VIRY.CZ

Opet zdravim,

odesel NTB HP a tak jsem HDD s Vistou dal do NTB Asus a udelal potrebne kroky aby system slapal...
sice slape, ale radeji bych od kontrolu
tak tedy prosim... Posilam log


Logfile of random's system information tool 1.08 (written by random/random)
Run by Petr at 2011-04-16 19:29:00
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 310 GB (67%) free of 466 GB
Total RAM: 2012 MB (32% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:29:49, on 16.4.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19048)
Boot mode: Normal

Running processes:
C:\windows\system32\taskeng.exe
C:\windows\system32\Dwm.exe
C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
C:\windows\Explorer.EXE
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\RtHDVCpl.exe
c:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
C:\windows\System32\mobsync.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\windows\system32\igfxsrvc.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Petr\Desktop\RSIT.exe
C:\Program Files\trend micro\Petr.exe
C:\windows\system32\taskmgr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=15187&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: PandoraTV Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [accrdsub] "c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\RunOnce: [BrowserBallot] browserchoice.exe
O4 - HKLM\..\RunOnce: [*WerKernelReporting] %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq
O4 - HKLM\..\RunOnce: [WinSat] winsat dwm -xml results.xml
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: APSHook.dll,avgrsstx.dll
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll
O23 - Service: McAfee Application Installer Cleanup (0010431255078082) (0010431255078082mcinstcleanup) - Unknown owner - C:\Users\Petr\AppData\Local\Temp\001043~1.EXE (file missing)
O23 - Service: ActivClient Middleware Service (accoca) - ActivIdentity - c:\Program Files\ActivIdentity\ActivClient\accoca.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\windows\system32\AEADISRV.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - c:\Program Files\Fingerprint Sensor\AtService.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe
O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\bin\fbserver.exe
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - c:\Windows\system32\flcdlock.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GtFlashSwitch - OptionNV - C:\Program Files\Common Files\GtFlashSwitch\GtFlashSwitch.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - SafeBoot International - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\windows\system32\Hpservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 14164 bytes

======Scheduled tasks folder======

C:\windows\tasks\Norton Security Scan for Petr.job
C:\windows\tasks\User_Feed_Synchronization-{F932F6E6-23C4-4F8F-893E-221294EC1912}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
BHO_Startup Class - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll [2009-01-14 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-11-24 1623392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2010-10-06 2475336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-10 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-09-10 842296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-10-10 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-02-01 1487240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-01 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
ASUS Security Protect Manager - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll [2006-11-21 70928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0BF43445-2F28-4351-9252-17FE6E806AA0}
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2010-10-06 2475336]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-10 256112]
{D4027C7F-154A-4066-A1AD-4243D8127440} - PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-02-01 1487240]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
""= []
"accrdsub"=c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2007-11-28 298536]
"PDF Complete"=C:\Program Files\PDF Complete\pdfsty.exe [2008-08-08 319000]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2011-03-14 2071904]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-11 689488]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2008-02-01 61440]
"RtHDVCpl"=C:\windows\RtHDVCpl.exe [2011-04-16 6111232]
"Skytel"=C:\windows\Skytel.exe [2011-04-16 1826816]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2011-04-16 1208320]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-04-16 857648]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-04-16 150040]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-04-16 170520]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-04-16 145944]
"CognizanceTS"=C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll [2011-04-16 17920]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"BrowserBallot"=C:\windows\system32\browserchoice.exe [2010-02-12 293376]
"*WerKernelReporting"=C:\windows\SYSTEM32\WerFault.exe [2009-04-11 217088]
"WinSat"=winsat dwm -xml results.xml []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"Skype"=C:\Program Files\Skype\\Phone\Skype.exe [2009-10-09 25623336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CognizanceTS]
c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll [2009-01-28 24848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\File Sanitizer]
C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2009-01-14 11223040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]
c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-12-04 75016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2008-12-09 54576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPCam_Menu]
c:\Program Files\Hewlett-Packard\HP Webcam\MUITransfer\MUIStartMenu.exe [2009-02-25 218408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-12-16 186904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2007-12-13 1688872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2010-12-13 421160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-01-10 2393376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PTHOSTTR]
c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2009-02-12 355896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-02-18 177720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]
C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [2009-01-16 3866624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-12-11 1310720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-02-03 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2010-03-01 149280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-10-10 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-04-16 857648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WirelessAssistant]
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-03-10 506936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2009-03-01 789032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan.lnk]
C:\PROGRA~1\MCAFEE~1\10BCA1~1.150\SSSCHE~1.EXE [2009-07-28 199184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="APSHook.dll,avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\DeviceNP]
C:\windows\system32\DeviceNP.dll [2008-08-07 69632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-04-16 208896]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASWLNPkg

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\windows\System32\Notepad.exe %1
.js - open - C:\windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-04-16 19:11:51 ----D---- C:\Program Files\trend micro
2011-04-16 19:11:50 ----D---- C:\rsit
2011-04-16 19:03:54 ----D---- C:\Program Files\ASUS Security Center
2011-04-16 19:01:37 ----RA---- C:\windows\system32\scardsyn.dll
2011-04-16 18:22:11 ----D---- C:\Program Files\Option
2011-04-16 18:22:11 ----D---- C:\Program Files\Common Files\GtFlashSwitch
2011-04-16 18:20:44 ----D---- C:\Program Files\Wireless Console 2
2011-04-16 18:19:31 ----D---- C:\ProgramData\Roaming
2011-04-16 18:18:56 ----D---- C:\Program Files\Cisco
2011-04-16 18:18:55 ----D---- C:\Program Files\Common Files\Intel
2011-04-16 18:18:46 ----D---- C:\ProgramData\Intel
2011-04-16 18:17:45 ----D---- C:\Program Files\DIFX
2011-04-16 18:09:29 ----ASH---- C:\hiberfil.sys
2011-04-16 17:58:32 ----D---- C:\windows\system32\Lang
2011-04-16 17:58:32 ----A---- C:\windows\system32\igxpun.exe
2011-04-16 17:55:34 ----D---- C:\Program Files\MainConcept
2011-04-16 17:39:00 ----A---- C:\windows\system32\snymsico.dll
2011-04-16 17:39:00 ----A---- C:\windows\system32\rixdicon.dll
2011-04-16 17:39:00 ----A---- C:\windows\system32\drivers\rixdptsk.sys
2011-04-16 17:39:00 ----A---- C:\windows\system32\drivers\rimsptsk.sys
2011-04-16 17:39:00 ----A---- C:\windows\system32\drivers\rimmptsk.sys
2011-04-16 17:36:35 ----D---- C:\Program Files\Motorola
2011-04-16 17:30:22 ----A---- C:\windows\system32\drivers\Rtlh86.sys
2011-04-16 17:27:15 ----D---- C:\Intel
2011-04-16 17:09:35 ----D---- C:\windows\system32\RTCOM
2011-04-16 17:08:57 ----A---- C:\windows\DIFxAPI.dll
2011-04-16 17:08:56 ----A---- C:\windows\system32\WavesLib.dll
2011-04-16 17:08:56 ----A---- C:\windows\system32\SRSWOW.dll
2011-04-16 17:08:56 ----A---- C:\windows\system32\SRSTSXT.dll
2011-04-16 17:08:56 ----A---- C:\windows\system32\SRSTSHD.dll
2011-04-16 17:08:56 ----A---- C:\windows\system32\SRSHP360.dll
2011-04-16 17:08:55 ----A---- C:\windows\system32\RtkPgExt.dll
2011-04-16 17:08:55 ----A---- C:\windows\system32\drivers\RTKVHDA.sys
2011-04-16 17:08:55 ----A---- C:\windows\SkyTel.exe
2011-04-16 17:08:55 ----A---- C:\windows\RtlUpd.exe
2011-04-16 17:08:54 ----A---- C:\windows\system32\RtkCoInst.dll
2011-04-16 17:08:54 ----A---- C:\windows\system32\RtkApoApi.dll
2011-04-16 17:08:54 ----A---- C:\windows\system32\RtkAPO.dll
2011-04-16 17:08:54 ----A---- C:\windows\RtHDVCpl.exe
2011-04-16 17:08:53 ----D---- C:\Program Files\Realtek
2011-04-16 17:08:53 ----A---- C:\windows\system32\MaxxAudioEQ.dll
2011-04-16 17:08:53 ----A---- C:\windows\system32\MaxxAudioAPO20.dll
2011-04-16 17:08:53 ----A---- C:\windows\system32\MaxxAudioAPO.dll
2011-04-16 17:08:53 ----A---- C:\windows\system32\FMAPO.dll
2011-04-16 17:08:48 ----A---- C:\windows\RtlExUpd.dll
2011-04-16 17:08:48 ----A---- C:\windows\HideWin.exe
2011-04-16 16:53:57 ----D---- C:\Program Files\ASUS
2011-04-16 16:51:49 ----D---- C:\Program Files\ATK Hotkey
2011-04-16 16:50:36 ----D---- C:\Program Files\ATKGFNEX
2011-04-16 16:42:27 ----D---- C:\windows\pss
2011-04-16 16:40:25 ----D---- C:\Program Files\CCleaner
2011-04-14 20:58:48 ----A---- C:\windows\system32\atmlib.dll
2011-04-14 20:58:48 ----A---- C:\windows\system32\atmfd.dll
2011-04-14 20:58:45 ----A---- C:\windows\system32\mshtml.dll
2011-04-14 20:58:44 ----A---- C:\windows\system32\urlmon.dll
2011-04-14 20:58:44 ----A---- C:\windows\system32\ieframe.dll
2011-04-14 20:58:43 ----A---- C:\windows\system32\wininet.dll
2011-04-14 20:58:43 ----A---- C:\windows\system32\mstime.dll
2011-04-14 20:58:43 ----A---- C:\windows\system32\msfeeds.dll
2011-04-14 20:58:43 ----A---- C:\windows\system32\iertutil.dll
2011-04-14 20:58:42 ----A---- C:\windows\system32\occache.dll
2011-04-14 20:58:42 ----A---- C:\windows\system32\mshtmled.dll
2011-04-14 20:58:42 ----A---- C:\windows\system32\msfeedssync.exe
2011-04-14 20:58:42 ----A---- C:\windows\system32\msfeedsbs.dll
2011-04-14 20:58:42 ----A---- C:\windows\system32\licmgr10.dll
2011-04-14 20:58:42 ----A---- C:\windows\system32\jsproxy.dll
2011-04-14 20:58:42 ----A---- C:\windows\system32\ieUnatt.exe
2011-04-14 20:58:42 ----A---- C:\windows\system32\ieui.dll
2011-04-14 20:58:42 ----A---- C:\windows\system32\iesysprep.dll
2011-04-14 20:58:42 ----A---- C:\windows\system32\iesetup.dll
2011-04-14 20:58:42 ----A---- C:\windows\system32\iernonce.dll
2011-04-14 20:58:42 ----A---- C:\windows\system32\iepeers.dll
2011-04-14 20:58:42 ----A---- C:\windows\system32\iedkcs32.dll
2011-04-14 20:58:42 ----A---- C:\windows\system32\ie4uinit.exe
2011-04-14 20:58:39 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2011-04-14 20:58:38 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2011-04-14 20:58:38 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2011-04-14 20:58:38 ----A---- C:\windows\system32\drivers\bowser.sys
2011-04-14 20:58:35 ----A---- C:\windows\system32\mfc42u.dll
2011-04-14 20:58:35 ----A---- C:\windows\system32\mfc42.dll
2011-04-14 20:58:34 ----A---- C:\windows\system32\drivers\srvnet.sys
2011-04-14 20:58:34 ----A---- C:\windows\system32\drivers\srv2.sys
2011-04-14 20:58:34 ----A---- C:\windows\system32\drivers\srv.sys
2011-04-14 20:58:31 ----A---- C:\windows\system32\dnsrslvr.dll
2011-04-14 20:58:31 ----A---- C:\windows\system32\dnscacheugc.exe
2011-04-14 20:58:31 ----A---- C:\windows\system32\dnsapi.dll
2011-04-14 20:58:30 ----A---- C:\windows\system32\win32k.sys
2011-04-14 20:58:29 ----A---- C:\windows\system32\jscript.dll
2011-04-14 20:58:29 ----A---- C:\windows\system32\inetcomm.dll
2011-04-14 20:58:28 ----A---- C:\windows\system32\vbscript.dll
2011-03-22 21:26:12 ----A---- C:\windows\system32\XpsGdiConverter.dll
2011-03-22 21:26:12 ----A---- C:\windows\system32\FntCache.dll
2011-03-22 21:26:12 ----A---- C:\windows\system32\DWrite.dll
2011-03-17 21:28:39 ----A---- C:\windows\system32\shsvcs.dll

