Připojení k síti a AVG nefunkční,síť jen stahuje malware

[motji]

Jinak Vám v nouzovém režimu funguje vše?
Obnova systému nejde?

[Matadorik]

Kromě AVPTool a RSIT asi všechno. MBAM nic nenašel. Nabízí se mi řešení - formát a zase ze zálohy. Nebo to jde ještě nějak?

[motji]

Zkusíme to ještě jinak

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

/md5start
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
hal.dll
logevent.dll
netlogon.dll
ntelogon.dll
scecli.dll
sceclt.dll
ws2_32.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
cdrom.sys
Changer.sys
fastfat.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
mv61xx.sys
ndis.sys
ntfs.sys
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
symmpi.sys
tcpip.sys
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
/md5stop

C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe


HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5 

- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde

[Matadorik]

OTL logfile created on: 1.8.2012 13:08:22 - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Documents and Settings\X.X-28ADCEE8E7F34\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,25 Gb Total Physical Memory | 2,62 Gb Available Physical Memory | 80,54% Memory free
5,09 Gb Paging File | 4,57 Gb Available in Paging File | 89,77% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 196,29 Gb Total Space | 33,08 Gb Free Space | 16,85% Space Free | Partition Type: NTFS
Drive D: | 651,93 Gb Total Space | 624,39 Gb Free Space | 95,78% Space Free | Partition Type: NTFS
Drive F: | 488,19 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: X-28ADCEE8E7F34 | User Name: X | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.08.01 13:05:41 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Plocha\OTL.exe
PRC - [2012.07.03 21:18:22 | 000,874,384 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2012.07.03 21:18:22 | 000,800,656 | ---- | M] (Opera Software) -- C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe
PRC - [2012.07.03 18:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.06.21 15:58:50 | 002,445,880 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2012.06.21 15:29:14 | 000,073,392 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
PRC - [2012.04.30 21:05:22 | 000,497,280 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe
PRC - [2012.04.30 21:04:28 | 000,738,944 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
PRC - [2008.04.14 09:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.12.18 00:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\EPSON\EPW!3 SSRP\E_S40ST7.EXE
PRC - [2007.01.12 00:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\EPSON\EPW!3 SSRP\E_S40RP7.EXE


========== Modules (No Company Name) ==========

MOD - [2012.08.01 09:31:56 | 001,790,464 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12080100\algo.dll
MOD - [2012.07.31 10:10:54 | 001,789,440 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12073101\algo.dll
MOD - [2011.10.09 14:10:31 | 008,522,400 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2009.01.11 00:15:44 | 000,159,744 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\Haali\mmfinfo.dll
MOD - [2009.01.11 00:14:06 | 000,023,552 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\Haali\mkunicode.dll
MOD - [2008.04.14 09:51:48 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2003.05.08 03:23:04 | 000,618,496 | ---- | M] () -- C:\Program Files\VDMSound\LaunchPad.dll


========== Win32 Services (SafeList) ==========

SRV - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.06.21 15:58:50 | 002,445,880 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2012.04.30 21:05:22 | 000,497,280 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe -- (IswSvc)
SRV - [2011.12.14 13:47:00 | 001,514,304 | ---- | M] (TuneUp Software) [Disabled | Stopped] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.11.17 19:17:46 | 002,489,680 | ---- | M] (O&O Software GmbH) [Disabled | Stopped] -- C:\Program Files\OO Software\Defrag\oodag.exe -- (OODefragAgent)
SRV - [2010.04.12 05:01:42 | 000,047,616 | R--- | M] (Mobile Leader Co.,Ltd.) [Disabled | Stopped] -- C:\WINDOWS\system32\LGScsiCommandService.exe -- (LGScsiCommandService)
SRV - [2007.12.18 00:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\EPSON\EPW!3 SSRP\E_S40ST7.EXE -- (EPSON_EB_RPCV4_01)
SRV - [2007.01.12 00:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\EPSON\EPW!3 SSRP\E_S40RP7.EXE -- (EPSON_PM_RPCV4_01)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\virtualnet.sys -- (vnet)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\vfilter.sys -- (pflt)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\XE118~1.X-2\LOCALS~1\Temp\iMSPQMn.sys -- (iMSPQMn)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012.07.31 17:05:34 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\58205290.sys -- (58205290)
DRV - [2012.07.03 18:21:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.07.03 18:21:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.07.03 18:21:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.07.03 18:21:53 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.07.03 18:21:53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012.07.03 18:21:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.07.03 18:21:52 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.06.21 15:29:14 | 000,526,640 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (Vsdatant)
DRV - [2012.06.05 16:33:00 | 000,158,552 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxDrv.sys -- (VBoxDrv)
DRV - [2012.06.05 16:33:00 | 000,116,056 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - [2012.06.05 16:33:00 | 000,104,792 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2012.06.05 16:33:00 | 000,091,992 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon)
DRV - [2012.06.05 16:33:00 | 000,082,776 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VBoxUSB.sys -- (VBoxUSB)
DRV - [2012.05.29 17:40:29 | 000,565,552 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2012.04.30 21:05:40 | 000,027,016 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2011.12.12 20:31:38 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | Disabled | Stopped] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2011.03.16 11:43:00 | 000,025,008 | ---- | M] (Bongiovi Acoustics) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\digitalpower.sys -- (digitalpower)
DRV - [2011.01.21 14:52:18 | 000,381,032 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Uim_IM.sys -- (Uim_IM)
DRV - [2011.01.21 14:52:18 | 000,057,112 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\hotcore3.sys -- (hotcore3)
DRV - [2011.01.21 14:52:18 | 000,040,824 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\UimBus.sys -- (UimBus)
DRV - [2011.01.19 18:06:47 | 000,436,792 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010.11.09 15:35:30 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz135_x32.sys -- (cpuz135)
DRV - [2010.11.01 06:08:46 | 000,014,416 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys -- (WinRing0_1_2_0)
DRV - [2010.07.04 21:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2010.07.02 12:08:32 | 000,384,752 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SRS_HDAL_i386.sys -- (SRS_HDAL_Service)
DRV - [2010.01.21 01:59:58 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2010.01.21 01:59:56 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2010.01.21 01:59:56 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2010.01.11 13:28:35 | 004,800,000 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2010.01.11 12:49:40 | 000,039,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e)
DRV - [2009.11.25 05:50:16 | 004,463,104 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009.09.29 08:11:22 | 000,012,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtport.sys -- (LgBttPort)
DRV - [2009.09.29 08:11:20 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgvmodem.sys -- (LGVMODEM)
DRV - [2009.09.29 08:11:20 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtbus.sys -- (lgbusenum)
DRV - [2009.02.09 04:30:00 | 000,152,616 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mv61xx.sys -- (mv61xx)
DRV - [2008.11.12 08:52:36 | 000,018,984 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mrdd.sys -- (mrdd)
DRV - [2007.04.24 11:33:46 | 000,100,488 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125mgmt.sys -- (s125mgmt)
DRV - [2007.04.24 11:33:46 | 000,098,696 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125obex.sys -- (s125obex)
DRV - [2007.04.24 11:33:44 | 000,108,680 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125mdm.sys -- (s125mdm)
DRV - [2007.04.24 11:33:42 | 000,015,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125mdfl.sys -- (s125mdfl)
DRV - [2007.04.24 11:33:34 | 000,083,336 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125bus.sys -- (s125bus)
DRV - [2007.01.12 20:09:53 | 000,082,296 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfvfs02.sys -- (sfvfs02)
DRV - [2006.07.10 18:19:58 | 000,027,032 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfsync02.sys -- (sfsync02)
DRV - [2006.07.05 14:46:06 | 000,063,352 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01a.sys -- (sfdrv01a)
DRV - [2006.06.14 16:56:56 | 000,013,680 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02)
DRV - [2006.03.26 14:22:14 | 000,051,200 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01)
DRV - [2006.03.24 18:27:01 | 000,050,176 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfsync04.sys -- (sfsync04)
DRV - [2004.11.25 18:36:06 | 000,077,248 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.11.25 18:32:01 | 000,054,368 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004.07.19 16:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\prosync1.sys -- (prosync1)
DRV - [2003.12.01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {293CA13F-FA15-41A3-94C5-4EB958E94BED}
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes\{293CA13F-FA15-41A3-94C5-4EB958E94BED}: "URL" = http://www.webhledani.cz/results.aspx?i ... earchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {293CA13F-FA15-41A3-94C5-4EB958E94BED}
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\S-1-5-18\..\SearchScopes\{293CA13F-FA15-41A3-94C5-4EB958E94BED}: "URL" = http://www.webhledani.cz/results.aspx?i ... earchTerms}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-839522115-562591055-2146989891-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-839522115-562591055-2146989891-1003\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-21-839522115-562591055-2146989891-1003\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-839522115-562591055-2146989891-1003\..\SearchScopes\{013C9994-ABAE-472F-B742-8AF73D4451BE}: "URL" = http://www.webhledani.cz/results.aspx?i ... earchTerms}
IE - HKU\S-1-5-21-839522115-562591055-2146989891-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\S-1-5-21-839522115-562591055-2146989891-1003\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={D12D ... 2011-09-22 16:43:12&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-839522115-562591055-2146989891-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@parallelgraphics.com/Cortona: C:\Program Files\Common Files\ParallelGraphics\Cortona\npCortona.dll (ParallelGraphics)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.5.109: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.5.109: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.5.109: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.5.109: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.5.109: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: C:\Program Files\OnLive\Plugin\npolgdet.dll (OnLive)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Data aplikací\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Data aplikací\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.07.13 13:22:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2012.06.29 19:45:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.07.13 13:22:25 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\18.0.1025.151\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\18.0.1025.151\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\NPAPIFlash\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Disabled) = C:\Documents and Settings\All Users.WINDOWS\Data aplikac\u00ED\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Disabled) = C:\Documents and Settings\All Users.WINDOWS\Data aplikac\u00ED\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprpplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Data aplikac\u00ED\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: npFFApi (Enabled) = C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
CHR - plugin: Cortona3D Viewer (Enabled) = C:\Program Files\Common Files\ParallelGraphics\Cortona\npCortona.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
CHR - plugin: DivX\u00AE Web Player (Enabled) = C:\Program Files\DivX\DivX Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Java(TM) Platform SE 6 U32 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.320.5 (Enabled) = C:\WINDOWS\system32\npdeployJava1.dll
CHR - plugin: OnLive Game Client Detector (Enabled) = C:\Program Files\OnLive\Plugin\npolgdet.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: RealJukebox NS Plugin (Disabled) = c:\program files\real\realplayer\Netscape6\nprjplug.dll
CHR - Extension: WOT = C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.3.0_0\
CHR - Extension: YouTube = C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Adblock Plus for Google Chrome\u2122 (Beta) = C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.1.3_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AT_Porsche = C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gkclphmapdcppbmekmbkcjfanpmoidpg\3_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Gmail = C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2001.10.25 16:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HistoryTriggerBHO Class) - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll (LG Electronics)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-839522115-562591055-2146989891-1003\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-839522115-562591055-2146989891-1003\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O3 - HKU\S-1-5-21-839522115-562591055-2146989891-1003\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-21-839522115-562591055-2146989891-1003..\Run: [EPSON SX110 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFBE.EXE (SEIKO EPSON CORPORATION)
O4 - Startup: C:\Documents and Settings\X.X-28ADCEE8E7F34\Nabídka Start\Programy\Po spuštění\_uninst_.lnk = C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Temp\_uninst_.bat ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-839522115-562591055-2146989891-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} http://kitchenplanner.ikea.com/CZ/Core/ ... _Win32.cab (20-20 3D Viewer)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 0991837125 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{17BDEFE0-E460-48F1-85D9-F416A13F7E63}: NameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.11.04 08:58:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2002.10.08 02:07:28 | 000,000,112 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{e4821445-5ac2-11e0-bad0-e86731f244ef}\Shell - "" = AutoRun
O33 - MountPoints2\{e4821445-5ac2-11e0-bad0-e86731f244ef}\Shell\AutoRun\command - "" = G:\LGAutoRun.exe
O33 - MountPoints2\{e6971705-9415-11e0-96c9-ebcc2803af15}\Shell - "" = AutoRun
O33 - MountPoints2\{e6971705-9415-11e0-96c9-ebcc2803af15}\Shell\AutoRun\command - "" = F:\SETUP.EXE -- [2002.10.08 02:35:23 | 001,020,000 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{e6971705-9415-11e0-96c9-ebcc2803af15}\Shell\setup\command - "" = F:\SETUP.EXE -- [2002.10.08 02:35:23 | 001,020,000 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{f9692c86-015a-11e0-915c-a0c258fb7d2c}\Shell\AutoRun\command - "" = F:\__DT\DT.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (OODBS)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.divxa32 - C:\WINDOWS\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\WINDOWS\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: VIDC.HFYU - C:\WINDOWS\System32\huffyuv.dll (Disappearing Inc.)
Drivers32: vidc.i263 - C:\WINDOWS\System32\I263_32.drv (Intel Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\IR41_32.DLL (Intel(R) Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.LAGS - C:\WINDOWS\System32\lagarith.dll ( )
Drivers32: VIDC.VP60 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP61 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP62 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP70 - C:\WINDOWS\System32\vp7vfw.dll (On2.com)
Drivers32: VIDC.X264 - C:\WINDOWS\System32\x264vfw.dll ()
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012.08.01 13:06:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Plocha\Plocha
[2012.08.01 13:05:41 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Plocha\OTL.exe
[2012.07.31 17:31:50 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2012.07.31 17:30:56 | 000,133,208 | ---- | C] (Kaspersky Lab ZAO) -- C:\WINDOWS\System32\drivers\58205290.sys
[2012.07.31 17:19:29 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Recent
[2012.07.31 16:47:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Bongiovi Acoustics
[2012.07.31 16:46:59 | 000,025,008 | ---- | C] (Bongiovi Acoustics) -- C:\WINDOWS\System32\drivers\digitalpower.sys
[2012.07.31 16:46:59 | 000,000,000 | ---D | C] -- C:\Program Files\Bongiovi Acoustics
[2012.07.31 16:46:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Bongiovi Acoustics
[2012.07.28 19:20:03 | 000,353,688 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012.07.28 19:20:03 | 000,021,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012.07.28 19:20:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\avast! Free Antivirus
[2012.07.28 19:20:01 | 000,054,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012.07.28 19:20:01 | 000,035,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012.07.28 19:20:00 | 000,721,000 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012.07.28 19:19:59 | 000,097,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012.07.28 19:19:59 | 000,089,624 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012.07.28 19:19:58 | 000,025,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012.07.28 19:19:41 | 000,041,224 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012.07.28 19:19:40 | 000,227,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012.07.28 19:19:28 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012.07.28 19:19:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVAST Software
[2012.07.28 18:34:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Dokumenty\OnLive App
[2012.07.28 18:34:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\OnLive App
[2012.07.28 18:34:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\OnLive
[2012.07.28 18:33:40 | 000,000,000 | ---D | C] -- C:\Program Files\OnLive
[2012.07.19 15:58:46 | 000,644,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCT2.OCX
[2012.07.19 15:58:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Google SketchUp 6
[2012.07.18 13:52:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\com.goplayalong.41DF8ADAAE31CA841C48A6C358D6E3DCCEC38798.1
[2012.07.18 13:52:31 | 000,000,000 | ---D | C] -- C:\Program Files\Go PlayAlong
[2012.07.18 13:52:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2012.07.17 15:38:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\Papa-Roach-2010-To-Be-Loved-The-Best-of-Papa-Roach(Alternative-Metal)
[2012.07.17 15:38:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\Joe-Satriani-&-Chickenfoot---Chickenfoot-2009
[2012.07.17 15:38:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\Jimmy-Eat-World---Invented-(2010)
[2012.07.17 15:37:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\The-Soundtrack-Of-Our-Lives---Throw-It-To-The-Universe-(2012)
[2012.07.17 15:37:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\The-Bravery--The-Sun-and-the-Moon-Complete-[2008]-320kbps
[2012.07.17 15:34:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\Slash---Apocalyptic-Love-2012-HQ
[2012.07.14 18:34:11 | 000,000,000 | ---D | C] -- C:\Program Files\CheatEngine
[2012.07.14 18:20:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Dokumenty\My Cheat Tables
[2012.07.13 13:22:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2012.07.13 13:22:15 | 000,198,864 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2012.07.13 13:22:04 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2012.07.13 13:22:04 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2012.07.13 13:22:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\RealNetworks
[2012.07.12 17:09:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Dokumenty\Need for Speed World
[2012.07.12 14:28:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Need for Speed World
[2012.07.11 17:41:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Data aplikací\Electronic_Arts_Inc
[2012.07.11 17:41:15 | 000,000,000 | ---D | C] -- C:\Program Files\Need For Speed World
[2012.07.11 17:41:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Need For Speed World
[2012.07.09 17:31:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Game Booster 3
[2012.07.09 17:31:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\IObit
[2012.07.09 17:31:20 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2012.07.09 16:12:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\Recuva
[2012.07.09 16:10:56 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2012.07.09 16:10:17 | 002,568,952 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\rcsetup142.exe
[2012.07.09 16:02:27 | 000,000,000 | ---D | C] -- C:\Program Files\LFS
[2012.07.03 21:18:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Data aplikací\Opera
[2012.07.03 21:18:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Opera
[2012.07.03 21:18:21 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2012.07.03 20:53:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Nabídka Start\Programy\Oovee
[2012.07.03 20:53:01 | 000,000,000 | ---D | C] -- C:\Program Files\Oovee
[2012.07.03 20:47:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Plocha\SpinTiresInstall (1)
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.08.01 13:10:08 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.08.01 13:06:48 | 000,000,458 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D0C61DA6-54E3-4657-8A92-9109632E5E8C}.job
[2012.08.01 13:05:41 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Plocha\OTL.exe
[2012.08.01 13:03:09 | 000,000,306 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012.08.01 13:02:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.08.01 13:02:11 | 000,258,862 | ---- | M] () -- C:\WINDOWS\System32\oodbs.lor
[2012.07.31 18:00:35 | 000,000,812 | ---- | M] () -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Nabídka Start\Programy\Po spuštění\_uninst_.lnk
[2012.07.31 17:51:41 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Dokumenty\RSIT.exe
[2012.07.31 17:31:45 | 000,297,256 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.07.31 17:05:34 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) -- C:\WINDOWS\System32\drivers\58205290.sys
[2012.07.30 18:06:55 | 000,000,028 | ---- | M] () -- C:\WINDOWS\Robota.INI
[2012.07.28 19:19:59 | 000,002,552 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.07.28 15:55:02 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.07.17 11:39:36 | 107,965,764 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\running-wild-shadowmaker-2012-peko.rar
[2012.07.17 11:09:23 | 134,923,102 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\accept-stalingrad-2012-cover-peko.rar
[2012.07.16 15:03:53 | 000,135,168 | ---- | M] () -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.07.13 13:22:15 | 000,198,864 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2012.07.13 13:22:04 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2012.07.13 13:22:04 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2012.07.13 13:22:02 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2012.07.09 16:10:16 | 002,568,952 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\rcsetup142.exe
[2012.07.03 22:01:53 | 000,001,025 | ---- | M] () -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Plocha\Linux Mint.lnk
[2012.07.03 21:18:27 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\Opera.lnk
[2012.07.03 19:38:07 | 000,497,052 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.07.03 19:38:07 | 000,492,296 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2012.07.03 19:38:07 | 000,099,726 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2012.07.03 19:38:07 | 000,085,536 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.07.03 18:21:54 | 000,054,232 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012.07.03 18:21:53 | 000,721,000 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012.07.03 18:21:53 | 000,353,688 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012.07.03 18:21:53 | 000,097,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012.07.03 18:21:53 | 000,089,624 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012.07.03 18:21:53 | 000,035,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012.07.03 18:21:53 | 000,021,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012.07.03 18:21:52 | 000,025,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012.07.03 18:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012.07.03 18:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[Matadorik]

