Zdenek.ZDENEK-JG362RMG\Local Settings\temp\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- D:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- D:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2002.08.29 03:58:12 | 000,332,928 | ---- | M] (Microsoft Corporation) MD5=244A2F9816BC9B593957281EF577D976 -- D:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2004.08.14 00:50:43 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=4092C56967175F009DC8458DC434358E -- D:\WINDOWS\$NtUninstallKB893066$\tcpip.sys
[2005.03.14 03:17:17 | 000,359,936 | ---- | M] (Microsoft Corporation) MD5=6129E70F3D2F1E60860C930EBEAF92C2 -- D:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- D:\WINDOWS\$NtUninstallKB884020$\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- D:\WINDOWS\ServicePackFiles\i386\tcpip.sys

< MD5 for: USERINIT.EXE >
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- D:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- D:\WINDOWS\system32\userinit.exe
[2002.09.20 20:05:48 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B26871B5CE92F9D95AE6E62119799EB9 -- D:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: VIASRAID.SYS >
[2003.06.12 18:31:46 | 000,075,904 | ---- | M] (VIA Technologies inc,.ltd) MD5=1493F351E5A4B915FB5BBB735C14004B -- D:\Program Files\reatogo-313-103-a\plugin\raid\via8237\viasraid.sys

< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- D:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- D:\WINDOWS\system32\winlogon.exe
[2002.09.20 20:05:50 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=FF8857D1AF59071F172C0FAD0FD33E87 -- D:\WINDOWS\$NtServicePackUninstall$\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- D:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- D:\WINDOWS\system32\ws2_32.dll
[2001.10.25 16:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=748494B94A871A828C64D1D5C738D2B7 -- D:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2004.04.27 02:30:09 | 000,094,208 | ---- | M] () -- D:\WINDOWS\system32\config\default.sav
[2004.04.27 02:30:09 | 000,630,784 | ---- | M] () -- D:\WINDOWS\system32\config\software.sav
[2004.04.27 02:30:09 | 000,430,080 | ---- | M] () -- D:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010.05.16 12:15:01 | 019,483,648 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\logonuiX.exe
[2010.05.16 12:14:46 | 000,088,723 | ---- | M] () -- D:\WINDOWS\system32\nvapps.xml
[2010.05.16 12:19:40 | 000,082,222 | ---- | M] () -- D:\WINDOWS\system32\perfc005.dat
[2010.05.16 12:19:40 | 000,070,988 | ---- | M] () -- D:\WINDOWS\system32\perfc009.dat
[2010.05.16 12:19:40 | 000,419,884 | ---- | M] () -- D:\WINDOWS\system32\perfh005.dat
[2010.05.16 12:19:40 | 000,421,798 | ---- | M] () -- D:\WINDOWS\system32\perfh009.dat
[2010.05.16 12:19:40 | 001,008,962 | ---- | M] () -- D:\WINDOWS\system32\PerfStringBackup.INI
[2010.05.14 15:13:57 | 000,002,206 | ---- | M] () -- D:\WINDOWS\system32\wpa.dbl
< End of report >