======List of files/folders modified in the last 1 months======

2011-04-16 19:29:09 ----D---- C:\windows\Temp
2011-04-16 19:26:27 ----D---- C:\windows\system32\WDI
2011-04-16 19:16:23 ----D---- C:\windows\System32
2011-04-16 19:16:23 ----D---- C:\windows\inf
2011-04-16 19:16:23 ----A---- C:\windows\system32\PerfStringBackup.INI
2011-04-16 19:11:51 ----RD---- C:\Program Files
2011-04-16 19:09:33 ----D---- C:\Windows
2011-04-16 19:04:42 ----SHD---- C:\windows\Installer
2011-04-16 19:03:47 ----SHD---- C:\System Volume Information
2011-04-16 19:03:23 ----D---- C:\windows\system32\catroot
2011-04-16 19:02:54 ----D---- C:\windows\system32\drivers
2011-04-16 18:44:56 ----D---- C:\windows\system32\drivers\Avg
2011-04-16 18:37:29 ----D---- C:\windows\Minidump
2011-04-16 18:37:29 ----D---- C:\windows\Debug
2011-04-16 18:22:11 ----D---- C:\Program Files\Common Files
2011-04-16 18:20:44 ----HD---- C:\Program Files\InstallShield Installation Information
2011-04-16 18:19:31 ----HD---- C:\ProgramData
2011-04-16 18:18:45 ----D---- C:\Program Files\Intel
2011-04-16 18:17:42 ----DC---- C:\windows\system32\DRVSTORE
2011-04-16 18:17:36 ----D---- C:\windows\system32\Tasks
2011-04-16 18:14:58 ----A---- C:\windows\system32\NETw5r32.dll
2011-04-16 18:14:58 ----A---- C:\windows\system32\NETw5c32.dll
2011-04-16 17:58:52 ----D---- C:\windows\system32\catroot2
2011-04-16 17:57:26 ----A---- C:\windows\system32\HdmiCoin.dll
2011-04-16 17:56:46 ----A---- C:\windows\system32\igfxzoom.exe
2011-04-16 17:56:45 ----A---- C:\windows\system32\igfxtray.exe
2011-04-16 17:56:45 ----A---- C:\windows\system32\igfxsrvc.exe
2011-04-16 17:56:44 ----A---- C:\windows\system32\igfxpers.exe
2011-04-16 17:56:43 ----A---- C:\windows\system32\igfxext.exe
2011-04-16 17:56:43 ----A---- C:\windows\system32\igfxcfg.exe
2011-04-16 17:56:42 ----A---- C:\windows\system32\hkcmd.exe
2011-04-16 17:56:41 ----A---- C:\windows\system32\oemdspif.dll
2011-04-16 17:56:39 ----A---- C:\windows\system32\igfxCoIn_v1508.dll
2011-04-16 17:56:36 ----A---- C:\windows\system32\igfxTMM.dll
2011-04-16 17:56:35 ----A---- C:\windows\system32\igfxsrvc.dll
2011-04-16 17:56:23 ----A---- C:\windows\system32\igfxress.dll
2011-04-16 17:56:16 ----A---- C:\windows\system32\igfxpph.dll
2011-04-16 17:56:15 ----A---- C:\windows\system32\igfxexps.dll
2011-04-16 17:56:15 ----A---- C:\windows\system32\igfxdo.dll
2011-04-16 17:56:14 ----A---- C:\windows\system32\igfxdev.dll
2011-04-16 17:56:12 ----A---- C:\windows\system32\igdumdx32.dll
2011-04-16 17:56:11 ----A---- C:\windows\system32\igdumd32.dll
2011-04-16 17:56:09 ----A---- C:\windows\system32\igd10umd32.dll
2011-04-16 17:56:07 ----A---- C:\windows\system32\ig4icd32.dll
2011-04-16 17:56:06 ----A---- C:\windows\system32\ig4dev32.dll
2011-04-16 17:56:06 ----A---- C:\windows\system32\hccutils.dll
2011-04-16 17:56:04 ----A---- C:\windows\system32\difxapi.dll
2011-04-16 17:48:28 ----D---- C:\windows\Microsoft.NET
2011-04-16 17:48:27 ----RSD---- C:\windows\assembly
2011-04-16 17:41:14 ----A---- C:\windows\system32\WdfCoInstaller01000.dll
2011-04-16 17:41:06 ----A---- C:\windows\system32\SynTPCo4.dll
2011-04-16 17:41:06 ----A---- C:\windows\system32\SynTPAPI.dll
2011-04-16 17:41:00 ----A---- C:\windows\system32\SynCtrl.dll
2011-04-16 17:40:57 ----A---- C:\windows\system32\SynCOM.dll
2011-04-16 17:34:50 ----A---- C:\windows\system32\sm56co81.dll
2011-04-16 17:31:31 ----N---- C:\windows\system32\agrsmdel.exe
2011-04-16 17:31:30 ----N---- C:\windows\system32\agrscoin.dll
2011-04-16 16:32:14 ----D---- C:\windows\Prefetch
2011-04-15 21:52:13 ----D---- C:\windows\winsxs
2011-04-15 21:37:45 ----D---- C:\windows\system32\migration
2011-04-15 21:37:45 ----D---- C:\Program Files\Internet Explorer
2011-04-15 21:37:44 ----D---- C:\Program Files\Windows Mail
2011-04-15 20:37:19 ----D---- C:\ProgramData\Microsoft Help
2011-04-15 20:29:30 ----A---- C:\windows\system32\mrt.exe
2011-04-10 13:46:22 ----D---- C:\ProgramData\PDFC
2011-04-09 15:49:26 ----D---- C:\Program Files\Common Files\Symantec Shared
2011-04-08 15:44:07 ----D---- C:\ProgramData\CanonIJPLM
2011-03-30 17:59:04 ----HD---- C:\$AVG
2011-03-30 17:57:50 ----D---- C:\ProgramData\CanonIJ
2011-03-26 13:05:10 ----D---- C:\Program Files\Ask.com
2011-03-25 21:33:58 ----D---- C:\Ilona
2011-03-24 17:16:52 ----D---- C:\windows\rescache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSErHrvtx;AVG9IDSErHr; C:\windows\System32\Drivers\AVGIDSvx.sys [2010-06-22 25168]
R0 AvgRkx86;avgrkx86.sys; C:\windows\System32\Drivers\avgrkx86.sys [2010-03-15 52872]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2008-08-27 25392]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\drivers\iastor.sys [2008-12-04 328728]
R0 MegaSR;MegaSR; C:\windows\system32\drivers\megasr.sys [2008-01-21 386616]
R0 PxHelp20;PxHelp20; C:\windows\System32\Drivers\PxHelp20.sys [2008-04-08 44944]
R0 SafeBoot;SafeBoot; C:\windows\system32\drivers\SafeBoot.sys [2008-10-02 109216]
R0 SbAlg;SbAlg; C:\windows\system32\drivers\SbAlg.sys [2008-10-02 51408]
R0 SbFsLock;SbFsLock; C:\windows\system32\drivers\SbFsLock.sys [2008-10-02 12960]
R1 Avgfwfd;AVG network filter service; C:\windows\system32\DRIVERS\avgfwd6x.sys [2009-10-22 24856]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\windows\System32\Drivers\avgldx86.sys [2010-06-22 216400]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\windows\System32\Drivers\avgmfx86.sys [2010-06-01 29584]
R1 AvgTdiX;AVG Network Redirector; C:\windows\System32\Drivers\avgtdix.sys [2010-06-22 243024]
R1 RsvLock;RsvLock; C:\windows\system32\drivers\RsvLock.sys [2008-10-02 12528]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\windows\system32\Drivers\CVPNDRVA.sys [2008-08-29 306299]
R2 regi;regi; C:\windows\system32\drivers\regi.sys [2007-04-17 11032]
R2 rimmptsk;rimmptsk; C:\windows\system32\DRIVERS\rimmptsk.sys [2007-08-08 45568]
R2 rimsptsk;rimsptsk; C:\windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\windows\system32\DRIVERS\ATSwpDrv.sys [2007-06-16 146824]
R3 AVGIDSDrivervtx;AVG9IDSDriver; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSDriver.sys [2010-06-22 122448]
R3 AVGIDSFiltervtx;AVG9IDSFilter; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSFilter.sys [2010-06-22 30288]
R3 AVGIDSShimvtx;AVG9IDSShim; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSShim.sys [2010-06-22 27216]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2009-03-11 84008]
R3 btwavdt;Bluetooth AVDT; C:\windows\system32\drivers\btwavdt.sys [2009-03-11 109608]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-03-11 29736]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2009-03-11 18344]
R3 DNE;Deterministic Network Enhancer Miniport; C:\windows\system32\DRIVERS\dne2000.sys [2008-03-29 125328]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-19 16768]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2011-04-16 2381312]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2011-04-16 2098904]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\windows\system32\drivers\IntcHdmi.sys [2011-04-16 113664]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\windows\system32\drivers\MODEMCSA.sys [2008-01-21 18432]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\windows\system32\DRIVERS\ATKACPI.sys [2011-04-16 7680]
R3 NETw5v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit; C:\windows\system32\DRIVERS\NETw5v32.sys [2011-04-16 3658752]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
R3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 smserial;smserial; C:\windows\system32\DRIVERS\smserial.sys [2011-04-16 1090304]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2011-04-16 182456]
R3 TPM;Čip TPM; C:\windows\system32\drivers\tpm.sys [2008-01-21 45624]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 WUDFRd;WUDFRd; C:\windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 Accelerometer;HP Accelerometer; C:\windows\system32\DRIVERS\Accelerometer.sys [2008-08-27 34608]
S3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\ADIHdAud.sys [2009-01-16 381440]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2008-10-29 1204128]
S3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\windows\system32\drivers\AtiHdmi.sys [2009-02-19 95760]
S3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2009-02-03 4303360]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
S3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\windows\system32\DRIVERS\bcmwl6.sys [2009-10-09 1665016]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 CVirtA;Cisco Systems VPN Adapter; C:\windows\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv.sys [2008-08-06 32256]
S3 dot4;Ovladač MS IEEE-1284.4; C:\windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;Filtr Dot4USB Dot4USB Filter; C:\windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 RTL8169;Realtek 8169 NT Driver; C:\windows\system32\DRIVERS\Rtlh86.sys [2011-04-16 122368]
S3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2009-03-26 1765168]
S3 USBAAPL;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl.sys [2010-04-16 41472]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 WpdUsb;WpdUsb; C:\windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 accoca;ActivClient Middleware Service; c:\Program Files\ActivIdentity\ActivClient\accoca.exe [2007-11-28 185896]
R2 AEADIFilters;Andrea ADI Filters Service; C:\windows\system32\AEADISRV.EXE [2008-07-15 90112]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-10-16 37664]
R2 ASBroker;Logon Session Broker; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 ASChannel;Local Communication Channel; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-10-02 94208]
R2 Ati External Event Utility;Ati External Event Utility; C:\windows\system32\Ati2evxx.exe [2009-02-03 729088]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 ATService;AuthenTec Fingerprint Service; c:\Program Files\Fingerprint Sensor\AtService.exe [2008-10-03 1185016]
R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-06-22 308136]
R2 avgfws9;AVG Firewall; C:\Program Files\AVG\AVG9\avgfws9.exe [2010-11-24 2331544]
R2 AVGIDSAgent;AVG9IDSAgent; C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-06-22 5897808]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-10-07 345376]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\windows\system32\svchost.exe [2008-01-21 21504]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-03-01 567848]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2008-08-29 1528608]
R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-04-30 815104]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files\Firebird\bin\fbguard.exe [2007-12-12 65536]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\windows\system32\svchost.exe [2008-01-21 21504]
R2 GtFlashSwitch;GtFlashSwitch; C:\Program Files\Common Files\GtFlashSwitch\GtFlashSwitch.exe [2007-02-09 176128]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-12-04 94208]
R2 HpFkCryptService;Drive Encryption Service; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2008-10-02 256544]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2009-01-14 77824]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2008-08-27 24880]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-12-16 354840]
R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-01-10 79136]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2009-07-13 71096]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2008-08-08 777240]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-04-30 466944]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files\Firebird\bin\fbserver.exe [2007-12-12 1531989]
S2 0010431255078082mcinstcleanup;McAfee Application Installer Cleanup (0010431255078082); C:\Users\Petr\AppData\Local\Temp\001043~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service []
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-10-06 517448]
S3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-12-05 222512]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\system32\flcdlock.exe [2008-08-07 349432]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-09 654848]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-10-10 182768]
S3 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2009-02-12 45056]
S3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-10-23 223232]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-12-13 820008]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-12-13 447784]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB10;RoxMediaDB10; c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2008-04-08 1112560]
S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2008-03-24 74384]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WPFFontCache_v0400;@c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

Zdravim a pekny den preji

Pokud neni AVG zakoupene, tak bych doporucil zmenu - Avast, Avira ci MSE - AVG hodne zatezuje system a ma slabsi detekci

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  netsvcs
  drivers32
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  c:\windows\*.* /U
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  /md5start
  adp3132.sys
  AGP440.sys
  ahcix86.sys
  ahcix86s.sys
  atapi.sys
  autochk.exe
  cdrom.sys
  cngaudit.dll
  cryptsvc.dll
  eNetHook.dll
  eventlog.dll
  explorer.exe
  hal.dll
  Changer.sys
  iaStor.sys
  iastorv.sys
  IdeChnDr.sys
  isapnp.sys
  JakNDis.sys
  KR10N.sys
  logevent.dll
  lsass.exe
  mv61xx.sys
  ndis.sys
  netlogon.dll
  ntelogon.dll
  nvata.sys
  nvatabus.sys
  nvgts.sys
  nvraid.sys
  nvrd32.sys
  nvstor.sys
  nvstor32.sys
  scecli.dll
  sceclt.dll
  smss.exe
  svchost.exe
  symmpi.sys
  tcpip.sys
  userinit.exe
  vaxscsi.sys
  viamraid.sys
  viasraid.sys
  ViPrt.sys
  winlogon.exe
  ws2_32.dll
  /md5stop
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job /lockedfiles
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  CREATERESTOREPOINT