Zbytek logu



========== Files Created - No Company Name ==========

[2012.08.01 13:10:08 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.07.31 17:51:45 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Dokumenty\RSIT.exe
[2012.07.31 17:34:11 | 000,000,812 | ---- | C] () -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Nabídka Start\Programy\Po spuštění\_uninst_.lnk
[2012.07.31 17:31:45 | 000,297,256 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.07.30 18:06:55 | 000,000,028 | ---- | C] () -- C:\WINDOWS\Robota.INI
[2012.07.28 19:38:22 | 000,002,359 | ---- | C] () -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Plocha\Google Chrome.lnk
[2012.07.28 19:19:59 | 000,000,306 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012.07.18 13:52:31 | 000,000,676 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Go PlayAlong.lnk
[2012.07.17 11:33:11 | 107,965,764 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\running-wild-shadowmaker-2012-peko.rar
[2012.07.17 11:01:49 | 134,923,102 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\accept-stalingrad-2012-cover-peko.rar
[2012.07.03 22:01:53 | 000,001,025 | ---- | C] () -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Plocha\Linux Mint.lnk
[2012.07.03 21:18:27 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Opera.lnk
[2012.07.03 21:18:27 | 000,001,492 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\Opera.lnk
[2012.05.29 17:43:11 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Data aplikací\WebpageIcons.db
[2012.05.29 17:42:11 | 000,115,369 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2012.05.29 17:42:11 | 000,097,961 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2012.04.08 18:58:37 | 000,003,467 | ---- | C] () -- C:\Documents and Settings\X.X-28ADCEE8E7F34\.recently-used.xbel
[2012.03.27 18:06:25 | 000,000,105 | ---- | C] () -- C:\Documents and Settings\X.X-28ADCEE8E7F34\.gtk-bookmarks
[2012.01.24 22:15:07 | 000,068,868 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2011.05.22 16:48:47 | 000,000,042 | ---- | C] () -- C:\WINDOWS\oodjobd.INI
[2011.05.13 18:39:09 | 000,003,541 | ---- | C] () -- C:\WINDOWS\im32st.dat
[2011.02.22 21:39:04 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011.02.22 21:37:30 | 000,650,752 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011.02.09 16:48:14 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2011.01.23 11:53:10 | 000,384,752 | R--- | C] () -- C:\WINDOWS\System32\drivers\SRS_HDAL_i386.sys
[2010.12.18 18:01:33 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.12.18 18:01:32 | 000,607,744 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2010.12.18 18:01:32 | 000,121,344 | ---- | C] ( ) -- C:\WINDOWS\System32\lagarith.dll
[2010.12.18 18:01:31 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.12.17 20:06:15 | 000,000,083 | ---- | C] () -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Data aplikací\X-Plane Installer.prf
[2010.10.16 14:04:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2010.10.16 13:38:41 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2010.10.16 13:38:41 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2010.10.16 13:38:41 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2010.10.16 13:38:41 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2010.10.16 13:38:41 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2010.10.16 13:38:41 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2010.10.16 13:38:41 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2010.10.16 13:38:41 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2010.10.16 13:38:41 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2010.10.16 13:38:41 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2010.10.16 13:38:41 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2010.10.16 13:38:41 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2010.10.16 13:38:41 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2010.10.16 13:38:41 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2010.10.16 13:38:41 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2010.10.16 13:38:41 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2010.10.16 13:38:41 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2010.10.16 13:38:41 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2010.10.16 13:38:41 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2010.10.05 01:59:32 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\StarOpen.sys
[2010.08.29 17:42:56 | 000,000,765 | ---- | C] () -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Default.SystemConfig.Gbx
[2010.01.23 18:44:19 | 000,135,168 | ---- | C] () -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== LOP Check ==========