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

OTL logfile created on: 16.4.2011 23:51:05 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Petr\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 38,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 66,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 454,76 Gb Total Space | 302,16 Gb Free Space | 66,44% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 1,77 Gb Free Space | 17,74% Space Free | Partition Type: NTFS
Drive E: | 426,80 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 1019,00 Mb Total Space | 1016,33 Mb Free Space | 99,74% Space Free | Partition Type: FAT32

Computer Name: NB-PETR | User Name: Petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.04.16 23:47:42 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Petr\Desktop\OTL.exe
PRC - [2011.04.16 21:14:48 | 003,246,040 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2011.04.16 17:07:52 | 006,111,232 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2011.03.14 21:29:30 | 002,071,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2011.03.03 16:39:05 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.12.17 10:22:46 | 000,391,144 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2010.12.17 10:22:40 | 000,804,952 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2010.12.17 10:21:10 | 005,566,176 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2010.11.24 16:36:05 | 002,331,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgfws9.exe
PRC - [2010.11.24 16:36:05 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010.11.16 04:06:22 | 002,536,752 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
PRC - [2010.09.20 20:20:39 | 000,621,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010.06.22 18:09:53 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010.06.22 18:09:51 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010.06.22 18:09:47 | 000,596,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2010.06.22 18:09:46 | 005,897,808 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010.06.22 18:09:45 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010.06.22 18:09:41 | 000,842,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgam.exe
PRC - [2009.07.13 23:18:12 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.03.01 23:21:32 | 000,567,848 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2009.01.14 23:01:48 | 000,077,824 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
PRC - [2008.12.16 18:37:46 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008.10.02 00:01:14 | 000,256,544 | ---- | M] (SafeBoot International) -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
PRC - [2008.08.29 14:58:16 | 001,528,608 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2008.08.08 16:47:02 | 000,777,240 | ---- | M] (PDF Complete Inc) -- C:\Program Files\PDF Complete\pdfsvc.exe
PRC - [2008.07.15 14:09:52 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE
PRC - [2008.04.30 19:41:12 | 000,815,104 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2008.04.30 19:10:10 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008.02.01 14:29:32 | 000,061,440 | ---- | M] () -- C:\Program Files\ASUS\ATK Media\DMedia.exe
PRC - [2008.01.22 19:35:52 | 000,103,808 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2007.12.12 01:05:04 | 001,531,989 | ---- | M] (The Firebird Project) -- C:\Program Files\Firebird\bin\fbserver.exe
PRC - [2007.12.12 01:05:04 | 000,065,536 | ---- | M] (The Firebird Project) -- C:\Program Files\Firebird\bin\fbguard.exe
PRC - [2007.12.11 16:13:22 | 000,151,552 | ---- | M] () -- C:\Program Files\ATK Hotkey\WDC.exe
PRC - [2007.12.04 10:57:06 | 002,486,272 | ---- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe
PRC - [2007.11.28 17:39:36 | 000,229,376 | ---- | M] (ATK0100) -- C:\Program Files\ATK Hotkey\HControl.exe
PRC - [2007.11.28 02:42:14 | 000,185,896 | ---- | M] (ActivIdentity) -- c:\Program Files\ActivIdentity\ActivClient\accoca.exe
PRC - [2007.11.28 02:42:12 | 000,093,736 | ---- | M] (ActivIdentity) -- c:\Program Files\ActivIdentity\ActivClient\acevents.exe
PRC - [2007.11.28 02:40:42 | 000,298,536 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
PRC - [2007.11.04 19:48:06 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\MsgTranAgt.exe
PRC - [2007.10.02 21:53:00 | 000,094,208 | ---- | M] () -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe
PRC - [2007.08.08 00:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007.07.05 16:53:44 | 001,040,384 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe
PRC - [2007.02.09 14:48:26 | 000,176,128 | ---- | M] (OptionNV) -- C:\Program Files\Common Files\GtFlashSwitch\GtFlashSwitch.exe
PRC - [2007.01.04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe


========== Modules (SafeList) ==========

MOD - [2011.04.16 23:47:42 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Petr\Desktop\OTL.exe
MOD - [2010.08.31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2010.06.22 18:09:53 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
MOD - [2009.01.28 06:15:04 | 000,076,560 | ---- | M] (Bioscrypt Inc.) -- C:\Windows\System32\APSHook.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (0010431255078082mcinstcleanup) McAfee Application Installer Cleanup (0010431255078082)
SRV - [2011.04.16 21:14:48 | 003,246,040 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2011.04.16 18:56:41 | 000,074,240 | R--- | M] (Cognizance Corporation) [Auto | Running] -- C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll -- (ASBroker)
SRV - [2011.04.16 18:56:33 | 000,131,584 | R--- | M] (Cognizance Corporation) [Auto | Running] -- C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASChnl.dll -- (ASChannel)
SRV - [2010.12.17 10:22:40 | 000,804,952 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2010.11.24 16:36:05 | 002,331,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgfws9.exe -- (avgfws9)
SRV - [2010.10.06 11:31:48 | 000,517,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010.06.22 18:09:51 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010.06.22 18:09:46 | 005,897,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2009.10.09 12:16:43 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.07.13 23:18:12 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2009.03.01 23:21:32 | 000,567,848 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009.02.12 08:01:06 | 000,045,056 | ---- | M] (Hewlett-Packard Development Company, L.P) [On_Demand | Stopped] -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2009.01.14 23:01:48 | 000,077,824 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)
SRV - [2008.12.16 18:37:46 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008.10.03 22:33:12 | 001,185,016 | ---- | M] (AuthenTec, Inc.) [Disabled | Stopped] -- c:\Program Files\Fingerprint Sensor\AtService.exe -- (ATService)
SRV - [2008.10.02 00:01:14 | 000,256,544 | ---- | M] (SafeBoot International) [Auto | Running] -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService)
SRV - [2008.08.29 14:58:16 | 001,528,608 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2008.08.08 16:47:02 | 000,777,240 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2008.08.07 00:24:40 | 000,349,432 | ---- | M] (Hewlett-Packard Ltd) [On_Demand | Stopped] -- C:\Windows\System32\flcdlock.exe -- (FLCDLOCK)
SRV - [2008.07.15 14:09:52 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
SRV - [2008.04.30 19:41:12 | 000,815,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008.04.30 19:10:10 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008.04.08 13:12:50 | 001,112,560 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2008.01.22 19:35:52 | 000,103,808 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2008.01.21 04:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.12.12 01:05:04 | 001,531,989 | ---- | M] (The Firebird Project) [On_Demand | Running] -- C:\Program Files\Firebird\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
SRV - [2007.12.12 01:05:04 | 000,065,536 | ---- | M] (The Firebird Project) [Auto | Running] -- C:\Program Files\Firebird\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2007.11.28 02:42:14 | 000,185,896 | ---- | M] (ActivIdentity) [Auto | Running] -- c:\Program Files\ActivIdentity\ActivClient\accoca.exe -- (accoca)
SRV - [2007.10.02 21:53:00 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2007.08.08 00:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007.02.09 14:48:26 | 000,176,128 | ---- | M] (OptionNV) [Auto | Running] -- C:\Program Files\Common Files\GtFlashSwitch\GtFlashSwitch.exe -- (GtFlashSwitch)
SRV - [2007.01.04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


========== Driver Services (SafeList) ==========

DRV - [2011.04.16 21:14:49 | 000,167,968 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\afcdp.sys -- (afcdp)
DRV - [2011.04.16 21:14:43 | 000,752,128 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\tdrpm273.sys -- (tdrpman273) Acronis Try&Decide and Restore Points filter (build 273)
DRV - [2011.04.16 21:14:39 | 000,600,928 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2011.04.16 21:14:28 | 000,170,528 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2011.04.16 18:15:01 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Ovladač adaptéru Intel(R)
DRV - [2011.04.16 17:57:28 | 000,113,664 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV - [2011.04.16 17:35:04 | 001,090,304 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2011.04.16 17:29:39 | 000,122,368 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2011.04.16 16:52:18 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2010.06.22 18:09:54 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\windows\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010.06.22 18:09:48 | 000,122,448 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSDriver.sys -- (AVGIDSDrivervtx)
DRV - [2010.06.22 18:09:48 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSFilter.sys -- (AVGIDSFiltervtx)
DRV - [2010.06.22 18:09:48 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSShim.sys -- (AVGIDSShimvtx)
DRV - [2010.06.22 18:09:48 | 000,025,168 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\windows\System32\Drivers\AVGIDSvx.sys -- (AVGIDSErHrvtx)
DRV - [2010.06.22 18:09:43 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\windows\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010.06.01 19:59:32 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010.03.15 19:43:26 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\windows\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2009.10.22 15:15:15 | 000,024,856 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgfwd6x.sys -- (Avgfwfd)
DRV - [2009.02.19 13:17:00 | 000,095,760 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009.02.03 15:29:00 | 004,303,360 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.10.29 17:43:44 | 001,204,128 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008.10.02 00:02:04 | 000,051,408 | ---- | M] (SafeBoot N.V.) [Kernel | Boot | Running] -- C:\windows\System32\drivers\SbAlg.sys -- (SbAlg)
DRV - [2008.10.02 00:02:02 | 000,012,960 | ---- | M] (SafeBoot International) [File_System | Boot | Running] -- C:\windows\System32\drivers\SbFsLock.sys -- (SbFsLock)
DRV - [2008.10.02 00:02:00 | 000,012,528 | ---- | M] (SafeBoot International) [Kernel | System | Running] -- C:\windows\System32\drivers\rsvlock.sys -- (RsvLock)
DRV - [2008.10.02 00:01:58 | 000,109,216 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\drivers\SafeBoot.sys -- (SafeBoot)
DRV - [2008.08.29 14:57:18 | 000,306,299 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2008.08.27 18:52:02 | 000,034,608 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2008.08.27 18:52:02 | 000,025,392 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV - [2008.08.06 23:43:30 | 000,032,256 | ---- | M] (Hewlett-Packard Development Company L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DAMDrv.sys -- (DAMDrv)
DRV - [2008.03.29 18:36:28 | 000,125,328 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dne2000.sys -- (DNE)
DRV - [2008.01.21 04:32:52 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2008.01.21 04:32:51 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2007.08.08 20:42:08 | 000,045,568 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007.07.30 11:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007.07.30 10:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007.07.24 11:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2007.06.19 01:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007.06.16 21:29:08 | 000,146,824 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2007.04.17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2007.01.18 19:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CVirtA.sys -- (CVirtA)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb


IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-893100059-2973154077-1563591687-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
IE - HKU\S-1-5-21-893100059-2973154077-1563591687-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=15187&l=dis
IE - HKU\S-1-5-21-893100059-2973154077-1563591687-1004\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-893100059-2973154077-1563591687-1004\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-893100059-2973154077-1563591687-1004\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-893100059-2973154077-1563591687-1004\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-21-893100059-2973154077-1563591687-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-893100059-2973154077-1563591687-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz"
FF - prefs.js..extensions.enabledItems: avg@igeared:6.103.018.001
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?clien ... n_dtid=&q="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2011.03.22 21:33:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.03 16:39:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.03 16:39:08 | 000,000,000 | ---D | M]

[2009.11.17 23:41:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Extensions
[2011.04.16 19:40:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\s2u66u4n.default\extensions
[2010.07.17 17:46:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\s2u66u4n.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.03.26 13:05:10 | 000,000,000 | ---D | M] (PandoraTV Toolbar) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\s2u66u4n.default\extensions\toolbar@ask.com
[2011.04.16 23:46:19 | 000,002,557 | ---- | M] () -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\s2u66u4n.default\searchplugins\askcom.xml
[2010.03.01 18:45:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.03.22 21:33:24 | 000,000,000 | ---D | M] ("urn:mozilla:install-manifest" em:id="avg@igeared" em:name="AVG Security Toolbar" em:version="6.103.018.001" em:displayname="AVG Security Toolbar" em:iconURL="chrome://tavgp/skin/logo.ico" em:creator="AVG Technologies" em:description="AVG Security Toolbar" em:homepageURL="http://www.avg.com" >) -- C:\PROGRAM FILES\AVG\AVG9\TOOLBAR\FIREFOX\AVG@IGEARED
[2010.10.31 15:49:36 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.10.31 15:49:36 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.10.31 15:49:37 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.10.31 15:49:37 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.10.31 15:49:37 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (BHO_Startup Class) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (ASUS Security Protect Manager) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-893100059-2973154077-1563591687-1004\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKU\S-1-5-21-893100059-2973154077-1563591687-1004\..\Toolbar\WebBrowser: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [accrdsub] c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe ()
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [CognizanceTS] C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASTSVCC.dll (Cognizance Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [RtHDVCpl] C:\windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SAOB Monitor] C:\Program Files\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [Služba Acronis Scheduler2] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [*WerKernelReporting] C:\windows\System32\WerFault.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [BrowserBallot] C:\windows\System32\browserchoice.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [WinSat] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (APSHook.dll) - C:\windows\System32\APSHook.dll (Bioscrypt Inc.)
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\DeviceNP: DllName - DeviceNP.dll - C:\windows\System32\DeviceNP.dll (Hewlett-Packard Limited)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\First.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\First.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.01.09 20:39:58 | 000,000,043 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{7fe71c43-b4ce-11de-ae3d-00247eab1750}\Shell\AutoRun\command - "" = G:\TrueCrypt\TrueCrypt.exe /q background /e /m rm /v "DPP\DPP.TC"
O33 - MountPoints2\{7fe71c43-b4ce-11de-ae3d-00247eab1750}\Shell\dismount\command - "" = G:\TrueCrypt\TrueCrypt.exe /q /d
O33 - MountPoints2\{7fe71c43-b4ce-11de-ae3d-00247eab1750}\Shell\start\command - "" = G:\TrueCrypt\TrueCrypt.exe
O33 - MountPoints2\{a06e1633-6834-11e0-80a2-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a06e1633-6834-11e0-80a2-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Start.exe -- [2009.01.09 20:39:58 | 002,057,329 | R--- | M] (Špidla Data Processing, s.r.o.)
O33 - MountPoints2\{e44eb5eb-cf8c-11de-980f-00247eab1750}\Shell\AutoRun\command - "" = G:\Menu.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Start.exe -- [2009.01.09 20:39:58 | 002,057,329 | R--- | M] (Špidla Data Processing, s.r.o.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.)
Drivers32: wave7 - C:\windows\System32\serwvdrv.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 7 Days ==========