[2012.07.31 18:09:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Opera
[2009.11.04 15:17:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\avg9
[2012.07.28 19:19:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVAST Software
[2012.06.29 19:19:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVG2012
[2010.10.29 10:39:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\avg9
[2012.07.31 16:46:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Bongiovi Acoustics
[2012.06.29 18:49:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\CheckPoint
[2010.10.29 10:43:14 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Common Files
[2011.01.23 12:05:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\DFX
[2010.10.16 13:49:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\EPSON
[2012.07.09 17:31:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\IObit
[2012.05.07 10:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\launcher
[2012.07.01 16:51:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\MAGIX
[2012.05.29 17:38:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\MFAData
[2011.03.30 19:38:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Teleca
[2010.12.26 13:48:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Temp
[2010.10.16 18:22:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Test Drive Unlimited
[2010.08.10 20:41:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TmForever
[2012.01.03 20:06:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TuneUp Software
[2010.10.16 13:44:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\UDL
[2012.01.03 20:05:18 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.01.24 22:14:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011.05.28 16:07:26 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2012.01.10 20:15:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService.NT AUTHORITY\Data aplikací\TuneUp Software
[2009.12.21 09:32:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X\Data aplikací\Gaijin Ent
[2010.01.06 11:00:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X\Data aplikací\Opera
[2010.11.20 20:32:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\AnvSoft
[2010.10.29 14:04:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\AVG
[2011.08.31 10:00:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\AVI ReComp
[2011.01.27 12:18:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Azureus
[2011.12.25 17:57:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Canon
[2012.06.29 19:27:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\CheckPoint
[2012.07.18 13:52:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\com.goplayalong.41DF8ADAAE31CA841C48A6C358D6E3DCCEC38798.1
[2011.09.11 19:42:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Epson
[2010.11.03 20:15:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\GetRightToGo
[2012.03.27 18:09:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\gtk-2.0
[2012.04.09 16:06:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\MAGIX
[2011.03.31 18:28:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\ML
[2012.07.12 14:28:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Need for Speed World
[2012.07.28 18:34:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\OnLive App
[2011.11.30 18:02:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\openBVE
[2012.07.03 21:18:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Opera
[2012.02.10 18:46:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\SanDisk
[2011.12.26 19:15:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\SoundSpectrum
[2012.01.11 18:43:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\SpinTires
[2011.03.30 19:46:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Teleca
[2011.09.01 13:49:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\TightVNC
[2012.01.03 20:06:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\TuneUp Software
[2010.11.18 17:13:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Video DVD Maker FREE
[2011.01.17 18:40:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\VitySoft
[2010.11.21 17:07:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Xilisoft
[2012.08.01 13:03:09 | 000,000,306 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2012.08.01 13:06:48 | 000,000,458 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{D0C61DA6-54E3-4657-8A92-9109632E5E8C}.job

========== Purity Check ==========



========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"EPSON SX110 Series" = C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFBE.EXE /FU "C:\DOCUME~1\XE118~1.X-2\LOCALS~1\Temp\E_S53.tmp" /EF "HKCU" -- [2008.09.27 02:00:00 | 000,199,680 | ---- | M] (SEIKO EPSON CORPORATION)

< >

< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2001.08.17 23:58:00 | 000,025,472 | ---- | M] (Microsoft Corporation) MD5=65880045C51AA36184841CEE915A61DF -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\I386\AGP440.SYS

< MD5 for: ATAPI.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2002.08.16 12:31:24 | 000,087,168 | ---- | M] (Microsoft Corporation) MD5=930E83709B1F3104D595EEDE457124A4 -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\I386\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\system32\DRIVERS\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0029\DriverFiles\i386\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0030\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2001.10.25 08:00:00 | 000,578,048 | ---- | M] (Microsoft Corporation) MD5=6EBB26DD0E33C0426FB4A316418E67FC -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\I386\AUTOCHK.EXE
[2008.04.14 09:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 09:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 01:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.14 01:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[2001.10.25 08:00:00 | 000,047,488 | ---- | M] (Microsoft Corporation) MD5=CB762E814F602229A574F4D78D3D6A30 -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\I386\CDROM.SYS

< MD5 for: CRYPTSVC.DLL >
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2001.10.25 08:00:00 | 000,051,200 | ---- | M] (Microsoft Corporation) MD5=849D84F975D682B333AF158B8ABFD221 -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\I386\CRYPTSVC.DLL
[2008.04.14 09:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 09:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: CSRSS.EXE >
[2004.08.17 15:49:24 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=490E6E57E54FAF5F23F658EA188405A1 -- C:\WINDOWS\$NtServicePackUninstall$\csrss.exe
[2008.04.14 09:52:18 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\ServicePackFiles\i386\csrss.exe
[2008.04.14 09:52:18 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\system32\csrss.exe
[2001.10.25 08:00:00 | 000,004,096 | ---- | M] (Microsoft Corporation) MD5=E5C52921CC7B099CEA19C53E31F4AB0E -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\I386\CSRSS.EXE

< MD5 for: EVENTLOG.DLL >
[2008.04.14 09:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 09:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2001.10.25 08:00:00 | 000,047,616 | ---- | M] (Microsoft Corporation) MD5=8DAEFE31BA545A98E07A976F7435CC5B -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\I386\EVENTLOG.DLL

< MD5 for: EXPLORER.EXE >
[2008.04.14 09:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 09:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2008.04.29 17:42:08 | 000,090,624 | ---- | M] () MD5=FBB39A4487E11F64DCFFD36AEC2D2216 -- C:\Program Files\CheckPoint\ZAForceField\Heuristics\explorer.exe

< MD5 for: FASTFAT.SYS >
[2004.08.03 23:14:18 | 000,143,360 | ---- | M] (Microsoft Corporation) MD5=3117F595E9615E04F05A54FC15A03B20 -- C:\WINDOWS\$NtServicePackUninstall$\fastfat.sys
[2008.04.14 01:44:30 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\ServicePackFiles\i386\fastfat.sys
[2008.04.14 01:44:30 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\system32\drivers\fastfat.sys
[2001.10.25 08:00:00 | 000,144,768 | ---- | M] (Microsoft Corporation) MD5=998BBF32A142910B5E539DF4225DF892 -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\I386\FASTFAT.SYS

< MD5 for: HAL.DLL >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2001.10.25 08:00:00 | 000,078,464 | ---- | M] (Microsoft Corporation) MD5=254916581AC499E53EE700E7E5B9E5B5 -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\I386\HAL.DLL
[2008.04.14 01:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.14 01:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.03 22:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.14 01:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.24 13:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\I386\ISAPNP.SYS
[2001.10.25 16:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 08:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 08:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2008.04.14 08:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
[2008.04.14 08:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\system32\DRIVERS\isapnp.sys
[2008.04.14 08:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\ReinstallBackups\0028\DriverFiles\i386\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 09:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 09:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
[2001.10.25 08:00:00 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=F80A83B21434C30A788EB8991E6A61ED -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\I386\LSASS.EXE

< MD5 for: MV61XX.SYS >
[2009.02.09 04:30:00 | 000,152,616 | ---- | M] (Marvell Semiconductor, Inc.) MD5=4678BAC36F9CE8C633EEDD0CA1F569BF -- C:\Program Files\Marvell\61xx\driver\mv61xx.sys
[2009.02.09 04:30:00 | 000,152,616 | ---- | M] (Marvell Semiconductor, Inc.) MD5=4678BAC36F9CE8C633EEDD0CA1F569BF -- C:\WINDOWS\system32\drivers\mv61xx.sys

< MD5 for: NDIS.SYS >
[2008.04.14 01:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.14 01:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2001.10.25 08:00:00 | 000,161,536 | ---- | M] (Microsoft Corporation) MD5=3EFD4F59BA0A340DE0A3AB984001DBF7 -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\I386\NDIS.SYS
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2001.10.25 08:00:00 | 000,397,824 | ---- | M] (Microsoft Corporation) MD5=606FAB9689DA902468D0D150B90D93A9 -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\I386\NETLOGON.DLL
[2008.04.14 09:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 09:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: NTFS.SYS >
[2008.04.14 01:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\ServicePackFiles\i386\ntfs.sys
[2008.04.14 01:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys
[2004.08.03 23:15:10 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\WINDOWS\$NtServicePackUninstall$\ntfs.sys
[2002.01.30 16:58:54 | 000,516,480 | ---- | M] (Microsoft Corporation) MD5=E57AD09522176A8F7D8081B2FA3C4881 -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\I386\ntfs.sys

< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 09:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 09:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
[2001.10.25 08:00:00 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=88CA7CD14736FAC776C2F0EAC14CC269 -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\I386\SCECLI.DLL

< MD5 for: SERVICES.EXE >
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2004.08.17 15:49:28 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 09:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
[2001.10.25 08:00:00 | 000,101,376 | ---- | M] (Microsoft Corporation) MD5=F4D2C4AF666E0224E961AA744A1B47E3 -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\I386\SERVICES.EXE

< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 09:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 09:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
[2001.10.25 08:00:00 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=ED12D92A7B26E99E3A5BF4B043F7314E -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\I386\SMSS.EXE

< MD5 for: SPOOLSV.EXE >
[2004.08.17 15:49:28 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=21B6FAA88044A41640E03EBB68BE93E8 -- C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe
[2010.08.17 15:19:36 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=258DD5D4283FD9F9A7166BE9AE45CE73 -- C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[2010.08.17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\dllcache\spoolsv.exe
[2010.08.17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\spoolsv.exe
[2008.04.14 09:52:50 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\WINDOWS\$NtUninstallKB2347290$\spoolsv.exe
[2008.04.14 09:52:50 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe
[2001.10.25 08:00:00 | 000,051,200 | ---- | M] (Microsoft Corporation) MD5=FBD651B9CF8F5297F86961843D6F1BAB -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\I386\SPOOLSV.EXE

< MD5 for: SVCHOST.EXE >
[2001.10.25 08:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=329945887A0C684C38A4845330BC9100 -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\I386\SVCHOST.EXE
[2012.07.03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008.04.14 09:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 09:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2008.07.01 15:17:12 | 000,090,624 | ---- | M] () MD5=FBB39A4487E11F64DCFFD36AEC2D2216 -- C:\Program Files\CheckPoint\ZAForceField\Heuristics\svchost.exe

< MD5 for: SYMMPI.SYS >
[2011.01.21 14:52:20 | 000,106,880 | ---- | M] (LSI Corporation) MD5=05CFC382170A709F931E41620677097A -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\DELL\Documents and Settings\Administrator\Program Files\Paragon Software\Backup and Recovery 2011 Advanced Free\program\symmpi_xp_x86\symmpi.sys
[2011.01.21 14:52:20 | 000,106,880 | ---- | M] (LSI Corporation) MD5=05CFC382170A709F931E41620677097A -- C:\Program Files\Paragon Software\Backup and Recovery 2011 Advanced Free\program\symmpi_xp_x86\symmpi.sys

< MD5 for: TCPIP.SYS >
[2008.04.14 01:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2001.10.25 08:00:00 | 000,327,168 | ---- | M] (Microsoft Corporation) MD5=E7774698BB0D14B0710A9A31E209F9B6 -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\I386\TCPIP.SYS

< MD5 for: USERINIT.EXE >
[2008.04.14 09:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 09:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2001.10.25 08:00:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=95C5E6E59DF2B91E8A5CD181B1C96174 -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\I386\USERINIT.EXE

< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2002.02.21 13:47:04 | 000,429,056 | ---- | M] (Microsoft Corporation) MD5=7DD2FC9E25CA954205349F2C98F363E8 -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\I386\winlogon.exe
[2012.07.03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 09:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 09:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
[2008.07.01 15:17:12 | 000,090,624 | ---- | M] () MD5=FBB39A4487E11F64DCFFD36AEC2D2216 -- C:\Program Files\CheckPoint\ZAForceField\Heuristics\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2001.10.25 08:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=748494B94A871A828C64D1D5C738D2B7 -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\I386\WS2_32.DLL
[2008.04.14 09:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 09:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
[2007.10.02 18:21:30 | 000,004,608 | ---- | M] () MD5=F9D3D91101D7E187F83EC8BCFFB9EF71 -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\DELL\Documents and Settings\Administrator\Program Files\D-Fend Reloaded\VirtualHD\FREEDOS\WS2_32.DLL
[2007.10.02 18:21:30 | 000,004,608 | ---- | M] () MD5=F9D3D91101D7E187F83EC8BCFFB9EF71 -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\D-FendReloadedPortable\App\VirtualHD\FREEDOS\WS2_32.DLL
[2007.10.02 18:21:30 | 000,004,608 | ---- | M] () MD5=F9D3D91101D7E187F83EC8BCFFB9EF71 -- C:\Program Files\D-FendReloadedPortable\App\VirtualHD\FREEDOS\WS2_32.DLL