[2011.04.16 23:47:31 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Petr\Desktop\OTL.exe
[2011.04.16 22:23:50 | 002,071,392 | ---- | C] (Acronis) -- C:\windows\System32\AutoPartNt.exe
[2011.04.16 21:14:49 | 000,167,968 | ---- | C] (Acronis) -- C:\windows\System32\drivers\afcdp.sys
[2011.04.16 21:14:43 | 000,752,128 | ---- | C] (Acronis) -- C:\windows\System32\drivers\tdrpm273.sys
[2011.04.16 21:14:39 | 000,600,928 | ---- | C] (Acronis) -- C:\windows\System32\drivers\timntr.sys
[2011.04.16 21:14:28 | 000,170,528 | ---- | C] (Acronis) -- C:\windows\System32\drivers\snapman.sys
[2011.04.16 21:14:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
[2011.04.16 21:13:18 | 000,000,000 | ---D | C] -- C:\Program Files\Acronis
[2011.04.16 21:13:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Acronis
[2011.04.16 21:06:19 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Roaming\Acronis
[2011.04.16 21:06:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Acronis
[2011.04.16 19:11:51 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.04.16 19:11:50 | 000,000,000 | ---D | C] -- C:\rsit
[2011.04.16 19:04:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Security Center
[2011.04.16 19:03:54 | 000,000,000 | ---D | C] -- C:\Program Files\ASUS Security Center
[2011.04.16 18:56:07 | 000,000,000 | ---D | C] -- C:\Users\Petr\Desktop\FingerPrints_VT_080319
[2011.04.16 18:22:11 | 000,000,000 | ---D | C] -- C:\Program Files\Option
[2011.04.16 18:22:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\GtFlashSwitch
[2011.04.16 18:22:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GlobeTrotter Connect
[2011.04.16 18:20:44 | 000,000,000 | ---D | C] -- C:\Program Files\Wireless Console 2
[2011.04.16 18:19:31 | 000,000,000 | ---D | C] -- C:\Users\Petr\Roaming
[2011.04.16 18:19:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Roaming
[2011.04.16 18:19:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
[2011.04.16 18:18:56 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco
[2011.04.16 18:18:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2011.04.16 18:18:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2011.04.16 18:17:45 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2011.04.16 17:58:32 | 000,920,088 | ---- | C] (Intel® Corporation) -- C:\windows\System32\igxpun.exe
[2011.04.16 17:58:32 | 000,000,000 | ---D | C] -- C:\windows\System32\Lang
[2011.04.16 17:55:37 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MainConcept
[2011.04.16 17:55:34 | 000,000,000 | ---D | C] -- C:\Program Files\MainConcept
[2011.04.16 17:39:00 | 000,172,032 | ---- | C] (Ricoh Company,Ltd) -- C:\windows\System32\rixdicon.dll
[2011.04.16 17:39:00 | 000,090,112 | ---- | C] (Sony Corporation) -- C:\windows\System32\snymsico.dll
[2011.04.16 17:39:00 | 000,045,568 | ---- | C] (REDC) -- C:\windows\System32\drivers\rimmptsk.sys
[2011.04.16 17:39:00 | 000,043,008 | ---- | C] (REDC) -- C:\windows\System32\drivers\rimsptsk.sys
[2011.04.16 17:39:00 | 000,038,400 | ---- | C] (REDC) -- C:\windows\System32\drivers\rixdptsk.sys
[2011.04.16 17:36:35 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola
[2011.04.16 17:30:22 | 000,122,368 | ---- | C] (Realtek Corporation ) -- C:\windows\System32\drivers\Rtlh86.sys
[2011.04.16 17:27:15 | 000,000,000 | ---D | C] -- C:\Intel
[2011.04.16 17:22:35 | 000,000,000 | ---D | C] -- C:\Users\Petr\Desktop\CMOS_Camera_D-Max_GD-8A31_VT_080626
[2011.04.16 17:09:35 | 000,000,000 | ---D | C] -- C:\windows\System32\RTCOM
[2011.04.16 17:08:57 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\windows\DIFxAPI.dll
[2011.04.16 17:08:56 | 001,773,568 | ---- | C] (Waves Audio Ltd.) -- C:\windows\System32\WavesLib.dll
[2011.04.16 17:08:56 | 000,339,968 | ---- | C] (SRS Labs, Inc.) -- C:\windows\System32\SRSTSXT.dll
[2011.04.16 17:08:56 | 000,185,776 | ---- | C] (SRS Labs, Inc.) -- C:\windows\System32\SRSTSHD.dll
[2011.04.16 17:08:56 | 000,167,936 | ---- | C] (SRS Labs, Inc.) -- C:\windows\System32\SRSHP360.dll
[2011.04.16 17:08:56 | 000,135,168 | ---- | C] (SRS Labs, Inc.) -- C:\windows\System32\SRSWOW.dll
[2011.04.16 17:08:55 | 001,196,032 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\RtlUpd.exe
[2011.04.16 17:08:55 | 000,694,272 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\System32\RtkPgExt.dll
[2011.04.16 17:08:55 | 000,532,480 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\System32\RTSndMgr.cpl
[2011.04.16 17:08:54 | 006,111,232 | ---- | C] (Realtek Semiconductor) -- C:\windows\RtHDVCpl.exe
[2011.04.16 17:08:54 | 002,172,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\System32\RtkAPO.dll
[2011.04.16 17:08:54 | 000,285,216 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\System32\RtkApoApi.dll
[2011.04.16 17:08:54 | 000,031,232 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\System32\RtkCoInst.dll
[2011.04.16 17:08:53 | 001,929,216 | ---- | C] (Waves Audio Ltd.) -- C:\windows\System32\MaxxAudioEQ.dll
[2011.04.16 17:08:53 | 000,155,648 | ---- | C] (Waves Audio Ltd.) -- C:\windows\System32\MaxxAudioAPO20.dll
[2011.04.16 17:08:53 | 000,140,288 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\windows\System32\FMAPO.dll
[2011.04.16 17:08:53 | 000,126,976 | ---- | C] (Waves Audio Ltd.) -- C:\windows\System32\MaxxAudioAPO.dll
[2011.04.16 17:08:53 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2011.04.16 17:08:48 | 000,520,192 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\RtlExUpd.dll
[2011.04.16 17:08:48 | 000,315,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\HideWin.exe
[2011.04.16 16:53:57 | 000,000,000 | ---D | C] -- C:\Program Files\ASUS
[2011.04.16 16:51:49 | 000,000,000 | ---D | C] -- C:\Program Files\ATK Hotkey
[2011.04.16 16:50:36 | 000,000,000 | ---D | C] -- C:\Program Files\ATKGFNEX
[2011.04.16 16:48:42 | 000,000,000 | ---D | C] -- C:\Users\Petr\Desktop\Klient zona
[2011.04.16 16:42:27 | 000,000,000 | ---D | C] -- C:\windows\pss
[2011.04.16 16:40:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.04.16 16:40:25 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.04.14 20:58:48 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\atmfd.dll
[2011.04.14 20:58:48 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\System32\atmlib.dll
[2011.04.14 20:58:43 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl
[2011.04.14 20:58:43 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mstime.dll
[2011.04.14 20:58:43 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2011.04.14 20:58:43 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\html.iec
[2011.04.14 20:58:42 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2011.04.14 20:58:42 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll
[2011.04.14 20:58:42 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll
[2011.04.14 20:58:42 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe
[2011.04.14 20:58:42 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2011.04.14 20:58:42 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe
[2011.04.14 20:58:42 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll
[2011.04.14 20:58:42 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll
[2011.04.14 20:58:42 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll
[2011.04.14 20:58:42 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll
[2011.04.14 20:58:42 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll
[2011.04.14 20:58:42 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2011.04.14 20:58:42 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe
[2011.04.14 20:58:35 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfc42u.dll
[2011.04.14 20:58:35 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfc42.dll
[2011.04.14 20:58:31 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dnscacheugc.exe
[2011.04.14 20:58:30 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys
[2011.04.14 20:58:29 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript.dll
[2011.04.14 20:58:28 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\vbscript.dll
[1 C:\Users\Petr\*.tmp files -> C:\Users\Petr\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011.04.16 23:53:40 | 000,003,616 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.16 23:53:40 | 000,003,616 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.16 23:50:21 | 000,647,880 | ---- | M] () -- C:\windows\System32\perfh005.dat
[2011.04.16 23:50:21 | 000,635,864 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011.04.16 23:50:21 | 000,139,082 | ---- | M] () -- C:\windows\System32\perfc005.dat
[2011.04.16 23:50:21 | 000,119,368 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2011.04.16 23:49:30 | 074,726,520 | ---- | M] () -- C:\windows\System32\drivers\Avg\incavi.avm
[2011.04.16 23:47:42 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Petr\Desktop\OTL.exe
[2011.04.16 23:44:43 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011.04.16 23:44:40 | 2110,902,272 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.16 23:41:08 | 000,000,012 | ---- | M] () -- C:\windows\bthservsdp.dat
[2011.04.16 23:39:33 | 000,002,032 | ---- | M] () -- C:\Users\Petr\AppData\Local\d3d9caps.dat
[2011.04.16 22:26:07 | 000,001,024 | ---- | M] () -- C:\windows\System32\AutoPartNt.let
[2011.04.16 22:23:50 | 002,071,392 | ---- | M] (Acronis) -- C:\windows\System32\AutoPartNt.exe
[2011.04.16 21:14:49 | 000,167,968 | ---- | M] (Acronis) -- C:\windows\System32\drivers\afcdp.sys
[2011.04.16 21:14:43 | 000,752,128 | ---- | M] (Acronis) -- C:\windows\System32\drivers\tdrpm273.sys
[2011.04.16 21:14:39 | 000,600,928 | ---- | M] (Acronis) -- C:\windows\System32\drivers\timntr.sys
[2011.04.16 21:14:28 | 000,170,528 | ---- | M] (Acronis) -- C:\windows\System32\drivers\snapman.sys
[2011.04.16 21:14:21 | 000,001,004 | ---- | M] () -- C:\Users\Public\Desktop\Acronis True Image Home 2011.lnk
[2011.04.16 21:14:20 | 000,001,364 | ---- | M] () -- C:\Users\Public\Desktop\Acronis Online Backup.lnk
[2011.04.16 19:42:22 | 000,000,078 | ---- | M] () -- C:\Users\Petr\Desktop\VIRY.CZ • Zobrazit téma - Pro Vyosek.URL
[2011.04.16 19:01:37 | 000,110,592 | R--- | M] () -- C:\windows\System32\scardsyn.dll
[2011.04.16 18:38:37 | 000,048,188 | ---- | M] () -- C:\Users\Petr\Documents\cc_20110416_183827.reg
[2011.04.16 18:22:11 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\GlobeTrotter Connect.lnk
[2011.04.16 18:15:01 | 003,658,752 | ---- | M] (Intel Corporation) -- C:\windows\System32\drivers\NETw5v32.sys
[2011.04.16 18:14:58 | 002,756,608 | ---- | M] (Intel Corporation) -- C:\windows\System32\NETw5r32.dll
[2011.04.16 18:14:58 | 000,659,456 | ---- | M] (Intel Corporation) -- C:\windows\System32\NETw5c32.dll
[2011.04.16 17:58:06 | 000,920,088 | ---- | M] (Intel® Corporation) -- C:\windows\System32\igxpun.exe
[2011.04.16 17:57:28 | 000,113,664 | ---- | M] (Intel(R) Corporation) -- C:\windows\System32\drivers\IntcHdmi.sys
[2011.04.16 17:57:26 | 000,004,608 | ---- | M] () -- C:\windows\System32\HdmiCoin.dll
[2011.04.16 17:56:46 | 000,170,520 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxzoom.exe
[2011.04.16 17:56:43 | 000,641,560 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxcfg.exe
[2011.04.16 17:56:41 | 000,069,632 | ---- | M] (Intel Corporation) -- C:\windows\System32\oemdspif.dll
[2011.04.16 17:56:39 | 000,147,456 | ---- | M] () -- C:\windows\System32\igfxCoIn_v1508.dll
[2011.04.16 17:56:39 | 000,034,512 | ---- | M] () -- C:\windows\System32\iglhxs32.vp
[2011.04.16 17:56:38 | 000,002,096 | ---- | M] () -- C:\windows\System32\iglhxo32.vp
[2011.04.16 17:56:37 | 002,192,024 | ---- | M] () -- C:\windows\System32\igkrng500.bin
[2011.04.16 17:56:37 | 000,002,096 | ---- | M] () -- C:\windows\System32\iglhxc32.vp
[2011.04.16 17:56:36 | 000,249,856 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxTMM.dll
[2011.04.16 17:56:35 | 000,051,712 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxsrvc.dll
[2011.04.16 17:56:34 | 000,249,856 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxrtrk.lrc
[2011.04.16 17:56:34 | 000,233,472 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxrtha.lrc
[2011.04.16 17:56:33 | 000,253,952 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxrsve.lrc
[2011.04.16 17:56:32 | 000,249,856 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxrsky.lrc
[2011.04.16 17:56:32 | 000,245,760 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxrslv.lrc
[2011.04.16 17:56:31 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxrrus.lrc
[2011.04.16 17:56:30 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxrptg.lrc
[2011.04.16 17:56:30 | 000,258,048 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxrptb.lrc
[2011.04.16 17:56:29 | 000,258,048 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxrplk.lrc
[2011.04.16 17:56:28 | 000,270,336 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxrnld.lrc
[2011.04.16 17:56:28 | 000,249,856 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxrnor.lrc
[2011.04.16 17:56:27 | 000,176,128 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxrkor.lrc
[2011.04.16 17:56:26 | 000,274,432 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxrita.lrc
[2011.04.16 17:56:26 | 000,180,224 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxrjpn.lrc
[2011.04.16 17:56:25 | 000,258,048 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxrhun.lrc
[2011.04.16 17:56:25 | 000,221,184 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxrheb.lrc
[2011.04.16 17:56:24 | 000,270,336 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxrfra.lrc
[2011.04.16 17:56:23 | 005,697,536 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxress.dll
[2011.04.16 17:56:23 | 000,249,856 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxrfin.lrc
[2011.04.16 17:56:22 | 000,270,336 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxresp.lrc
[2011.04.16 17:56:21 | 000,245,760 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxrenu.lrc
[2011.04.16 17:56:20 | 000,278,528 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxrell.lrc
[2011.04.16 17:56:20 | 000,274,432 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxrdeu.lrc
[2011.04.16 17:56:19 | 000,253,952 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxrdan.lrc
[2011.04.16 17:56:19 | 000,253,952 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxrcsy.lrc
[2011.04.16 17:56:18 | 000,147,456 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxrcht.lrc
[2011.04.16 17:56:17 | 000,225,280 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxrara.lrc
[2011.04.16 17:56:17 | 000,151,552 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxrchs.lrc
[2011.04.16 17:56:16 | 000,204,800 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxpph.dll
[2011.04.16 17:56:15 | 000,135,168 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxdo.dll
[2011.04.16 17:56:15 | 000,024,576 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxexps.dll
[2011.04.16 17:56:13 | 000,147,172 | ---- | M] () -- C:\windows\System32\igfcg550.bin
[2011.04.16 17:56:13 | 000,126,976 | ---- | M] (Intel Corporation) -- C:\windows\System32\igfxcpl.cpl
[2011.04.16 17:56:12 | 000,536,576 | ---- | M] (Intel Corporation) -- C:\windows\System32\igdumdx32.dll
[2011.04.16 17:56:11 | 003,309,568 | ---- | M] (Intel Corporation) -- C:\windows\System32\igdumd32.dll
[2011.04.16 17:56:09 | 002,174,976 | ---- | M] (Intel Corporation) -- C:\windows\System32\igd10umd32.dll
[2011.04.16 17:56:08 | 000,492,496 | ---- | M] () -- C:\windows\System32\igcompkrng500.bin
[2011.04.16 17:56:07 | 002,420,736 | ---- | M] (Intel Corporation) -- C:\windows\System32\ig4icd32.dll
[2011.04.16 17:56:06 | 002,179,072 | ---- | M] (Intel Corporation) -- C:\windows\System32\ig4dev32.dll
[2011.04.16 17:56:06 | 000,106,496 | ---- | M] (Intel Corporation) -- C:\windows\System32\hccutils.dll
[2011.04.16 17:56:04 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\difxapi.dll
[2011.04.16 17:49:46 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2011.04.16 17:41:14 | 001,060,424 | ---- | M] () -- C:\windows\System32\WdfCoInstaller01000.dll
[2011.04.16 17:35:04 | 001,090,304 | ---- | M] (Motorola Inc.) -- C:\windows\System32\drivers\smserial.sys
[2011.04.16 17:34:50 | 000,364,544 | ---- | M] (Motorola Inc.) -- C:\windows\System32\sm56co81.dll
[2011.04.16 17:31:31 | 000,054,824 | ---- | M] (Agere Systems) -- C:\windows\System32\agrsmdel.exe
[2011.04.16 17:31:30 | 000,013,312 | ---- | M] (Agere Systems) -- C:\windows\System32\agrscoin.dll
[2011.04.16 17:29:39 | 000,122,368 | ---- | M] (Realtek Corporation ) -- C:\windows\System32\drivers\Rtlh86.sys
[2011.04.16 17:08:57 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\windows\DIFxAPI.dll
[2011.04.16 17:08:48 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) -- C:\windows\HideWin.exe
[2011.04.16 17:08:03 | 001,773,568 | ---- | M] (Waves Audio Ltd.) -- C:\windows\System32\WavesLib.dll
[2011.04.16 17:08:02 | 000,135,168 | ---- | M] (SRS Labs, Inc.) -- C:\windows\System32\SRSWOW.dll
[2011.04.16 17:08:01 | 000,339,968 | ---- | M] (SRS Labs, Inc.) -- C:\windows\System32\SRSTSXT.dll
[2011.04.16 17:08:00 | 000,185,776 | ---- | M] (SRS Labs, Inc.) -- C:\windows\System32\SRSTSHD.dll
[2011.04.16 17:08:00 | 000,167,936 | ---- | M] (SRS Labs, Inc.) -- C:\windows\System32\SRSHP360.dll
[2011.04.16 17:07:58 | 001,196,032 | ---- | M] (Realtek Semiconductor Corp.) -- C:\windows\RtlUpd.exe
[2011.04.16 17:07:58 | 000,532,480 | ---- | M] (Realtek Semiconductor Corp.) -- C:\windows\System32\RTSndMgr.cpl
[2011.04.16 17:07:55 | 000,694,272 | ---- | M] (Realtek Semiconductor Corp.) -- C:\windows\System32\RtkPgExt.dll
[2011.04.16 17:07:54 | 000,031,232 | ---- | M] (Realtek Semiconductor Corp.) -- C:\windows\System32\RtkCoInst.dll
[2011.04.16 17:07:53 | 000,285,216 | ---- | M] (Realtek Semiconductor Corp.) -- C:\windows\System32\RtkApoApi.dll
[2011.04.16 17:07:52 | 006,111,232 | ---- | M] (Realtek Semiconductor) -- C:\windows\RtHDVCpl.exe
[2011.04.16 17:07:52 | 002,172,416 | ---- | M] (Realtek Semiconductor Corp.) -- C:\windows\System32\RtkAPO.dll
[2011.04.16 17:07:50 | 001,929,216 | ---- | M] (Waves Audio Ltd.) -- C:\windows\System32\MaxxAudioEQ.dll
[2011.04.16 17:07:49 | 000,155,648 | ---- | M] (Waves Audio Ltd.) -- C:\windows\System32\MaxxAudioAPO20.dll
[2011.04.16 17:07:49 | 000,126,976 | ---- | M] (Waves Audio Ltd.) -- C:\windows\System32\MaxxAudioAPO.dll
[2011.04.16 17:07:44 | 000,140,288 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\windows\System32\FMAPO.dll
[2011.04.16 17:07:41 | 000,000,553 | ---- | M] () -- C:\windows\USetup.iss
[2011.04.16 17:07:36 | 000,520,192 | ---- | M] (Realtek Semiconductor Corp.) -- C:\windows\RtlExUpd.dll
[2011.04.16 16:52:18 | 000,007,680 | ---- | M] (ATK0100) -- C:\windows\System32\drivers\ATKACPI.sys
[2011.04.16 16:40:25 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.04.15 21:41:01 | 001,760,832 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2011.04.15 20:26:22 | 000,650,331 | ---- | M] () -- C:\windows\System32\drivers\Avg\iavifw.avm
[2011.04.10 16:00:46 | 000,000,468 | -H-- | M] () -- C:\windows\tasks\Norton Security Scan for Petr.job
[1 C:\Users\Petr\*.tmp files -> C:\Users\Petr\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.04.16 22:23:50 | 000,001,024 | ---- | C] () -- C:\windows\System32\AutoPartNt.let
[2011.04.16 21:21:30 | 2110,902,272 | -HS- | C] () -- C:\hiberfil.sys
[2011.04.16 21:14:21 | 000,001,004 | ---- | C] () -- C:\Users\Public\Desktop\Acronis True Image Home 2011.lnk
[2011.04.16 21:14:20 | 000,001,364 | ---- | C] () -- C:\Users\Public\Desktop\Acronis Online Backup.lnk
[2011.04.16 19:42:22 | 000,000,078 | ---- | C] () -- C:\Users\Petr\Desktop\VIRY.CZ • Zobrazit téma - Pro Vyosek.URL
[2011.04.16 19:01:37 | 000,110,592 | R--- | C] () -- C:\windows\System32\scardsyn.dll
[2011.04.16 18:38:35 | 000,048,188 | ---- | C] () -- C:\Users\Petr\Documents\cc_20110416_183827.reg
[2011.04.16 18:22:11 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\GlobeTrotter Connect.lnk
[2011.04.16 17:49:46 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2011.04.16 17:10:13 | 000,000,553 | ---- | C] () -- C:\windows\USetup.iss
[2011.04.16 16:40:25 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.02.25 21:21:53 | 000,002,032 | ---- | C] () -- C:\Users\Petr\AppData\Local\d3d9caps.dat
[2009.11.04 19:01:01 | 000,017,408 | ---- | C] () -- C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.10.31 17:58:21 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2009.10.31 17:58:21 | 000,000,008 | RHS- | C] () -- C:\ProgramData\926014A02C.sys
[2009.10.11 20:25:25 | 000,107,612 | ---- | C] () -- C:\windows\System32\StructuredQuerySchema.bin
[2009.10.11 20:25:24 | 000,117,248 | ---- | C] () -- C:\windows\System32\EhStorAuthn.dll
[2009.10.10 16:48:40 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.10.09 12:20:45 | 002,463,976 | ---- | C] () -- C:\windows\System32\NPSWF32.dll
[2009.10.09 10:29:19 | 000,006,656 | ---- | C] () -- C:\windows\System32\bcmwlrc.dll
[2009.10.09 09:20:50 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2009.10.09 09:20:09 | 000,000,012 | ---- | C] () -- C:\windows\bthservsdp.dat
[2009.06.22 11:59:09 | 000,018,904 | ---- | C] () -- C:\windows\System32\StructuredQuerySchemaTrivial.bin
[2009.06.22 11:40:12 | 000,647,880 | ---- | C] () -- C:\windows\System32\perfh005.dat
[2009.06.22 11:40:12 | 000,286,912 | ---- | C] () -- C:\windows\System32\perfi005.dat
[2009.06.22 11:40:12 | 000,139,082 | ---- | C] () -- C:\windows\System32\perfc005.dat
[2009.06.22 11:40:12 | 000,034,724 | ---- | C] () -- C:\windows\System32\perfd005.dat
[2009.02.03 13:00:00 | 000,159,744 | ---- | C] () -- C:\windows\System32\atitmmxx.dll
[2009.02.03 13:00:00 | 000,011,264 | ---- | C] () -- C:\windows\System32\atimuixx.dll
[2008.10.29 06:13:00 | 000,180,720 | ---- | C] () -- C:\windows\System32\atiicdxx.dat
[2008.10.21 01:40:00 | 000,081,920 | ---- | C] () -- C:\windows\System32\ATIODE.exe
[2008.10.21 01:40:00 | 000,045,056 | ---- | C] () -- C:\windows\System32\ATIODCLI.exe
[2008.10.02 00:01:58 | 000,109,216 | ---- | C] () -- C:\windows\System32\drivers\SafeBoot.sys
[2008.08.29 14:58:26 | 000,197,408 | ---- | C] () -- C:\windows\System32\vpnapi.dll
[2008.08.07 00:19:14 | 000,294,912 | ---- | C] () -- C:\windows\System32\flcdlmsg.dll
[2008.06.20 10:33:08 | 000,147,456 | ---- | C] () -- C:\windows\System32\igfxCoIn_v1508.dll
[2008.06.20 10:18:36 | 002,192,024 | ---- | C] () -- C:\windows\System32\igkrng500.bin
[2008.06.20 10:18:36 | 000,492,496 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin
[2008.06.20 10:18:36 | 000,147,172 | ---- | C] () -- C:\windows\System32\igfcg550.bin
[2008.06.04 17:54:12 | 000,004,608 | ---- | C] () -- C:\windows\System32\HdmiCoin.dll
[2007.11.28 02:41:06 | 000,114,688 | ---- | C] () -- C:\windows\System32\aicext.dll
[2006.11.02 14:53:49 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2006.11.02 14:44:53 | 001,760,832 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2006.11.02 12:33:01 | 000,635,864 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,119,368 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
[2006.03.09 10:58:00 | 001,060,424 | ---- | C] () -- C:\windows\System32\WdfCoInstaller01000.dll
[1998.05.07 06:10:00 | 000,069,632 | ---- | C] () -- C:\windows\System32\ODMA32.dll

========== LOP Check ==========

[2011.04.16 21:24:14 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Acronis
[2009.12.20 21:22:07 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\AVG9
[2009.10.09 18:06:03 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Canneverbe_Limited
[2010.04.10 19:27:38 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Canon
[2009.10.09 18:09:46 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\GHISLER
[2009.10.31 17:58:24 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\InterVideo
[2009.10.09 17:37:38 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\IrfanView
[2009.11.13 13:51:14 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Simulace_2009
[2011.04.16 23:41:09 | 000,032,612 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.12.16 22:40:59 | 000,000,416 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{F932F6E6-23C4-4F8F-893E-221294EC1912}.job

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.04.11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation)
"Skype" = "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized -- [2009.10.09 14:11:12 | 025,623,336 | R--- | M] (Skype Technologies S.A.)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.04.16 21:24:14 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Acronis
[2010.01.14 15:52:48 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Adobe
[2010.08.21 14:43:59 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Apple Computer
[2009.10.09 10:42:58 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\ATI
[2009.12.20 21:22:07 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\AVG9
[2009.10.09 18:06:03 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Canneverbe_Limited
[2010.04.10 19:27:38 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Canon
[2009.10.31 17:58:20 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Corel
[2009.10.09 18:09:46 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\GHISLER
[2009.10.10 16:58:33 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Google
[2011.04.16 20:10:32 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\HPQLOG
[2009.10.09 10:41:14 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Identities
[2009.10.09 10:27:58 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\InstallShield

[2009.10.31 17:58:24 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\InterVideo
[2009.10.09 17:37:38 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\IrfanView
[2009.10.10 16:35:55 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Macromedia
[2010.05.24 16:17:38 | 000,000,000 | --SD | M] -- C:\Users\Petr\AppData\Roaming\Microsoft
[2009.11.17 23:41:31 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Mozilla
[2009.10.24 16:01:51 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Nero
[2009.11.13 13:51:14 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Simulace_2009
[2010.02.28 19:49:02 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Skype
[2010.02.28 19:47:36 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\skypePM
[2010.05.19 22:03:25 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Sun

< %APPDATA%\*.exe /s >
[2009.10.31 14:23:53 | 000,038,208 | ---- | M] () -- C:\Users\Petr\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011.02.01 20:04:18 | 000,052,616 | ---- | M] () -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\s2u66u4n.default\extensions\toolbar@ask.com\chrome\content\issigned.exe
[2011.03.21 21:50:46 | 003,325,832 | ---- | M] (Ask) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\s2u66u4n.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe


< MD5 for: AGP440.SYS >
[2008.01.21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.08.16 14:03:39 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=66A1A71D66C5235A31C16F30147E7AF6 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_181d523c\atapi.sys
[2008.08.16 14:03:39 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=66A1A71D66C5235A31C16F30147E7AF6 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22245_none_dd9b888d3ac35a04\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.21 04:34:33 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe

< MD5 for: CDROM.SYS >
[2008.01.21 04:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.21 04:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2008.01.21 04:34:19 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\System32\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2009.06.22 12:19:10 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2009.06.22 12:19:09 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2009.06.22 12:19:09 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2009.06.22 12:19:09 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 04:34:05 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: HAL.DLL >
[2009.04.11 08:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll

< MD5 for: IASTOR.SYS >
[2008.12.04 14:48:52 | 000,407,064 | ---- | M] (Intel Corporation) MD5=8EACF469269FB1509561961A3188F670 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2008.12.04 14:48:52 | 000,407,064 | ---- | M] (Intel Corporation) MD5=8EACF469269FB1509561961A3188F670 -- C:\Swsetup\Drivers\64\HDD\IaStor.sys
[2008.12.04 14:48:52 | 000,407,064 | ---- | M] (Intel Corporation) MD5=8EACF469269FB1509561961A3188F670 -- C:\Swsetup\Drivers\Global\INTELMSM\Winall\Driver64\IaStor.sys
[2008.12.04 14:34:52 | 000,328,728 | ---- | M] (Intel Corporation) MD5=BAABB0301949774A66B955C65319635A -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2008.12.04 14:34:52 | 000,328,728 | ---- | M] (Intel Corporation) MD5=BAABB0301949774A66B955C65319635A -- C:\Swsetup\Drivers\32\HDD\IaStor.sys
[2008.12.04 14:34:52 | 000,328,728 | ---- | M] (Intel Corporation) MD5=BAABB0301949774A66B955C65319635A -- C:\Swsetup\Drivers\Global\INTELMSM\Winall\Driver\IaStor.sys
[2008.12.04 14:34:52 | 000,328,728 | ---- | M] (Intel Corporation) MD5=BAABB0301949774A66B955C65319635A -- C:\Windows\System32\drivers\iaStor.sys
[2008.12.04 14:34:52 | 000,328,728 | ---- | M] (Intel Corporation) MD5=BAABB0301949774A66B955C65319635A -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_3f3bdbbf\iaStor.sys
[2008.12.04 14:34:52 | 000,328,728 | ---- | M] (Intel Corporation) MD5=BAABB0301949774A66B955C65319635A -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_2610a47d\iaStor.sys

< MD5 for: IASTORV.SYS >
[2008.01.21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008.01.21 04:32:22 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\drivers\isapnp.sys
[2008.01.21 04:32:22 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\isapnp.sys
[2008.01.21 04:32:22 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008.01.21 04:32:22 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2008.01.21 04:32:22 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.06.15 14:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009.09.10 16:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\System32\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009.02.13 09:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2009.06.15 15:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2009.06.15 14:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009.02.13 06:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009.06.15 14:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2009.06.15 15:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009.09.09 13:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009.09.10 16:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008.01.21 04:33:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008.01.21 04:33:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2008.01.21 04:33:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2009.02.13 10:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe

< MD5 for: NDIS.SYS >
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008.01.21 04:33:22 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
[2008.02.08 06:25:28 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=C8560010A542B5DCA94C62468DC20784 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.22110_none_a845f8a63534c8d3\ndis.sys
[2008.02.08 06:22:00 | 000,503,352 | ---- | M] (Microsoft Corporation) MD5=E50187F20ED749F57C97836FEDE14BD6 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.20768_none_a631acb4382f8e4f\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:33:41 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVRAID.SYS >
[2008.01.21 04:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\drivers\nvraid.sys
[2008.01.21 04:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008.01.21 04:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008.01.21 04:34:39 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: SMSS.EXE >
[2008.01.21 04:33:22 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009.04.11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\System32\smss.exe
[2009.04.11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.01.21 04:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.21 04:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: TCPIP.SYS >
[2009.06.22 11:58:22 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009.04.11 08:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2009.12.08 22:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009.08.15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2010.02.18 13:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2009.12.08 22:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2009.12.08 22:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2010.06.16 17:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009.08.14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2010.06.16 18:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2010.06.16 17:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2009.06.22 11:58:22 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009.12.08 19:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009.08.14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2008.03.27 06:05:48 | 000,890,936 | ---- | M] (Microsoft Corporation) MD5=9081EBA4184E7EB87C55E18C089283A5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22144_none_b38070957fa0b5e0\tcpip.sys
[2010.02.18 19:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010.06.16 18:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\System32\drivers\tcpip.sys
[2010.06.16 18:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2009.12.08 19:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2010.02.18 16:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009.12.08 22:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2008.01.21 04:34:55 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009.08.14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.01.21 04:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.01.21 04:34:36 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll
[2008.01.21 04:34:36 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009.03.08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009.03.08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2008.10.02 00:01:58 | 000,109,216 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\SafeBoot.sys

< %systemroot%\System32\config\*.sav >
[2008.01.21 05:31:11 | 015,716,352 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:31:01 | 000,102,400 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:31:12 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.dll /lockedfiles >
[2009.03.08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009.03.08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll

< %systemroot%\system32\drivers\*.sys /3 >
[2011.04.16 21:14:49 | 000,167,968 | ---- | M] (Acronis) -- C:\Windows\System32\drivers\afcdp.sys
[2011.04.16 16:52:18 | 000,007,680 | ---- | M] (ATK0100) -- C:\Windows\System32\drivers\ATKACPI.sys
[2011.04.16 17:56:10 | 002,381,312 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\igdkmd32.sys
[2011.04.16 17:57:28 | 000,113,664 | ---- | M] (Intel(R) Corporation) -- C:\Windows\System32\drivers\IntcHdmi.sys
[2011.04.16 18:15:01 | 003,658,752 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\NETw5v32.sys
[2011.04.16 17:07:56 | 002,098,904 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys
[2011.04.16 17:29:39 | 000,122,368 | ---- | M] (Realtek Corporation ) -- C:\Windows\System32\drivers\Rtlh86.sys
[2011.04.16 17:35:04 | 001,090,304 | ---- | M] (Motorola Inc.) -- C:\Windows\System32\drivers\smserial.sys
[2011.04.16 21:14:28 | 000,170,528 | ---- | M] (Acronis) -- C:\Windows\System32\drivers\snapman.sys
[2011.04.16 17:41:05 | 000,182,456 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\drivers\SynTP.sys
[2011.04.16 21:14:43 | 000,752,128 | ---- | M] (Acronis) -- C:\Windows\System32\drivers\tdrpm273.sys
[2011.04.16 21:14:39 | 000,600,928 | ---- | M] (Acronis) -- C:\Windows\System32\drivers\timntr.sys