< >

< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2008.07.06 14:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2007.04.09 13:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2008.07.06 14:06:10 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\x64\filterpipelineprintproc.dll

< %systemroot%\system32\drivers\*.sys /5 >
[2012.07.31 17:05:34 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) -- C:\WINDOWS\system32\drivers\58205290.sys

< %systemroot%\system32\drivers\*.sys /X >
[2008.04.14 09:51:38 | 000,004,255 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv01nt5.dll
[2008.04.14 09:51:38 | 000,003,967 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv02nt5.dll
[2008.04.14 09:51:38 | 000,003,615 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv05nt5.dll
[2008.04.14 09:51:38 | 000,003,647 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv07nt5.dll
[2008.04.14 09:51:38 | 000,003,135 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv08nt5.dll
[2008.04.14 09:51:38 | 000,003,711 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv09nt5.dll
[2008.04.14 09:51:38 | 000,003,775 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv11nt5.dll
[2009.11.25 04:18:14 | 000,053,248 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2erec.dll
[2006.12.29 21:21:08 | 000,064,352 | ---- | M] () -- C:\WINDOWS\system32\drivers\ativmc20.cod
[2008.04.14 09:51:38 | 000,021,183 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv01nt5.dll
[2008.04.14 09:51:38 | 000,011,359 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv02nt5.dll
[2008.04.14 09:51:38 | 000,025,471 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv04nt5.dll
[2008.04.14 09:51:38 | 000,014,143 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv06nt5.dll
[2008.04.14 09:51:38 | 000,017,279 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv10nt5.dll
[2012.01.21 20:43:09 | 000,001,461 | ---- | M] () -- C:\WINDOWS\system32\drivers\camcodec.inf
[2008.04.14 09:51:40 | 000,015,423 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
[2007.04.02 22:36:04 | 000,129,045 | ---- | M] () -- C:\WINDOWS\system32\drivers\cxthsfs2.cty
[2001.10.25 16:00:00 | 003,440,660 | ---- | M] () -- C:\WINDOWS\system32\drivers\gm.dls
[2001.10.25 16:00:00 | 000,000,646 | ---- | M] () -- C:\WINDOWS\system32\drivers\gmreadme.txt
[2012.06.29 17:53:42 | 000,097,961 | ---- | M] () -- C:\WINDOWS\system32\drivers\klick.dat
[2012.06.29 17:53:42 | 000,115,369 | ---- | M] () -- C:\WINDOWS\system32\drivers\klin.dat
[2011.04.26 12:38:05 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2011.04.26 12:38:07 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\system32\drivers\Msft_Kernel_point32_01009.Wdf
[2006.12.29 21:02:50 | 000,067,866 | ---- | M] () -- C:\WINDOWS\system32\drivers\netwlan5.img
[2008.04.14 09:51:56 | 000,003,901 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\siint5.dll
[2008.04.14 09:52:06 | 000,011,325 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\vchnt5.dll

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2011.01.19 18:06:47 | 000,436,792 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\system32\*.* /5 >
[2012.07.28 19:19:59 | 000,002,552 | ---- | M] () -- C:\WINDOWS\system32\CONFIG.NT
[2012.07.31 17:31:45 | 000,297,256 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2012.08.01 13:02:11 | 000,258,862 | ---- | M] () -- C:\WINDOWS\system32\oodbs.lor
[2012.07.28 15:55:02 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\config\*.sav >
[2010.01.11 11:40:31 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010.01.11 11:40:31 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010.01.11 11:40:31 | 000,491,520 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\*.* /U /s >
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[128 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]

< %systemroot%\*. /mp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >
[2010.01.11 11:43:57 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\desktop.ini

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >
[2009.02.04 14:56:14 | 000,075,112 | ---- | M] (GEAR Software, Inc.) -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DifXInstall32.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\Adobe\ARM\Reader_10.0.1\9884\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\Adobe\ARM\Reader_10.0.1\9884\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\Adobe\ARM\Reader_10.0.1\9884\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\Adobe\ARM\Reader_10.0.1\9884\ReaderUpdater.exe
[2012.01.18 19:49:26 | 000,073,584 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\Apple Computer\Installer Cache\iTunes 10.5.3.3\SetupAdmin.exe
[2007.01.12 00:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\EPSON\EPW!3 SSRP\E_S40RP7.EXE
[2007.12.18 00:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\EPSON\EPW!3 SSRP\E_S40ST7.EXE
[2012.07.13 19:07:28 | 010,652,120 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
[2011.09.08 15:15:34 | 005,587,808 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\MFAData\SelfUpd\avgmfapx.exe
[2011.09.22 16:37:41 | 000,598,368 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\MFAData\SelfUpd\avgntdumpx.exe
[2011.08.02 06:08:56 | 000,247,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\MFAData\SelfUpd\avgrunasx.exe
[2010.01.23 17:51:14 | 000,036,864 | ---- | M] ( ) -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\Temp\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\PostBuild.exe
[2010.01.23 17:56:59 | 000,053,319 | ---- | M] ( ) -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\Temp\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\PostBuild.exe
[2010.01.23 17:45:46 | 000,053,319 | ---- | M] ( ) -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\Temp\{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}\PostBuild.exe

< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >

< %APPDATA%\*. >
[2012.07.18 13:50:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Adobe
[2010.01.12 21:20:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\AdobeUM
[2010.11.20 20:32:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\AnvSoft
[2012.01.24 22:14:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Apple Computer
[2010.01.11 15:27:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\ATI
[2010.10.29 14:04:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\AVG
[2011.08.31 10:00:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\AVI ReComp
[2011.01.27 12:18:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Azureus
[2011.12.25 17:57:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Canon
[2012.06.29 19:27:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\CheckPoint
[2012.07.18 13:52:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\com.goplayalong.41DF8ADAAE31CA841C48A6C358D6E3DCCEC38798.1
[2010.01.23 18:32:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\CyberLink
[2010.01.23 19:23:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\DivX
[2011.09.11 19:42:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Epson
[2010.11.03 20:15:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\GetRightToGo
[2010.03.12 21:15:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Google
[2012.03.06 20:49:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\GRETECH
[2012.03.27 18:09:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\gtk-2.0
[2010.07.17 19:09:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Help
[2010.01.11 11:38:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Identities
[2010.12.26 18:22:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\InstallShield
[2010.01.11 13:17:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Macromedia
[2012.04.09 16:06:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\MAGIX
[2012.01.30 20:51:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Malwarebytes
[2012.03.11 12:02:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Media Player Classic
[2012.04.06 18:42:32 | 000,000,000 | --SD | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Microsoft
[2011.01.29 15:32:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Microsoft Games
[2011.03.31 18:28:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\ML
[2012.07.12 14:28:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Need for Speed World
[2010.01.23 18:26:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Nero
[2012.07.28 18:34:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\OnLive App
[2011.11.30 18:02:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\openBVE
[2012.07.03 21:18:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Opera
[2012.07.13 13:25:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Real
[2012.02.10 18:46:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\SanDisk
[2010.01.13 17:30:36 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\SecuROM
[2012.03.11 12:01:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Skype
[2012.02.25 13:44:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\SkypePM
[2011.03.30 19:38:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Sony Ericsson
[2011.12.26 19:15:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\SoundSpectrum
[2012.01.11 18:43:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\SpinTires
[2010.01.11 14:03:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Sun
[2011.03.30 19:46:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Teleca
[2011.09.01 13:49:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\TightVNC
[2012.01.03 20:06:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\TuneUp Software
[2011.09.01 13:59:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\UltraVNC
[2010.11.18 17:13:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Video DVD Maker FREE
[2011.01.17 18:40:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\VitySoft
[2012.07.29 13:39:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Winamp
[2010.11.21 17:07:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Xilisoft

< %APPDATA%\*.* >
[2010.01.11 11:43:57 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\desktop.ini

< %APPDATA%\*.exe /s >
[2010.12.04 19:06:31 | 000,310,208 | ---- | M] (Georgia Institute of Technology) -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Azureus\plugins\mlab\ShaperProbeC.exe
[2012.07.18 13:52:07 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2010.11.18 16:29:46 | 000,000,766 | R--- | M] () -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Microsoft\Installer\{69FDD4EA-9D68-11D5-8A28-005004D37F93}\Copy(2)ofweb.exe
[2010.11.18 16:29:46 | 000,000,766 | R--- | M] () -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Microsoft\Installer\{69FDD4EA-9D68-11D5-8A28-005004D37F93}\CopyofHelp.exe
[2010.11.18 16:29:46 | 000,002,238 | R--- | M] () -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Microsoft\Installer\{69FDD4EA-9D68-11D5-8A28-005004D37F93}\wolf3D.exe
[2010.01.11 13:54:22 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Microsoft\Installer\{A778A787-08A4-4089-CB68-02A9737DE532}\ARPPRODUCTICON.exe
[2011.12.07 16:16:58 | 000,049,152 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Microsoft\Installer\{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}\ARPPRODUCTICON.exe
[2012.07.03 20:53:14 | 000,009,662 | R--- | M] () -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Microsoft\Installer\{EA25A1D4-0CFB-4863-9B42-3E7EBD879644}\_6E6E357E7ADA5AFD179A16.exe
[2012.07.03 20:53:14 | 000,009,662 | R--- | M] () -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Microsoft\Installer\{EA25A1D4-0CFB-4863-9B42-3E7EBD879644}\_6FEFF9B68218417F98F549.exe
[2012.07.03 20:53:14 | 000,009,662 | R--- | M] () -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Microsoft\Installer\{EA25A1D4-0CFB-4863-9B42-3E7EBD879644}\_8C4881482354DBD8076130.exe
[2012.07.03 20:53:14 | 000,009,662 | R--- | M] () -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Microsoft\Installer\{EA25A1D4-0CFB-4863-9B42-3E7EBD879644}\_9F875DD90CE8D0248D6820.exe
[2012.06.29 19:25:32 | 000,315,544 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Real\Update\UpgradeHelper\RealPlayer\9.11\rnupgagent.exe
[2012.06.30 17:05:35 | 027,444,704 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Real\Update\UpgradeHelper\RealPlayer\9.11\stub_data\RealPlayer.exe
[2012.06.30 17:03:38 | 000,692,480 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Real\Update\UpgradeHelper\RealPlayer\9.11\stub_exe\RealPlayer.exe

< %SYSTEMDRIVE%\*.exe >

< >

< >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2012-06-29 19:05:38

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s >
"StateIndex" = 0

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemRoot%\System32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *\0OODBS\0\0

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.08.01 13:10:08 | 000,000,512 | ---- | M] () MD5=B33920D1290A5940827AE658E78F7497 -- C:\PhysicalMBR.bin

========== Alternate Data Streams ==========

@Alternate Data Stream - 6144 bytes -> C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Temp:0B4227B4

< End of report >

[Matadorik]

Extras


OTL Extras logfile created on: 1.8.2012 13:08:22 - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Documents and Settings\X.X-28ADCEE8E7F34\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,25 Gb Total Physical Memory | 2,62 Gb Available Physical Memory | 80,54% Memory free
5,09 Gb Paging File | 4,57 Gb Available in Paging File | 89,77% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 196,29 Gb Total Space | 33,08 Gb Free Space | 16,85% Space Free | Partition Type: NTFS
Drive D: | 651,93 Gb Total Space | 624,39 Gb Free Space | 95,78% Space Free | Partition Type: NTFS
Drive F: | 488,19 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: X-28ADCEE8E7F34 | User Name: X | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-839522115-562591055-2146989891-1003\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"5910:TCP" = 5910:TCP:*:Enabled:vnc5910

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\TrackMania Sunrise\TmSunrise.exe" = C:\Program Files\TrackMania Sunrise\TmSunrise.exe:*:Enabled:TmSunrise -- ()
"C:\Program Files\MotoGP2\motogp2.exe" = C:\Program Files\MotoGP2\motogp2.exe:*:Enabled:motogp2 -- ()
"C:\Program Files\TmNationsForever\TmForever.exe" = C:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever -- ()
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Ubi Soft\IL-2 Sturmovik Forgotten Battles\il2fb.exe" = C:\Program Files\Ubi Soft\IL-2 Sturmovik Forgotten Battles\il2fb.exe:*:Enabled:il2fb -- ()
"C:\Program Files\Codemasters\Heroes of the Pacific\Heroes.exe" = C:\Program Files\Codemasters\Heroes of the Pacific\Heroes.exe:*:Enabled:Heroes Of The Pacific -- ()
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Microsoft Games\Age of Empires II\empires2.exe" = C:\Program Files\Microsoft Games\Age of Empires II\empires2.exe:*:Enabled:Age of Empires II -- (Microsoft Corporation)
"C:\WINDOWS\system32\dpnsvr.exe" = C:\WINDOWS\system32\dpnsvr.exe:*:Disabled:Microsoft DirectPlay8 Server -- (Microsoft Corporation)
"D:\Program Files\Microsoft Games\Microsoft Flight Simulator X\fsx.exe" = D:\Program Files\Microsoft Games\Microsoft Flight Simulator X\fsx.exe:*:Enabled:Microsoft Flight Simulator®
"C:\Program Files\GameSpy Arcade\Aphex.exe" = C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade 1.4 -- (GameSpy Industries, Inc.)
"C:\Program Files\Java\jre1.6.0_06\launch4j-tmp\frd.exe" = C:\Program Files\Java\jre1.6.0_06\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"F:\SkypePortable\App\Skype\Phone\Skype.exe" = F:\SkypePortable\App\Skype\Phone\Skype.exe:*:Enabled:Skype
"F:\Program Files\PortableApps\SkypePortable\App\Skype\Phone\Skype.exe" = F:\Program Files\PortableApps\SkypePortable\App\Skype\Phone\Skype.exe:*:Enabled:Skype
"C:\Program Files\Railroad Tycoon 3\RT3.exe" = C:\Program Files\Railroad Tycoon 3\RT3.exe:*:Enabled:Railroad Tycoon 3 -- (PopTop Software, Inc.)
"C:\Program Files\Ubisoft\Silent Hunter 4 Wolves of the Pacific\sh4.exe" = C:\Program Files\Ubisoft\Silent Hunter 4 Wolves of the Pacific\sh4.exe:*:Enabled:Silent Hunter IV -- (Ubisoft)
"E:\EasySetupAssistant\wr741n\EasySetupAssistant.exe" = E:\EasySetupAssistant\wr741n\EasySetupAssistant.exe:*:Enabled:TP-LINK Easy Setup Assistant
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\Program Files\Microsoft Games\Age of Mythology\aom.exe" = C:\Program Files\Microsoft Games\Age of Mythology\aom.exe:*:Enabled:Age of Mythology -- (Ensemble Studios)
"C:\Program Files\Mockba to Berlin\M2B.exe" = C:\Program Files\Mockba to Berlin\M2B.exe:*:Disabled:DEViANCE -- ()
"C:\Program Files\Epson Software\Event Manager\EEventManager.exe" = C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Disabled:EEventManager Application -- (SEIKO EPSON CORPORATION)
"C:\Program Files\D-FendReloadedPortable\App\DOSBox\DOSBox.exe" = C:\Program Files\D-FendReloadedPortable\App\DOSBox\DOSBox.exe:*:Enabled:DOSBox DOS Emulator -- (DOSBox Team)
"C:\Program Files\strongholdcrusader\Stronghold Crusader.exe" = C:\Program Files\strongholdcrusader\Stronghold Crusader.exe:*:Enabled:Stronghold Crusader -- ()
"C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Data aplikací\CrossLoop\vncviewer.exe" = C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Data aplikací\CrossLoop\vncviewer.exe:*:Enabled:vncviewer.exe -- (UltraVNC)
"C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Data aplikací\CrossLoop\tvnserver.exe" = C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Data aplikací\CrossLoop\tvnserver.exe:*:Enabled:tvnserver.exe -- (GlavSoft LLC.)
"C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Data aplikací\CrossLoop\CrossLoopConnect.exe" = C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Data aplikací\CrossLoop\CrossLoopConnect.exe:*:Enabled:CrossLoop - Simple Secure Screen Sharing -- (CrossLoop)
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalátor AVG
"C:\Program Files\Electronic Arts\Need For Speed - Porsche 2000\PORSCHE.ICD" = C:\Program Files\Electronic Arts\Need For Speed - Porsche 2000\PORSCHE.ICD:*:Enabled:PORSCHE -- ()
"C:\Program Files\racer\racer.exe" = C:\Program Files\racer\racer.exe:*:Enabled:racer -- ()
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Ubi Soft\IL-2 Sturmovik Demo\il2demo.exe" = C:\Program Files\Ubi Soft\IL-2 Sturmovik Demo\il2demo.exe:*:Enabled:il2demo -- ()
"C:\Program Files\Atari\Test Drive Unlimited\TestDriveUnlimited.exe" = C:\Program Files\Atari\Test Drive Unlimited\TestDriveUnlimited.exe:*:Enabled:Test Drive Unlimited -- (Eden Games)
"C:\Program Files\Codemasters\Colin McRae Rally 2\CMR2.exe" = C:\Program Files\Codemasters\Colin McRae Rally 2\CMR2.exe:*:Enabled:Colin McRae Rally 2 -- (Codemasters Software Ltd)
"C:\Program Files\Rigs of Rods 0.39\servergui.exe" = C:\Program Files\Rigs of Rods 0.39\servergui.exe:*:Enabled:servergui -- ()
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Disabled:Průzkumník Windows -- (Microsoft Corporation)
"C:\Program Files\FsMovMapServer\FsMovMapServer.exe" = C:\Program Files\FsMovMapServer\FsMovMapServer.exe:*:Enabled:FSMovMapServer -- (Microsoft)
"C:\Program Files\Microsoft Games\Microsoft Flight\Flight.exe" = C:\Program Files\Microsoft Games\Microsoft Flight\Flight.exe:*:Enabled:Microsoft Flight -- (Microsoft Corporation)
"C:\Documents and Settings\X.X-28ADCEE8E7F34\Plocha\Age of Mythology CZECH\aom.exe" = C:\Documents and Settings\X.X-28ADCEE8E7F34\Plocha\Age of Mythology CZECH\aom.exe:*:Enabled:Age of Mythology
"C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe" = C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe:*:Enabled:Opera Internet Browser - Plugin wrapper -- (Opera Software)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\Need For Speed World\Data\nfsw.exe" = C:\Program Files\Need For Speed World\Data\nfsw.exe:*:Enabled:Need for Speed World -- (Electronic Arts)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{01840D1A-3B62-1E2A-9997-C9B9007F1E5F}" = Catalyst Control Center Core Implementation
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam
"{0297C87B-CC40-446F-865A-031B4FC0CF22}" = ToCA Race Driver 3
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{121C477C-5B7B-44E3-B621-BDDB542AE8FD}" = TuneUp Utilities Language Pack (en-GB)
"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live
"{17DD30CE-F0AF-4E46-97EE-DEDD59BD6FA0}" = MAGIX Music Maker MX Premium Download Version (Instrument package 1)
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19B72AA9-985A-11D4-9C8A-00D0B75D1498}" = Colin McRae Rally 2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24CD85A3-6562-4C24-8257-27826C7CF7FE}" = O&O Defrag Professional
"{252436F1-9583-4AD7-AA11-619AFFB96543}" = Xpand Rally
"{25A3AFB2-BED8-477E-95C0-28ECDEE1D630}" = MAGIX Music Maker MX Premium Download Version (Instrument package 2)
"{25BEC3AB-5CD4-481D-9143-215C1BBB189E}" = Sony Ericsson PC Suite
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 32
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2E7F1B26-433E-40A2-8D82-09E97441FF1A}" = Short Empire for FSX
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{32BAA79B-CBB2-3693-A0E3-71EA4A1E9761}" = ccc-core-static
"{33BA828D-CF19-0B52-8483-61FCFD83F75D}" = Catalyst Control Center HydraVision Full
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{362CCC45-63D1-9688-C74D-F32F1B0CD919}" = CCC Help English
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E8DE1A6-B365-4FF6-B917-2892A34990E8}" = LG USB Modem Drivers
"{4183E4E3-F943-416C-D4E1-0673F1CBA6E1}" = ccc-utility
"{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger
"{461B11E8-BF34-4ACB-962A-1CBE905BD9EB}" = LG United Mobile Drivers
"{46552BC3-52B6-404c-9B42-CE536AB719FD}_is1" = Ashampoo Home Designer1.0.0
"{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = Epson Event Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A61ACAF-29F5-4939-88DE-E2EF0647A4E7}" = MAGIX Music Maker MX Premium Download Version (Instrument package 3)
"{4AF67AF9-70FF-9372-22F6-BCF8A8B0C995}" = Go PlayAlong
"{4B33371A-C04F-48D3-980C-285369ECD634}" = ZoneAlarm Firewall
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D5308D2-6B0A-4BB0-809F-AE1000028101}" = Microsoft Flight
"{4D5308D2-6B0A-4BB0-809F-AE1000038101}" = Microsoft Flight
"{4D5308D2-DC8E-4658-A37C-351000008100}" = Microsoft Flight
"{4E86E575-2B04-4FEC-ADA3-72D47CB4777C}" = Cortona3D Viewer
"{4F94119D-1B71-400e-9F04-B4E5CEAE71F8}_is1" = Sothink Movie DVD Maker
"{51F24145-A833-4BD5-AA38-AFC5268928E5}" = IL-2 Sturmovik Series: Complete Edition
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{567C9882-843D-4188-A181-00E2CC3E1029}" = LG Burning Tools
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58ACDDC2-F83B-4BCF-92F2-E98180E7BEC8}" = MAGIX Music Maker MX Premium Download Version (Visuals)
"{5A2C635B-7ECE-4294-AE66-195BBFBC82F7}" = Colin McRae Rally 04
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5C19F599-20AD-4A27-8EB4-1B7121D4F603}" = MAGIX Music Maker MX Premium Download Version (Sound package)
"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
"{64669F87-F223-4668-8C66-4B2703F30A37}" = MAGIX Music Maker MX Premium Download Version (Introductory videos)
"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = LG CyberLink PowerDVD 7.0
"{69FAC221-570C-A7A2-10FF-30F3BDDED603}" = Catalyst Control Center Graphics Light
"{69FDD4EA-9D68-11D5-8A28-005004D37F93}" = Wolfenstein 3D
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{77C4F53F-8618-B4AC-A54D-694CA504BC2E}" = Catalyst Control Center Graphics Full Existing
"{797E03F8-C8A0-47ED-AA9F-D7076276E491}" = Ford Racing 2
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7E890D16-5CB9-4F18-BAA1-CCD0A543CAE5}" = MAGIX Music Maker MX Premium Download Version
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{83D6C933-0C42-4448-8A21-625AEE5B9FCB}" = MAGIX Music Maker MX Premium Download Version (Synthesizer and effects)
"{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}" = Epson Easy Photo Print 2
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8E309767-4214-4A04-AB88-FE86155FC151}" = ToCA Race Driver
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8EA65889-2C9A-4A41-8DD9-531E156ACB48}" = MAGIX Music Maker MX Premium Download Version (Demo songs)
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A52C4BAB-E8E7-906E-EF34-91EA765505BE}" = ccc-core-preinstall
"{A778A787-08A4-4089-CB68-02A9737DE532}" = Catalyst Control Center InstallProxy
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A95A76C9-6F65-477E-83A0-9F884B6DC21B}" = TuneUp Utilities Language Pack (en-US)
"{A9729B90-D37B-4A69-B66A-7436AC1F7274}" = Microsoft Flight Simulator X: Acceleration
"{ABAC2C1F-1BD5-45B1-89D8-1AA34CD16B7B}_is1" = Digital Power Station version 1.2.0
"{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}" = LG Bluetooth Drivers
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = LG CyberLink PowerBackup
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF4434001}" = Epson Printer Software Downloader
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = LG CyberLink PowerProducer
"{B98A34C0-A6A2-4087-B272-557C1C6D0A07}" = Microsoft Flight Simulator X Demo
"{BCECC8FA-31AD-487A-A8C4-1C9C5454F9C6}_is1" = Mockba to Berlin
"{BDE1289F-4025-41A5-AD17-101DB4D82CA7}" = TRS2004
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C268B5E1-A5DA-11DF-A289-005056C00008}" = Paragon Backup & Recovery™ 2011 (Advanced) Free
"{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}" = Test Drive Unlimited
"{C4C255FE-BE15-4C06-AAD9-A08F2DBB2E39}" = ZoneAlarm Security
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint
"{C60BA916-9E44-4DA4-B11A-9E27B7624EF5}" = Sony Ericsson Drivers
"{C92E7DF1-624A-4D95-A4C4-18CB491B44A4}" = Sony Ericsson Device Data
"{CD232781-26CA-4E18-BC70-4343A2F0D583}" = Microsoft IntelliPoint 8.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3F9003B-7D17-4317-B61B-0694FF5333F8}" = Oracle VM VirtualBox 4.1.18
"{D6BF6477-8369-489F-8DE6-3731F4B88560}" = Sony Ericsson PC Suite
"{DE29025A-091F-4998-AD2D-24C84421190F}" = Railroad Tycoon 3
"{E55250B8-D012-47A3-97E2-99FFBD0D3AD3}" = Just Flight - FS Insider C152
"{EA25A1D4-0CFB-4863-9B42-3E7EBD879644}" = Spin Tires
"{EB2E2ED5-DE74-F09D-3B23-0C4BA51D8C60}" = Catalyst Control Center Graphics Previews Common
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F65BF289-6174-4081-A9AC-5C60CEACD457}_is1" = Rally Championship
"{F68A7F48-9F26-4FB1-A7C2-DF3C0F2D849C}" = Crazy Taxi
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{FD4A0D0F-21BC-4D7C-8EF8-4161513812BA}" = MapBuilder
"{FDE0EEEA-B1CD-BFED-22BB-AD87B886CC47}" = Catalyst Control Center Graphics Full New
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"18 Wheels of Steel Pedal to the Metal" = 18 Wheels of Steel Pedal to the Metal
"7-Zip" = 7-Zip 9.12 beta
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Aeon" = Aeon
"Age of Empires 2.0" = Microsoft Age of Empires II
"Age of Mythology 1.0" = Age of Mythology
"AnyToISO_is1" = AnyToISO
"ATI Display Driver" = ATI Display Driver
"avast" = avast! Free Antivirus
"AVI ReComp" = AVI ReComp 1.5.3
"Bus Driver" = Bus Driver 1.0
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"CCleaner" = CCleaner
"Cole2k Media - Nero Audio Plugin Pack" = Cole2k Media - Nero Audio Plugin Pack
"com.goplayalong.41DF8ADAAE31CA841C48A6C358D6E3DCCEC38798.1" = Go PlayAlong
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.17
"CrossLoop_is1" = CrossLoop 2.80
"D-Fend v2" = D-Fend v2
"doPDF 5 printer_is1" = doPDF 5.0 printer
"DPP" = Canon Utilities Digital Photo Professional 3.9
"EAX Unified" = EAX Unified
"EOS Utility" = Canon Utilities EOS Utility
"Epson Printer Software Downloader" = Epson Printer Software Downloader
"EPSON Scanner" = EPSON Scan
"Epson Stylus SX110_TX110 User’s Guide" = Epson Stylus SX110_TX110 Manual
"EPSON SX110 Series" = EPSON SX110 Series Printer Uninstall
"ffdshow_is1" = ffdshow [rev 3154] [2009-12-09]
"FlightSim_{A9729B90-D37B-4A69-B66A-7436AC1F7274}" = Microsoft Flight Simulator X: Acceleration
"FreeCommander_is1" = FreeCommander 2009.02b
"FsMovMapServer" = FsMovMapServer
"FSX Sirocco GTX 132 ft. Motoryacht" = FSX Sirocco GTX 132 ft. Motoryacht
"FSX_Screensaver" = FSX_Screensaver
"Game Booster_is1" = Game Booster 3
"GameSpy Arcade" = GameSpy Arcade
"G-Force" = G-Force
"GFWL_{4D5308D2-DC8E-4658-A37C-351000008100}" = Microsoft Flight
"GOM Player" = GOM Player
"HaaliMkx" = Haali Media Splitter
"Heroes of the Pacific" = Heroes of the Pacific
"ie8" = Windows Internet Explorer 8
"IL-2 Sturmovik Demo" = IL-2 Sturmovik Demo
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"InstallShield_{252436F1-9583-4AD7-AA11-619AFFB96543}" = Xpand Rally
"InstallShield_{51F24145-A833-4BD5-AA38-AFC5268928E5}" = IL-2 Sturmovik Series: Complete Edition
"InstallShield_{5A2C635B-7ECE-4294-AE66-195BBFBC82F7}" = Colin McRae Rally 04
"InstallShield_{8E309767-4214-4A04-AB88-FE86155FC151}" = ToCA Race Driver
"InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"InstallShield_{B98A34C0-A6A2-4087-B272-557C1C6D0A07}" = Microsoft Flight Simulator X Demo
"IrfanView" = IrfanView (remove only)
"IsoBuster_is1" = IsoBuster 2.8.5
"iWisoft Free Video Converter_is1" = iWisoft Free Video Converter 1.2
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 3.7.0
"LG PC Suite IV" = LG PC Suite IV
"MAGIX_MSI_mm18dlx" = MAGIX Music Maker MX Premium Download Version
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.62.0.1300
"Meditel" = Meditel
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"MotoGP2_is1" = MotoGP2
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MS Flight Simulator" = Microsoft Flight Simulator for Windows 95
"mv61xxDriver" = marvell 61xx
"Need For Speed - Porsche 2000" = Need For Speed - Porsche 2000
"OnLive" = OnLive
"OpenAL" = OpenAL
"Opera 12.00.1467" = Opera 12.00
"Original Data Security Tools" = Canon Utilities Original Data Security Tools
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"Plane Arcade" = Plane Arcade
"RadLight APE DirectShow filter" = RadLight APE DirectShow filter (remove only)
"RealPlayer 15.0" = RealPlayer
"Recuva" = Recuva
"Rigs of Rods" = Rigs of Rods 0.37.126
"Rigs of Rods 0.39.1" = Rigs of Rods 0.39.1
"RTMshadow_{A9729B90-D37B-4A69-B66A-7436AC1F7274}" = Flight Simulator X
"Silent Hunter 4 Wolves of the Pacific U-boat Missions" = Silent Hunter 4 Wolves of the Pacific U-boat Missions
"SMPlayer" = SMPlayer 0.6.9
"SoftSkies" = SoftSkies
"Sony Ericsson Themes Creator" = Sony Ericsson Themes Creator 3.17
"SP1shadow_{A9729B90-D37B-4A69-B66A-7436AC1F7274}" = Flight Simulator X Service Pack 1
"TmNationsForever_is1" = TmNationsForever
"TmSunrise_is1" = TrackMania Sunrise Extreme 1.5.1
"Traktor 2_is1" = Traktor 2
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"Tweak UI 2.10" = Tweak UI
"Unlocker" = Unlocker 1.9.1
"VDMSound" = VDMSound
"VirtualCloneDrive" = VirtualCloneDrive
"VobSub" = VobSub 2.23
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WFTK" = Canon Utilities WFT Utility
"WhiteCap" = WhiteCap
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite_Wave3" = Installation Windows Live
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xvid CZ 1.01_is1" = Xvid CZ 1.01
"Xvid_is1" = Xvid MPEG-4 Video Codec
"ZoneAlarm Free Firewall" = ZoneAlarm Free Firewall
"ZoneAlarm LTD Toolbar" = ZoneAlarm LTD Toolbar
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-839522115-562591055-2146989891-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Avia BH-5 & Bk.11 for FSX" = Avia BH-5 & Bk.11 for FSX
"FSX Sirocco GTX2" = FSX Sirocco GTX2
"Google Chrome" = Google Chrome
"Lotus Simulations L-39 Albatros" = Lotus Simulations L-39 Albatros
"PT Tu-154M Czechoslovak version 1.1" = PT Tu-154M Czechoslovak version 1.1
"PT Tu-154M Czechoslovak version 1.2" = PT Tu-154M Czechoslovak version 1.2
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 30.7.2012 12:28:14 | Computer Name = X-28ADCEE8E7F34 | Source = Application Error | ID = 1000
Description = Chybující aplikace logonui.exe, verze 6.0.2900.5512, chybující modul
user32.dll, verze 5.1.2600.5512, adresa chyby 0x00009de9.