< %systemroot%\system32\*.* /3 >
[2011.04.16 23:59:43 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.16 23:59:43 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.16 17:31:30 | 000,013,312 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrscoin.dll
[2011.04.16 17:31:31 | 000,054,824 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmdel.exe
[2011.04.16 22:23:50 | 002,071,392 | ---- | M] (Acronis) -- C:\Windows\System32\AutoPartNt.exe
[2011.04.16 22:26:07 | 000,001,024 | ---- | M] () -- C:\Windows\System32\AutoPartNt.let
[2011.04.16 17:56:04 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\difxapi.dll
[2011.04.16 17:07:44 | 000,140,288 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\FMAPO.dll
[2011.04.15 21:41:01 | 001,760,832 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.04.16 17:56:06 | 000,106,496 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hccutils.dll
[2011.04.16 17:57:26 | 000,004,608 | ---- | M] () -- C:\Windows\System32\HdmiCoin.dll
[2011.04.16 17:56:42 | 000,170,520 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe
[2011.04.16 17:56:06 | 002,179,072 | ---- | M] (Intel Corporation) -- C:\Windows\System32\ig4dev32.dll
[2011.04.16 17:56:07 | 002,420,736 | ---- | M] (Intel Corporation) -- C:\Windows\System32\ig4icd32.dll
[2011.04.16 17:56:08 | 000,492,496 | ---- | M] () -- C:\Windows\System32\igcompkrng500.bin
[2011.04.16 17:56:09 | 002,174,976 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igd10umd32.dll
[2011.04.16 17:56:11 | 003,309,568 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igdumd32.dll
[2011.04.16 17:56:12 | 000,536,576 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igdumdx32.dll
[2011.04.16 17:56:13 | 000,147,172 | ---- | M] () -- C:\Windows\System32\igfcg550.bin
[2011.04.16 17:56:43 | 000,641,560 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxcfg.exe
[2011.04.16 17:56:39 | 000,147,456 | ---- | M] () -- C:\Windows\System32\igfxCoIn_v1508.dll
[2011.04.16 17:56:13 | 000,126,976 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxcpl.cpl
[2011.04.16 17:56:14 | 000,208,896 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxdev.dll
[2011.04.16 17:56:15 | 000,135,168 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxdo.dll
[2011.04.16 17:56:15 | 000,024,576 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxexps.dll
[2011.04.16 17:56:43 | 000,174,616 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxext.exe
[2011.04.16 17:56:44 | 000,145,944 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe
[2011.04.16 17:56:16 | 000,204,800 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpph.dll
[2011.04.16 17:56:17 | 000,225,280 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxrara.lrc
[2011.04.16 17:56:17 | 000,151,552 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxrchs.lrc
[2011.04.16 17:56:18 | 000,147,456 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxrcht.lrc
[2011.04.16 17:56:19 | 000,253,952 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxrcsy.lrc
[2011.04.16 17:56:19 | 000,253,952 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxrdan.lrc
[2011.04.16 17:56:20 | 000,274,432 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxrdeu.lrc
[2011.04.16 17:56:20 | 000,278,528 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxrell.lrc
[2011.04.16 17:56:21 | 000,245,760 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxrenu.lrc
[2011.04.16 17:56:22 | 000,270,336 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxresp.lrc
[2011.04.16 17:56:23 | 005,697,536 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxress.dll
[2011.04.16 17:56:23 | 000,249,856 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxrfin.lrc
[2011.04.16 17:56:24 | 000,270,336 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxrfra.lrc
[2011.04.16 17:56:25 | 000,221,184 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxrheb.lrc
[2011.04.16 17:56:25 | 000,258,048 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxrhun.lrc
[2011.04.16 17:56:26 | 000,274,432 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxrita.lrc
[2011.04.16 17:56:26 | 000,180,224 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxrjpn.lrc
[2011.04.16 17:56:27 | 000,176,128 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxrkor.lrc
[2011.04.16 17:56:28 | 000,270,336 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxrnld.lrc
[2011.04.16 17:56:28 | 000,249,856 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxrnor.lrc
[2011.04.16 17:56:29 | 000,258,048 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxrplk.lrc
[2011.04.16 17:56:30 | 000,258,048 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxrptb.lrc
[2011.04.16 17:56:30 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxrptg.lrc
[2011.04.16 17:56:31 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxrrus.lrc
[2011.04.16 17:56:32 | 000,249,856 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxrsky.lrc
[2011.04.16 17:56:32 | 000,245,760 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxrslv.lrc
[2011.04.16 17:56:33 | 000,253,952 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxrsve.lrc
[2011.04.16 17:56:34 | 000,233,472 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxrtha.lrc
[2011.04.16 17:56:34 | 000,249,856 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxrtrk.lrc
[2011.04.16 17:56:35 | 000,051,712 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.dll
[2011.04.16 17:56:45 | 000,256,536 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe
[2011.04.16 17:56:36 | 000,249,856 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxTMM.dll
[2011.04.16 17:56:45 | 000,150,040 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxtray.exe
[2011.04.16 17:56:46 | 000,170,520 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxzoom.exe
[2011.04.16 17:56:37 | 002,192,024 | ---- | M] () -- C:\Windows\System32\igkrng500.bin
[2011.04.16 17:56:37 | 000,002,096 | ---- | M] () -- C:\Windows\System32\iglhxc32.vp
[2011.04.16 17:56:38 | 000,002,096 | ---- | M] () -- C:\Windows\System32\iglhxo32.vp
[2011.04.16 17:56:39 | 000,034,512 | ---- | M] () -- C:\Windows\System32\iglhxs32.vp
[2011.04.16 17:58:06 | 000,920,088 | ---- | M] (Intel® Corporation) -- C:\Windows\System32\igxpun.exe
[2011.04.16 17:07:49 | 000,126,976 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2011.04.16 17:07:49 | 000,155,648 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2011.04.16 17:07:50 | 001,929,216 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2011.04.15 20:29:30 | 039,828,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mrt.exe
[2011.04.16 18:14:58 | 000,659,456 | ---- | M] (Intel Corporation) -- C:\Windows\System32\NETw5c32.dll
[2011.04.16 18:14:58 | 002,756,608 | ---- | M] (Intel Corporation) -- C:\Windows\System32\NETw5r32.dll
[2011.04.16 17:56:41 | 000,069,632 | ---- | M] (Intel Corporation) -- C:\Windows\System32\oemdspif.dll
[2011.04.16 23:50:21 | 000,139,082 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.04.16 23:50:21 | 000,119,368 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.04.16 23:50:21 | 000,647,880 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.04.16 23:50:21 | 000,635,864 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.04.16 23:50:21 | 001,541,010 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2011.04.16 17:07:52 | 002,172,416 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2011.04.16 17:07:53 | 000,285,216 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2011.04.16 17:07:54 | 000,031,232 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2011.04.16 17:07:55 | 000,694,272 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2011.04.16 17:07:58 | 000,532,480 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2011.04.16 19:01:37 | 000,110,592 | R--- | M] () -- C:\Windows\System32\scardsyn.dll
[2011.04.16 17:34:50 | 000,364,544 | ---- | M] (Motorola Inc.) -- C:\Windows\System32\sm56co81.dll
[2011.04.16 17:08:00 | 000,167,936 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2011.04.16 17:08:00 | 000,185,776 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2011.04.16 17:08:01 | 000,339,968 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2011.04.16 17:08:02 | 000,135,168 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2011.04.16 17:40:57 | 000,163,840 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\SynCOM.dll
[2011.04.16 17:41:00 | 000,196,608 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\SynCtrl.dll
[2011.04.16 17:41:06 | 000,143,360 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\SynTPAPI.dll
[2011.04.16 17:41:06 | 000,110,592 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\SynTPCo4.dll
[2011.04.16 17:08:03 | 001,773,568 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2011.04.16 17:41:14 | 001,060,424 | ---- | M] () -- C:\Windows\System32\WdfCoInstaller01000.dll

< End of report >

OTL Extras logfile created on: 16.4.2011 23:51:05 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Petr\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 38,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 66,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 454,76 Gb Total Space | 302,16 Gb Free Space | 66,44% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 1,77 Gb Free Space | 17,74% Space Free | Partition Type: NTFS
Drive E: | 426,80 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 1019,00 Mb Total Space | 1016,33 Mb Free Space | 99,74% Space Free | Partition Type: FAT32

Computer Name: NB-PETR | User Name: Petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-893100059-2973154077-1563591687-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{028B06E3-2FDF-4501-B00C-A8F93CC835D4}" = lport=445 | protocol=6 | dir=in | app=system |
"{0E55C14E-E486-4481-9185-178A35A4FD6D}" = rport=137 | protocol=17 | dir=out | app=system |
"{0F48BC0E-55C5-4475-8637-DBFF5CDE9CD3}" = rport=138 | protocol=17 | dir=out | app=system |
"{193AA84E-AAC9-4336-B656-93EBB373CD40}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{39B647E2-DC4C-48F9-863B-4CD7C288A484}" = lport=138 | protocol=17 | dir=in | app=system |
"{486D81D5-C57C-470C-82C6-1CD641018106}" = lport=2869 | protocol=6 | dir=in | app=system |
"{65B87C8E-B91D-4D11-9B45-10AAB6A2B7D1}" = rport=445 | protocol=6 | dir=out | app=system |
"{76736BFB-3866-4055-92CC-9290FC100E72}" = rport=139 | protocol=6 | dir=out | app=system |
"{842026FA-8163-47D3-9ECC-542D50722A1B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{A59E3CD5-3039-4DCE-95FB-600EDEF6B4CB}" = lport=137 | protocol=17 | dir=in | app=system |
"{C7B38848-B0AA-4FA7-A883-7B1BE789A7F1}" = lport=139 | protocol=6 | dir=in | app=system |
"{CA2268B4-8BA4-4834-A199-82973309B98B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F9F40E4B-4AC1-4E69-8BB1-3038B9864B71}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1FA20E7F-BB91-45A8-83D9-54657C0A05CC}" = dir=in | app=c:\program files\avg\avg9\avgnsx.exe |
"{3D996F21-3F95-4D85-AD8E-8334DB846FF6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6C4DCED3-0FB8-4F47-B979-AF01D8627E2D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6FC632FC-69B7-4728-8905-B31617B9A1E9}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7484F2FF-6B62-4F7E-8C1E-50E76BEA896C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7AB28182-6CB1-4702-AFF2-4FCBB44CBE8F}" = dir=in | app=c:\program files\avg\avg9\avgdiagex.exe |
"{84CBFA14-4777-4EF9-8723-22B50630BE11}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8779EF16-EB50-4767-AB4B-EBFD4B2FDB52}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{8B001613-95D5-4E6E-AAEB-AD9591430B0B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9CE418ED-191A-420A-94B9-76B4E8A700D5}" = dir=in | app=c:\program files\avg\avg9\avgam.exe |
"{A9971085-459C-48D1-A9FE-87212A602A5E}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{AB40CD45-2AD6-4414-ADE6-F0823758CDD3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{D6DAAA65-8F64-4552-B88A-B232A430D4B7}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E228525B-1C6D-4C15-ADE7-F618973C7A5F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F755E78C-62C8-4CFF-A71A-394846D0A103}" = dir=in | app=c:\program files\avg\avg9\avgupd.exe |
"{F8E7D2B3-C3C3-4E44-A67E-44609A7C35A0}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
"{FC865078-EF78-4585-AFF2-BAE3C0F6B1F1}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support
"{0295F89F-F698-4101-9A7D-49F407EC2D82}" = HP Active Support Library
"{04818D16-E946-550C-CA5B-5FB3B25CC9D2}" = CCC Help Czech
"{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}" = Acronis True Image Home 2011
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{06D3BAA7-8C97-4FF6-9F7B-99705BAC2169}" = Credential Manager for HP ProtectTools
"{0845D004-320A-6B28-B8AD-BC147D50271E}" = CCC Help Korean
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{0AE73E05-FD6F-417F-B828-82F13307AEEC}" = Catalyst Control Center - Branding
"{10EF53B4-44A3-1428-F051-4689307F27ED}" = CCC Help Russian
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4807" = CanoScan LiDE 200 Scanner Driver
"{132F255E-FBE9-2E72-10A5-9DF35B45CEEF}" = ATI Catalyst Install Manager
"{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}" = ATK Media
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1AB28342-A6C5-8B7A-2A92-BA2ED2A1E722}" = CCC Help Thai
"{1ACC4560-E7BE-2CCD-555B-C9C39F8940F8}" = CCC Help Dutch
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26921B2E-3E62-47F9-A514-1FC4A83BD738}" = Software Intel(R) PROSet/Wireless WiFi
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16
"{2928BCFA-AA18-C897-EF98-96DDB81B4CA5}" = CCC Help Polish
"{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2BC9342E-E4FE-411F-A93C-3B8FAEF1B17E}" = GlobeTrotter Connect
"{2BDB9DE0-6199-EEA2-81D1-93F1886DD3CB}" = CCC Help Hungarian
"{2CC3B536-0F86-1C4C-9C6E-4524252C343D}" = CCC Help Italian
"{2E2A8A44-39EE-5EE3-6A9D-EAF9BC20B44E}" = CCC Help Chinese Standard
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{30A2A953-DEB1-466A-B660-F4399C7C6B9D}" = Roxio MyDVD
"{31030E4E-8532-4A22-B615-9F7A48F69C36}" = Catalyst Control Center - Branding
"{3266D4DE-9CD0-48AC-9B2D-1D4879DB440F}" = Catalyst Control Center - Branding
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{3685016F-4277-5680-1990-2521EF3D3801}" = Catalyst Control Center Graphics Full New
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3A1C6EBF-B371-4BF2-9626-9792EFA46CBF}" = HP 3D DriveGuard
"{3A5C2134-6755-F59A-91EC-4A2EFEB2EAF4}" = Skins
"{3BA904CF-8B75-41AF-A5D2-F18A511536CA}" = LightScribe System Software
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{43975334-1732-7072-DF06-008794BED1C4}" = CCC Help Japanese
"{485D80AA-AFD9-4FF1-91D4-A44978B99F3D}" = AuthenTec Fingerprint System
"{4A961841-85E4-F441-8C99-17657E860243}" = Catalyst Control Center InstallProxy
"{5178C1BB-1EB1-4468-894B-7DE964DDCAA2}" = Adobe Photoshop CS3
"{51FB15F4-AD27-43BC-AD4B-DD0354FB6BBD}" = Cisco Systems VPN Client 5.0.04.0300
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Creator Business
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{554245D2-1EB4-4BA4-B74F-043972FAB66E}" = HP ProtectTools Security Manager
"{55B52830-024A-443E-AF61-61E1E71AFA1B}" = Device Access Manager for HP ProtectTools
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{571700F0-DB9D-4B3A-B03D-35A14BB5939F}" = Windows Live Messenger
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02
"{5CFA95BC-52A5-6F32-05E4-0F9FCA83F9F0}" = CCC Help French
"{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"{616B741E-6694-438B-BD02-73A79DE6834C}" = MainConcept MCE Encoder
"{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B21C4FD-B224-4599-A9BC-F565FDB90301}" = HP JavaCard for HP ProtectTools
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}" = Adobe Asset Services CS3
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{732A3F80-008B-4350-BD58-EC5AE98707B8}" = HP Common Access Service Library
"{739CE62B-2893-4D89-8BF8-9B4034633DB6}" = Adobe Setup
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{75D7BB3A-9AB7-4ad1-AD5E-0059B90C624B}" = HP ProtectTools Security Manager Suite
"{789C97CE-9E17-4126-BDF4-11FF458BF705}" = File Sanitizer For HP ProtectTools
"{7B6FC9C2-C5B4-4F58-8E50-1587236285D0}" = Simulace_2009
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83DBD41D-ADDF-7C18-98D8-B9232221CDE1}" = ccc-core-static
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{88F09FD2-0C32-A0E0-02DA-66731126032E}" = ccc-utility
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_PROPLUS_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_PROPLUS_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_PROPLUS_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_PROPLUS_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_PROPLUS_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_PROPLUS_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROPLUS_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROPLUS_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_PROPLUS_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_PROPLUS_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{902EC7BE-C623-11F3-0B20-A6A1D01A0F99}" = CCC Help Danish
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{9505A2A4-2478-CAE8-3860-705A689A50E9}" = Catalyst Control Center Graphics Previews Vista
"{99B39D40-5EA1-440C-BA46-5DE3FA6E8388}" = Catalyst Control Center - Branding
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = Software Bluetooth WIDCOMM
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A70634D4-6C97-6F3D-B1D1-6CD01AAB15A2}" = CCC Help Chinese Traditional
"{AA8EC7A4-EA02-4A72-B14F-65DA485F74C8}" = ESU for Microsoft Vista SP1
"{AC0AA40D-8899-449C-A059-548C8AC5FB6D}" = HP User Guides 0136
"{AC194855-F7AC-4D04-B4C9-07BA46FCB697}" = ActivClient 6.1 x86
"{AC54964A-0886-FFBB-DA5A-21B47BEDD8D9}" = CCC Help Portuguese
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{AE8B9EED-2083-3830-6BAF-D8FF87EFBD2B}" = Catalyst Control Center Localization All
"{B1259862-9EBF-C8E2-2092-160135C71549}" = CCC Help Swedish
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BA69296C-0910-D3B1-70C9-23BFF0C31D90}" = Catalyst Control Center Graphics Full Existing
"{BB662A7E-DFF6-47C9-BBD2-430079EA8E74}" = BIOS Configuration for HP ProtectTools
"{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}" = Adobe Flash Player 9 ActiveX
"{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}" = Microsoft SQL Server Compact 3.5 ENU
"{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C299012A-DB39-4E9D-B360-75F83A7D5252}" = Catalyst Control Center - Branding
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C4E73218-0B91-12D8-DB06-AE69B985EA55}" = CCC Help Finnish
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C6FF0A11-1F6C-C902-2644-4FDE8BC45A91}" = CCC Help German
"{CA17EC26-F3D1-2084-D747-A33065D2257E}" = CCC Help Spanish
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB7B419E-7ED5-76E0-8437-DEEFA7D45602}" = CCC Help Turkish
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D142866A-0DDB-A0D7-CEC3-B2F4D79345CA}" = CCC Help Norwegian
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D4E1CDA6-A176-B7BB-D0E6-206A2C3F0867}" = CCC Help English
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{D8A0E646-F4C7-7AF4-1768-A3090F85CDB1}" = CCC Help Greek
"{D8D4AF9A-6ADE-4B14-A7F5-BA858792729E}" = ASUS Security Protect Manager
"{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings
"{DA8D7893-2E3A-4E49-7F6B-60DB4E33528F}" = Catalyst Control Center Core Implementation
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E05EB9D2-8559-4821-98AC-3D5DA3242D5B}" = Vista Default Settings
"{E2C00C8C-3D0C-40DF-BC67-44321C9E1029}" = Nero 8
"{E6272A04-665C-4E7D-A6BA-EAF4C6C11B00}" = Drive Encryption for HP ProtectTools
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EB4DF30B-102B-4F0C-927A-D50E037A325D}" = AuthenTec Fingerprint Sensor Minimum Install
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator Business v10
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0703991-E476-4997-98C6-239E67FC9944}" = Adobe Creative Suite 3 Design Premium
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F639E2A2-FE6B-4527-B8BE-C1C423B81844}" = HP Webcam
"{FB091F2E-3B92-1658-6303-9924097B58D6}" = Catalyst Control Center Graphics Light
"34472D3C0CA521527E150A1EB74ED994CE452ECE" = Windows Driver Package - Intel (NETw5v32) net (04/27/2008 12.0.0.73)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_1e533f03b8b42b2b6a1aba5a0b9d358" = Přidat nebo odebrat Adobe Creative Suite 3 Design Premium
"Adresní modul UIR-ADR_is1" = Adresní modul UIR-ADR
"AVG9Uninstall" = AVG 9.0
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"FBDBServer_1_5_is1" = Firebird 1.5.5
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"Hledik - Poradce - makléř FAC" = Poradce - makléř FAC, verze 1.25/1
"InstallShield_{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"InstallShield_{F639E2A2-FE6B-4527-B8BE-C1C423B81844}" = HP Webcam
"IrfanView" = IrfanView (remove only)
"McAfee Security Scan" = McAfee Security Scan
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Moje farma" = Moje farma
"Money S3" = Ekonomický systém Money S3
"Mozilla Firefox (3.5.17)" = Mozilla Firefox (3.5.17)
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"NSS" = Norton Security Scan
"PDF Complete" = PDF Complete
"ProInst" = Intel PROSet Wireless
"PROPLUS" = Microsoft Office Professional Plus 2007
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Táta hrdina" = Táta hrdina
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 16.4.2011 15:23:23 | Computer Name = NB-Petr | Source = WinMgmt | ID = 10
Description =