Error - 30.7.2012 12:28:31 | Computer Name = X-28ADCEE8E7F34 | Source = Application Error | ID = 1000
Description = Chybující aplikace logonui.exe, verze 6.0.2900.5512, chybující modul
user32.dll, verze 5.1.2600.5512, adresa chyby 0x00009de9.

Error - 30.7.2012 12:28:38 | Computer Name = X-28ADCEE8E7F34 | Source = Application Error | ID = 1000
Description = Chybující aplikace logonui.exe, verze 6.0.2900.5512, chybující modul
user32.dll, verze 5.1.2600.5512, adresa chyby 0x00009de9.

Error - 30.7.2012 12:28:45 | Computer Name = X-28ADCEE8E7F34 | Source = Application Error | ID = 1000
Description = Chybující aplikace logonui.exe, verze 6.0.2900.5512, chybující modul
user32.dll, verze 5.1.2600.5512, adresa chyby 0x00009de9.

Error - 31.7.2012 8:50:54 | Computer Name = X-28ADCEE8E7F34 | Source = Application Error | ID = 1000
Description = Chybující aplikace wiaacmgr.exe, verze 5.1.2600.5512, chybující modul
user32.dll, verze 5.1.2600.5512, adresa chyby 0x00009de9.

Error - 31.7.2012 10:45:24 | Computer Name = X-28ADCEE8E7F34 | Source = Application Error | ID = 1000
Description = Chybující aplikace notepad.exe, verze 5.1.2600.5512, chybující modul
user32.dll, verze 5.1.2600.5512, adresa chyby 0x00009de9.

Error - 31.7.2012 10:45:27 | Computer Name = X-28ADCEE8E7F34 | Source = Application Error | ID = 1000
Description = Chybující aplikace notepad.exe, verze 5.1.2600.5512, chybující modul
user32.dll, verze 5.1.2600.5512, adresa chyby 0x00009de9.

Error - 31.7.2012 10:45:42 | Computer Name = X-28ADCEE8E7F34 | Source = Application Error | ID = 1000
Description = Chybující aplikace notepad.exe, verze 5.1.2600.5512, chybující modul
user32.dll, verze 5.1.2600.5512, adresa chyby 0x00009de9.

Error - 31.7.2012 11:02:05 | Computer Name = X-28ADCEE8E7F34 | Source = Application Error | ID = 1000
Description = Chybující aplikace g-force_432.exe, verze 1.0.0.4133, chybující modul
user32.dll, verze 5.1.2600.5512, adresa chyby 0x000167ee.

Error - 31.7.2012 11:02:43 | Computer Name = X-28ADCEE8E7F34 | Source = Application Error | ID = 1000
Description = Chybující aplikace g-force_432.exe, verze 1.0.0.4133, chybující modul
user32.dll, verze 5.1.2600.5512, adresa chyby 0x000167ee.

[ System Events ]
Error - 31.7.2012 12:06:01 | Computer Name = X-28ADCEE8E7F34 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 31.7.2012 12:08:31 | Computer Name = X-28ADCEE8E7F34 | Source = sptd | ID = 262148
Description = Ovladač zjistil interní chybu ve vlastní struktuře dat u .

Error - 31.7.2012 12:08:31 | Computer Name = X-28ADCEE8E7F34 | Source = sfsync04 | ID = 262145
Description =

Error - 31.7.2012 12:08:31 | Computer Name = X-28ADCEE8E7F34 | Source = sfsync02 | ID = 262156
Description =

Error - 31.7.2012 12:09:00 | Computer Name = X-28ADCEE8E7F34 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 31.7.2012 12:09:28 | Computer Name = X-28ADCEE8E7F34 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: Aavmker4 aswSnx aswSP aswTdi ElbyCDIO Fips intelppm KLIF prodrv06 sptd UimBus
Uim_IM
VBoxDrv
VBoxUSBMon

Error - 31.7.2012 12:16:03 | Computer Name = X-28ADCEE8E7F34 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby StiSvc
s argumenty za účelem spuštění serveru: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 31.7.2012 12:16:36 | Computer Name = X-28ADCEE8E7F34 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby StiSvc
s argumenty za účelem spuštění serveru: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 31.7.2012 12:45:47 | Computer Name = X-28ADCEE8E7F34 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 1.8.2012 7:04:15 | Computer Name = X-28ADCEE8E7F34 | Source = System Error | ID = 1003
Description = Kód chyby 1000000a, parametr1 ffffffe0, parametr2 00000002, parametr3
00000000, parametr4 80537448.


< End of report >

[Matadorik]

Jinak už mám i log z RSIT, spustil jsem ho v normálním režimu, vypnul ZoneAlarm a Avast a okamžitě vypadl log, možná tam byl nějaký konflikt mezi AV nebo FW.


Logfile of random's system information tool 1.09 (written by random/random)
Run by X at 2012-08-02 13:55:09
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 34 GB (17%) free of 201 GB
Total RAM: 3327 MB (83% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:55:12, on 2.8.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Documents and Settings\All Users.WINDOWS\Data aplikací\EPSON\EPW!3 SSRP\E_S40ST7.EXE
C:\Documents and Settings\All Users.WINDOWS\Data aplikací\EPSON\EPW!3 SSRP\E_S40RP7.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\X.X-28ADCEE8E7F34\Plocha\RSIT.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\trend micro\X.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: LinkAirBrowserHelper HistoryTriggerBHO - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [EPSON SX110 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFBE.EXE /FU "C:\DOCUME~1\XE118~1.X-2\LOCALS~1\Temp\E_S53.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: _uninst_.lnk = C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Temp\_uninst_.bat
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} (20-20 3D Viewer) - http://kitchenplanner.ikea.com/CZ/Core/ ... _Win32.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 0991837125
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{17BDEFE0-E460-48F1-85D9-F416A13F7E63}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{17BDEFE0-E460-48F1-85D9-F416A13F7E63}: NameServer = 192.168.1.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\Documents and Settings\All Users.WINDOWS\Data aplikací\EPSON\EPW!3 SSRP\E_S40ST7.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\Documents and Settings\All Users.WINDOWS\Data aplikací\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe

--
End of file - 8616 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{D0C61DA6-54E3-4657-8A92-9109632E5E8C}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21A88CB9-84D2-4020-A2D1-B25A21034884}]
HistoryTriggerBHO Class - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll [2011-01-31 35688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-07-13 426736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-05-06 329504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-04-30 599680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-07-03 1160792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-05-06 59168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-05-06 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-04-30 599680]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-07-03 1160792]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-01-11 16862720]
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2011-01-07 1797488]
"VirtualCloneDrive"=C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2011-03-07 89456]
"ISW"= []
"ZoneAlarm"=C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [2012-06-21 73392]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2012-07-03 462920]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-07-03 4273976]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EPSON SX110 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFBE.EXE [2008-09-27 199680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2010-01-11 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe [2009-04-07 673616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-01-08 52256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2012-07-03 462920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2009-03-10 570664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
C:\Program Files\OO Software\Defrag\oodtray.exe [2011-11-17 2773328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-14 71216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZoneAlarm Installer]
C:\DOCUME~1\XE118~1.X-2\LOCALS~1\Temp\{907A1104-E812-4b5c-959B-E4DAB37A96AB}\Launcher.exe C:\DOCUME~1\XE118~1.X-2\LOCALS~1\Temp\{907A1104-E812-4b5c-959B-E4DAB37A96AB}\Install.exe /r download /c EN\INSTALL.XML /w []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE []

C:\Documents and Settings\X.X-28ADCEE8E7F34\Nabídka Start\Programy\Po spuštění
_uninst_.lnk - C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Temp\_uninst_.bat

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-11-25 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveTypeAutoRun"=28

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\TrackMania Sunrise\TmSunrise.exe"="C:\Program Files\TrackMania Sunrise\TmSunrise.exe:*:Enabled:TmSunrise"
"C:\Program Files\MotoGP2\motogp2.exe"="C:\Program Files\MotoGP2\motogp2.exe:*:Enabled:motogp2"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\TmNationsForever\TmForever.exe"="C:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Ubi Soft\IL-2 Sturmovik Forgotten Battles\il2fb.exe"="C:\Program Files\Ubi Soft\IL-2 Sturmovik Forgotten Battles\il2fb.exe:*:Enabled:il2fb"
"C:\Program Files\Codemasters\Heroes of the Pacific\Heroes.exe"="C:\Program Files\Codemasters\Heroes of the Pacific\Heroes.exe:*:Enabled:Heroes Of The Pacific"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth"
"C:\Program Files\Microsoft Games\Age of Empires II\empires2.exe"="C:\Program Files\Microsoft Games\Age of Empires II\empires2.exe:*:Enabled:Age of Empires II"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Disabled:Microsoft DirectPlay8 Server"
"D:\Program Files\Microsoft Games\Microsoft Flight Simulator X\fsx.exe"="D:\Program Files\Microsoft Games\Microsoft Flight Simulator X\fsx.exe:*:Enabled:Microsoft Flight Simulator®"
"C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade 1.4"
"C:\Program Files\Java\jre1.6.0_06\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre1.6.0_06\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"F:\SkypePortable\App\Skype\Phone\Skype.exe"="F:\SkypePortable\App\Skype\Phone\Skype.exe:*:Enabled:Skype "
"F:\Program Files\PortableApps\SkypePortable\App\Skype\Phone\Skype.exe"="F:\Program Files\PortableApps\SkypePortable\App\Skype\Phone\Skype.exe:*:Enabled:Skype "
"C:\Program Files\Railroad Tycoon 3\RT3.exe"="C:\Program Files\Railroad Tycoon 3\RT3.exe:*:Enabled:Railroad Tycoon 3"
"C:\Program Files\Ubisoft\Silent Hunter 4 Wolves of the Pacific\sh4.exe"="C:\Program Files\Ubisoft\Silent Hunter 4 Wolves of the Pacific\sh4.exe:*:Enabled:Silent Hunter IV"
"E:\EasySetupAssistant\wr741n\EasySetupAssistant.exe"="E:\EasySetupAssistant\wr741n\EasySetupAssistant.exe:*:Enabled:TP-LINK Easy Setup Assistant"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Program Files\Microsoft Games\Age of Mythology\aom.exe"="C:\Program Files\Microsoft Games\Age of Mythology\aom.exe:*:Enabled:Age of Mythology"
"C:\Program Files\Mockba to Berlin\M2B.exe"="C:\Program Files\Mockba to Berlin\M2B.exe:*:Disabled:DEViANCE"
"C:\Program Files\Epson Software\Event Manager\EEventManager.exe"="C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Disabled:EEventManager Application"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\D-FendReloadedPortable\App\DOSBox\DOSBox.exe"="C:\Program Files\D-FendReloadedPortable\App\DOSBox\DOSBox.exe:*:Enabled:DOSBox DOS Emulator"
"C:\Program Files\strongholdcrusader\Stronghold Crusader.exe"="C:\Program Files\strongholdcrusader\Stronghold Crusader.exe:*:Enabled:Stronghold Crusader"
"C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Data aplikací\CrossLoop\vncviewer.exe"="C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Data aplikací\CrossLoop\vncviewer.exe:*:Enabled:vncviewer.exe"
"C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Data aplikací\CrossLoop\tvnserver.exe"="C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Data aplikací\CrossLoop\tvnserver.exe:*:Enabled:tvnserver.exe"
"C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Data aplikací\CrossLoop\CrossLoopConnect.exe"="C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Data aplikací\CrossLoop\CrossLoopConnect.exe:*:Enabled:CrossLoop - Simple Secure Screen Sharing"
"C:\Program Files\AVG\AVG2012\avgmfapx.exe"="C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\Electronic Arts\Need For Speed - Porsche 2000\PORSCHE.ICD"="C:\Program Files\Electronic Arts\Need For Speed - Porsche 2000\PORSCHE.ICD:*:Enabled:PORSCHE"
"C:\Program Files\racer\racer.exe"="C:\Program Files\racer\racer.exe:*:Enabled:racer"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Ubi Soft\IL-2 Sturmovik Demo\il2demo.exe"="C:\Program Files\Ubi Soft\IL-2 Sturmovik Demo\il2demo.exe:*:Enabled:il2demo"
"C:\Program Files\Atari\Test Drive Unlimited\TestDriveUnlimited.exe"="C:\Program Files\Atari\Test Drive Unlimited\TestDriveUnlimited.exe:*:Enabled:Test Drive Unlimited"
"C:\Program Files\Codemasters\Colin McRae Rally 2\CMR2.exe"="C:\Program Files\Codemasters\Colin McRae Rally 2\CMR2.exe:*:Enabled:Colin McRae Rally 2"
"C:\Program Files\Windows Media Player\wmplayer.exe"="C:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player"
"C:\Program Files\Rigs of Rods 0.39\servergui.exe"="C:\Program Files\Rigs of Rods 0.39\servergui.exe:*:Enabled:servergui"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Disabled:Průzkumník Windows"
"C:\Program Files\FsMovMapServer\FsMovMapServer.exe"="C:\Program Files\FsMovMapServer\FsMovMapServer.exe:*:Enabled:FSMovMapServer"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Microsoft Games\Microsoft Flight\Flight.exe"="C:\Program Files\Microsoft Games\Microsoft Flight\Flight.exe:*:Enabled:Microsoft Flight"
"C:\Documents and Settings\X.X-28ADCEE8E7F34\Plocha\Age of Mythology CZECH\aom.exe"="C:\Documents and Settings\X.X-28ADCEE8E7F34\Plocha\Age of Mythology CZECH\aom.exe:*:Enabled:Age of Mythology"
"C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe"="C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe:*:Enabled:Opera Internet Browser - Plugin wrapper"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Need For Speed World\Data\nfsw.exe"="C:\Program Files\Need For Speed World\Data\nfsw.exe:*:Enabled:Need for Speed World"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=IR41_32.DLL
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.i263"=i263_32.drv
"msacm.l3fhg"=mp3fhg.acm
"msacm.divxa32"=msaud32_divx.acm
"VIDC.X264"=x264vfw.dll
"VIDC.VP60"=vp6vfw.dll
"VIDC.VP61"=vp6vfw.dll
"VIDC.VP62"=vp6vfw.dll
"VIDC.HFYU"=huffyuv.dll
"VIDC.VP70"=vp7vfw.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"msacm.vorbis"=vorbis.acm
"msacm.siren"=sirenacm.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-07-31 17:31:50 ----SHD---- C:\WINDOWS\CSC
2012-07-31 17:31:45 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2012-07-31 17:31:45 ----A---- C:\WINDOWS\ntbtlog.txt
2012-07-31 17:30:56 ----A---- C:\WINDOWS\system32\drivers\58205290.sys
2012-07-31 16:46:59 ----D---- C:\Program Files\Bongiovi Acoustics
2012-07-31 16:46:59 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Bongiovi Acoustics
2012-07-31 16:46:59 ----A---- C:\WINDOWS\system32\drivers\digitalpower.sys
2012-07-30 18:06:55 ----A---- C:\WINDOWS\Robota.INI
2012-07-28 19:20:03 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2012-07-28 19:20:03 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2012-07-28 19:20:01 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2012-07-28 19:20:01 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2012-07-28 19:20:00 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2012-07-28 19:19:59 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2012-07-28 19:19:59 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2012-07-28 19:19:58 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2012-07-28 19:19:41 ----A---- C:\WINDOWS\avastSS.scr
2012-07-28 19:19:40 ----A---- C:\WINDOWS\system32\aswBoot.exe
2012-07-28 19:19:28 ----D---- C:\Program Files\AVAST Software
2012-07-28 19:19:28 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVAST Software
2012-07-28 18:34:07 ----D---- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\OnLive App
2012-07-28 18:33:40 ----D---- C:\Program Files\OnLive
2012-07-18 13:52:34 ----D---- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\com.goplayalong.41DF8ADAAE31CA841C48A6C358D6E3DCCEC38798.1
2012-07-18 13:52:31 ----D---- C:\Program Files\Go PlayAlong
2012-07-18 13:52:26 ----D---- C:\Program Files\Common Files\Adobe AIR
2012-07-14 18:34:11 ----D---- C:\Program Files\CheatEngine
2012-07-13 13:22:31 ----D---- C:\Program Files\Common Files\xing shared
2012-07-13 13:22:15 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2012-07-13 13:22:04 ----A---- C:\WINDOWS\system32\pndx5032.dll
2012-07-13 13:22:04 ----A---- C:\WINDOWS\system32\pndx5016.dll
2012-07-12 14:28:03 ----D---- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Need for Speed World
2012-07-11 17:41:15 ----D---- C:\Program Files\Need For Speed World
2012-07-09 17:31:21 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\IObit
2012-07-09 17:31:20 ----D---- C:\Program Files\IObit
2012-07-09 16:10:56 ----D---- C:\Program Files\Recuva
2012-07-09 16:02:27 ----D---- C:\Program Files\LFS
2012-07-03 21:18:31 ----D---- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Opera
2012-07-03 21:18:21 ----D---- C:\Program Files\Opera
2012-07-03 20:53:01 ----D---- C:\Program Files\Oovee

======List of files/folders modified in the last 1 month======

2012-08-02 13:55:10 ----D---- C:\Program Files\trend micro
2012-08-02 13:53:11 ----D---- C:\WINDOWS\Temp
2012-08-02 13:49:24 ----D---- C:\WINDOWS\system32\CatRoot2
2012-08-01 14:34:49 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-08-01 13:02:58 ----D---- C:\WINDOWS
2012-07-31 18:25:42 ----D---- C:\WINDOWS\system32\drivers
2012-07-31 18:24:50 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2012-07-31 18:08:19 ----D---- C:\Documents and Settings
2012-07-31 18:03:15 ----D---- C:\rsit
2012-07-31 17:31:48 ----D---- C:\WINDOWS\Minidump
2012-07-31 17:31:45 ----D---- C:\WINDOWS\system32
2012-07-31 17:31:00 ----HD---- C:\WINDOWS\inf
2012-07-31 16:49:38 ----SHD---- C:\WINDOWS\Installer
2012-07-31 16:49:32 ----D---- C:\Program Files\QuickTime
2012-07-31 16:47:13 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-07-31 16:46:59 ----RD---- C:\Program Files
2012-07-31 14:38:35 ----D---- C:\Program Files\Microsoft Games
2012-07-29 13:40:14 ----SD---- C:\WINDOWS\Tasks
2012-07-29 13:39:19 ----D---- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Winamp
2012-07-28 19:40:50 ----D---- C:\WINDOWS\Prefetch
2012-07-28 19:19:52 ----D---- C:\WINDOWS\WinSxS
2012-07-19 15:58:40 ----HD---- C:\Program Files\InstallShield Installation Information
2012-07-19 15:58:20 ----D---- C:\Program Files\Google
2012-07-18 13:52:33 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Adobe
2012-07-18 13:52:27 ----D---- C:\Program Files\Adobe
2012-07-18 13:52:26 ----D---- C:\Program Files\Common Files
2012-07-18 13:50:44 ----D---- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Adobe
2012-07-13 19:13:50 ----D---- C:\WINDOWS\Logs
2012-07-13 13:25:03 ----D---- C:\Documents and Settings\X.X-28ADCEE8E7F34\Data aplikací\Real
2012-07-13 13:22:39 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Real
2012-07-13 13:22:02 ----A---- C:\WINDOWS\system32\pncrt.dll
2012-07-13 13:21:57 ----A---- C:\WINDOWS\system32\msvcr71.dll
2012-07-13 13:21:57 ----A---- C:\WINDOWS\system32\msvcp71.dll
2012-07-11 17:41:15 ----D---- C:\Program Files\Electronic Arts
2012-07-03 20:53:14 ----D---- C:\WINDOWS\system32\DirectX
2012-07-03 19:38:07 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-07-03 19:00:16 ----D---- C:\WINDOWS\SoftwareDistribution

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 hotcore3;hc3ServiceName; C:\WINDOWS\system32\DRIVERS\hotcore3.sys [2011-01-21 57112]
R0 mrdd;Marvell Removable Disk Control Driver; C:\WINDOWS\system32\DRIVERS\mrdd.sys [2008-11-12 18984]
R0 mv61xx;mv61xx; C:\WINDOWS\system32\DRIVERS\mv61xx.sys [2009-02-09 152616]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-11-25 77248]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2006-03-26 51200]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\WINDOWS\System32\drivers\sfdrv01a.sys [2006-07-05 63352]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2006-07-10 27032]
R0 sfsync04;StarForce Protection Synchronization Driver (version 4.x); C:\WINDOWS\System32\drivers\sfsync04.sys [2006-03-24 50176]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2007-01-12 82296]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-01-19 436792]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 58205290;58205290; C:\WINDOWS\system32\DRIVERS\58205290.sys [2012-07-31 133208]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-07-03 25256]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2012-07-03 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-07-03 721000]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-07-03 353688]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-07-03 54232]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2010-12-17 31088]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2012-05-29 565552]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-11-25 54368]
R1 Uim_IM;UIM Drive Backup Image Plugin; C:\WINDOWS\System32\Drivers\Uim_IM.sys [2011-01-21 381032]
R1 UimBus;Universal Image Mounter Controller; C:\WINDOWS\system32\DRIVERS\UimBus.sys [2011-01-21 40824]
R1 VBoxDrv;VirtualBox Service; C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys [2012-06-05 158552]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [2012-06-05 91992]
R1 Vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2012-06-21 526640]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-07-03 21256]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-07-03 97608]
R2 cpuz135;cpuz135; \??\C:\WINDOWS\system32\drivers\cpuz135_x32.sys []
R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys []
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-11-25 4463104]
R3 digitalpower;Digital Power Station service; C:\WINDOWS\system32\drivers\digitalpower.sys [2011-03-16 25008]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-01-11 4800000]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2010-01-11 39424]
R3 LgBttPort;LGE Bluetooth TransPort; C:\WINDOWS\system32\DRIVERS\lgbtport.sys [2009-09-29 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]
R3 LGVMODEM;LGE Virtual Modem; C:\WINDOWS\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2011-01-07 40800]
R3 SRS_HDAL_Service;HD Audio Lab; C:\WINDOWS\system32\drivers\SRS_HDAL_i386.sys [2010-07-02 384752]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2012-06-05 104792]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys [2012-06-05 116056]
R3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2011-01-15 30208]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 iMSPQMn;iMSPQMn; \??\C:\DOCUME~1\XE118~1.X-2\LOCALS~1\Temp\iMSPQMn.sys []
S3 pflt;Shrew Soft Miniport Filter; C:\WINDOWS\system32\DRIVERS\vfilter.sys []
S3 s125bus;Sony Ericsson Device 125 driver (WDM); C:\WINDOWS\system32\DRIVERS\s125bus.sys [2007-04-24 83336]
S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s125mdfl.sys [2007-04-24 15112]
S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s125mdm.sys [2007-04-24 108680]
S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s125mgmt.sys [2007-04-24 100488]
S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s125obex.sys [2007-04-24 98696]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2010-01-21 13056]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2010-01-21 20864]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2010-01-21 24960]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 VBoxUSB;VirtualBox USB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [2012-06-05 82776]
S3 vnet;Shrew Soft Virtual Adapter; C:\WINDOWS\system32\DRIVERS\virtualnet.sys []
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-11-25 602112]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-07-03 44808]
R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\Documents and Settings\All Users.WINDOWS\Data aplikací\EPSON\EPW!3 SSRP\E_S40ST7.EXE [2007-12-18 143872]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\Documents and Settings\All Users.WINDOWS\Data aplikací\EPSON\EPW!3 SSRP\E_S40RP7.EXE [2007-01-12 113664]
R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2012-04-30 497280]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-05-06 153376]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-05-14 272024]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 vsmon;TrueVector Internet Monitor; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [2012-06-21 2445880]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-01-16 821608]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-12 135664]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-12 135664]
S4 LGScsiCommandService;LG SCSI command service; C:\WINDOWS\system32\LGScsiCommandService.exe [2010-04-12 47616]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 OODefragAgent;O&O Defrag Agent; C:\Program Files\OO Software\Defrag\oodag.exe [2011-11-17 2489680]
S4 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [2011-12-14 1514304]

-----------------EOF-----------------

[Rudy]

Omluva za vstup, paní kolegyně je právě na dovolené. Dvouklikem na soubor C:\Program Files\trend micro\X.exe spusťte HijackThis. Klikněte na "do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: _uninst_.lnk = C:\Documents and Settings\X.X-28ADCEE8E7F34\Local Settings\Temp\_uninst_.bat

Klikněte na >FixChecked<. Dále znovu spusťte OTL a klikněte na >Vyčisti<. OTL po sobě uklidí. Nakonec restartujte PC.

[Matadorik]

Fixnul jsem položky v HJT, kliknul jsem na Vyčisti a potvrdil restart, vyskočila chyba "V aplikaci LogonUI.exe došlo k problému a je třeba ji zavřít, po zavření znova (nekonečná smyčka) Už je to podruhé, minule pomohlo až tvrdé vypnutí. Pc jinak plně funguje. Nevíte jak povolit restart?

EDIT: Ručně jsem ukončil proces, objevil se znovu (dokonce 2x), tak jsem zkusil ukončit i explorer.exe a po několika stejných hláškách se PC restartoval, vzhledem k značnému zpomalení se ještě restartuje.

[Rudy]

Pokud to nejde jinak, potom Ctrl>Alt>Del>správce úloh>ukočit příslušný proces a dát restart.

[Matadorik]

EDIT: Ručně jsem ukončil proces, objevil se znovu (dokonce 2x), tak jsem zkusil ukončit i explorer.exe a po několika stejných hláškách se PC restartoval, vzhledem k značnému zpomalení se ještě restartuje.

Editoval jsem mezitím co jste psal, omlouvám se. Pc už dlouho visí na Ukládání nastavení... , s tím, že pozadí je černé místo modrého???

Tak hard reset.

[Rudy]

OK.

[motji]

Mrkněte na Zone alarm, kterou máte verzi? Pokud je i s anitivirem, takje tam kolize s Avastem.

[Matadorik]

Ne, to jsem si hlídal, je bez AV. PC totiž funguje zcela normálně, jen určité programy dají chybu (viz log) a od té chvíle je problém s Poznámkovým blokem a pak i s vypnutím. Všechno se to ale váže k logonui.exe. Pokud ale určité programy nespustím(s tím, že tyto dají chybu hned při spuštění), k chybám nedochází. Zkusím vypozorovat, který SW dělá problémy a přeinstaluju ho. Zatím mám vytipovaný Need For Speed World (ano, legální) a možná i další aplikace. Budu v tom pokračovat. Je tento postup v pořádku?

[motji]

Ano, zkuste to tak