Error - 16.4.2011 15:34:13 | Computer Name = NB-Petr | Source = WinMgmt | ID = 10
Description =

Error - 16.4.2011 15:37:15 | Computer Name = NB-Petr | Source = EventSystem | ID = 4621
Description =

Error - 16.4.2011 15:41:15 | Computer Name = NB-Petr | Source = WinMgmt | ID = 10
Description =

Error - 16.4.2011 16:18:32 | Computer Name = NB-Petr | Source = WinMgmt | ID = 10
Description =

Error - 16.4.2011 17:40:45 | Computer Name = NB-Petr | Source = WinMgmt | ID = 10
Description =

Error - 16.4.2011 17:45:02 | Computer Name = NB-Petr | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Received from 10.0.0.1:56843 4 NB-Petr.local.
Addr 10.0.0.1

Error - 16.4.2011 17:45:02 | Computer Name = NB-Petr | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: ProbeCount 2; will rename 4 NB-Petr.local.
Addr 10.0.0.4

Error - 16.4.2011 17:45:02 | Computer Name = NB-Petr | Source = Bonjour Service | ID = 100
Description = Local Hostname NB-Petr.local already in use; will try NB-Petr-2.local
instead

Error - 16.4.2011 17:45:11 | Computer Name = NB-Petr | Source = WinMgmt | ID = 10
Description =

[ OSession Events ]
Error - 11.10.2009 12:06:55 | Computer Name = NB-Petr | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 87
seconds with 60 seconds of active time. This session ended with a crash.

Error - 11.10.2009 12:07:21 | Computer Name = NB-Petr | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.

Error - 11.10.2009 12:15:50 | Computer Name = NB-Petr | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 135
seconds with 60 seconds of active time. This session ended with a crash.

Error - 11.10.2009 12:16:17 | Computer Name = NB-Petr | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 9
seconds with 0 seconds of active time. This session ended with a crash.

Error - 11.10.2009 12:16:50 | Computer Name = NB-Petr | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 7
seconds with 0 seconds of active time. This session ended with a crash.

Error - 16.5.2010 14:06:05 | Computer Name = NB-Petr | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.

Error - 7.7.2010 14:13:37 | Computer Name = NB-Petr | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 45
seconds with 0 seconds of active time. This session ended with a crash.

Error - 2.9.2010 15:55:52 | Computer Name = NB-Petr | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.

Error - 29.10.2010 10:15:40 | Computer Name = NB-Petr | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 154984
seconds with 120 seconds of active time. This session ended with a crash.

Error - 24.11.2010 15:05:30 | Computer Name = NB-Petr | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 36
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 16.4.2011 17:40:45 | Computer Name = NB-Petr | Source = Service Control Manager | ID = 7026
Description =

Error - 16.4.2011 17:43:18 | Computer Name = NB-Petr | Source = volmgr | ID = 262193
Description = Konfigurace stránkovacího souboru pro výpis stavu systému se nezdařila.
Přesvědčte se, zda na spouštěcím oddílu disku je stránkovací soubor a zda je na
něm dostatek místa pro uložení obsahu celé fyzické paměti.

Error - 16.4.2011 17:45:05 | Computer Name = NB-Petr | Source = Server | ID = 2505
Description = Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{1C64106C-2967-4E2C-B815-8A4BC93CDBCA},
protože jiný počítač v síti má stejný název. Server nelze spustit.

Error - 16.4.2011 17:45:04 | Computer Name = NB-Petr | Source = netbt | ID = 4321
Description = Název NB-PETR :0 nelze zaregistrovat v rozhraní s adresou IP
10.0.0.4. Počítač s adresou IP 10.0.0.1 nepovolil získání názvu tímto počítačem.

Error - 16.4.2011 17:45:04 | Computer Name = NB-Petr | Source = netbt | ID = 4321
Description = Název NB-PETR :0 nelze zaregistrovat v rozhraní s adresou IP
10.0.0.4. Počítač s adresou IP 10.0.0.1 nepovolil získání názvu tímto počítačem.

Error - 16.4.2011 17:45:04 | Computer Name = NB-Petr | Source = netbt | ID = 4321
Description = Název NB-PETR :20 nelze zaregistrovat v rozhraní s adresou
IP 10.0.0.4. Počítač s adresou IP 10.0.0.1 nepovolil získání názvu tímto počítačem.

Error - 16.4.2011 17:45:11 | Computer Name = NB-Petr | Source = Service Control Manager | ID = 7000
Description =

Error - 16.4.2011 17:46:56 | Computer Name = NB-Petr | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 16.4.2011 17:57:11 | Computer Name = NB-Petr | Source = PlugPlayManager | ID = 12
Description = Zařízení TSSTcorp CDDVDW TS-L633A (IDE\CdRomTSSTcorp_CDDVDW_TS-L633A________________AS00____\4&1f7680a9&0&0.1.0)
se již v systému nenachází, aniž by bylo nejdříve připraveno k odstranění.

Error - 16.4.2011 17:57:22 | Computer Name = NB-Petr | Source = iaStor | ID = 262153
Description = Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.


< End of report >

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :otl
  SRV - File not found [On_Demand | Stopped] -- -- (0010431255078082mcinstcleanup) McAfee Application Installer Cleanup (0010431255078082)
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
  IE - HKU\S-1-5-21-893100059-2973154077-1563591687-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
  IE - HKU\S-1-5-21-893100059-2973154077-1563591687-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=15187&l=dis
  IE - HKU\S-1-5-21-893100059-2973154077-1563591687-1004\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
  IE - HKU\S-1-5-21-893100059-2973154077-1563591687-1004\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
  IE - HKU\S-1-5-21-893100059-2973154077-1563591687-1004\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
  FF - prefs.js..browser.search.defaultengine: "Ask.com"
  FF - prefs.js..browser.search.defaultenginename: "Ask.com"
  FF - prefs.js..browser.search.order.1: "Ask.com"
  FF - prefs.js..browser.search.selectedEngine: "Ask.com"
  FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
  FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=PTV&o=15184&locale=en_US&apn_uid=21B3D9A3-08E9-4E3D-8F08-D67DA72CCDD8&apn_ptnrs=RY&apn_sauid=1FA12C49-99CF-4D2C-AAD6-EE1D5F858D59&apn_dtid=&q="
  [2011.03.26 13:05:10 | 000,000,000 | ---D | M] (PandoraTV Toolbar) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\s2u66u4n.default\extensions\toolbar@ask.com
  [2011.04.16 23:46:19 | 000,002,557 | ---- | M] () -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\s2u66u4n.default\searchplugins\askcom.xml
  O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
  O2 - BHO: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
  O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
  O3 - HKLM\..\Toolbar: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
  O3 - HKU\S-1-5-21-893100059-2973154077-1563591687-1004\..\Toolbar\WebBrowser: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
  O4 - HKLM..\Run: [] File not found
  O13 - gopher Prefix: missing
  O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
  O33 - MountPoints2\{a06e1633-6834-11e0-80a2-806e6f6e6963}\Shell - "" = AutoRun
  O33 - MountPoints2\{a06e1633-6834-11e0-80a2-806e6f6e6963}\Shell - "" = AutoRun
  [1 C:\Users\Petr\*.tmp files -> C:\Users\Petr\*.tmp -> ]
  [2011.04.10 16:00:46 | 000,000,468 | -H-- | M] () -- C:\windows\tasks\Norton Security Scan for Petr.job
  
  :reg
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  ""=-
  "Adobe Reader Speed Launcher"=-
  "Adobe ARM"=-
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
  "WinSat"=-
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
   
  :files
  C:\Program Files\Ask.com
  C:\windows\tasks\User_Feed_Synchronization-{F932F6E6-23C4-4F8F-893E-221294EC1912}.job
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp /s
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem