je to lepší, ale pořád se mi to zdá nějaký pomalý.... přemýšlím, co by to mohlo ještě brzdit
pročistila jsem to ještě tím ccleanerem
můžu se zeptat, jakej prohlížeč doporučujete?
mám tady firefox, zkoušela jsem explorer a zdají se mi stejný...
ještě se jdu podívat co doporučujete za antiviry atp. , jestli něco mezi sebou nedělá problémy, a zda máme to co máme mít
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: prosím o kontrolu logu
Smutné je, že hlupáci jsou tak sebejistí a lidé moudří tak plni pochybností.
Bertrand Russell
Bertrand Russell
Re: prosím o kontrolu logu
ja osobne doporucujem pouzivat prehliadac, ktory uzivatelovi vyhovuje 
takpovediac sedi
Sunbelt + AVAST >> moze sposobovat iste spomalenie, ale tu tazko rozvijat teorie, treba odskusat odinstalovat prip. nahradit jeden z dvojice a potom prip. aj druhy ,,,
takpovediac sediSunbelt + AVAST >> moze sposobovat iste spomalenie, ale tu tazko rozvijat teorie, treba odskusat odinstalovat prip. nahradit jeden z dvojice a potom prip. aj druhy ,,,
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: prosím o kontrolu logu
děkuji
ty prohlížeče vyzkouším a uvidím, co sedne
ten Sunbelt Personal Firewall dám do pryč a nahradím zone alarmem, pomohlo by to pomoci že? vyčetla jsem , že doporučujete tady kombinaci avastu + toho zone alarmu... k tomu máme Spyware Terminator
ty prohlížeče vyzkouším a uvidím, co sedne
ten Sunbelt Personal Firewall dám do pryč a nahradím zone alarmem, pomohlo by to pomoci že? vyčetla jsem , že doporučujete tady kombinaci avastu + toho zone alarmu... k tomu máme Spyware Terminator
Smutné je, že hlupáci jsou tak sebejistí a lidé moudří tak plni pochybností.
Bertrand Russell
Bertrand Russell
Re: prosím o kontrolu logu
Spyware terminátor bych taky vyhodila
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: prosím o kontrolu logu
takže stačí tedy kombinace avastu + toho zone alarmu ?
nic jinýho potřeba není?
nic jinýho potřeba není?
Smutné je, že hlupáci jsou tak sebejistí a lidé moudří tak plni pochybností.
Bertrand Russell
Bertrand Russell
Re: prosím o kontrolu logu
Stačí, já mám stejnou kombinaci .
Ještě uklidíme
Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:
ComboFix /Uninstall
-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.
***********
Stáhněte T-Cleaner
http://tharifas.sweb.cz/T-Cleaner.exe
-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir
***********
Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru
záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner
záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít
Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.
Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.
***********
Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech
***********
Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?
.Ještě uklidíme
Odinstalujte combofix přes Start - Spustit- zkopírujte do okénka:
ComboFix /Uninstall
-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.
***********
Stáhněte T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe
-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir
***********
Z mého podpisu stahněte Ccleaner- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru
záložka čistič- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner
záložka Registry- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy
ok zavřít Záložka Nástroje- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.
Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.
***********
Stahněte OTC a použijtehttp://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech
***********
Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: prosím o kontrolu logu
hezký sváteční den přeji
vše uděláno a posílám nový log
Logfile of random's system information tool 1.09 (written by random/random)
Run by lubos at 2011-10-28 09:47:47
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 14 GB (9%) free of 147 GB
Total RAM: 3066 MB (64% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:47:58, on 28.10.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\lubos\Desktop\RSIT.exe
C:\Program Files\trend micro\lubos.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60747
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60747
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60747
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: &Crawler Toolbar Helper - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: &Crawler Toolbar Helper - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: (no name) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - (no file)
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\lubos\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\listicka.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - (no file)
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\toolbar\toolbar.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SpywareTerminatorShield] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
O4 - HKLM\..\Run: [SpywareTerminatorUpdater] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\programy\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - (no file)
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Unknown owner - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: PCSpeedUp Service (PCSpeedUpService) - Unknown owner - C:\Program Files\Zrychleni Pocitace\PCSpeedUpService.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files\Spyware Terminator\st_rsser.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 10277 bytes
=========Mozilla firefox=========
ProfilePath - C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default
prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://searchrise.com?hl=cs&fh="
prefs.js - "extensions.enabledItems" - "Cetrumcz@igeared:1.202.012.001, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778, {a1e75a0e-4397-4ba8-bb50-e19fb66890f4}:3.2.5.2, {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9, {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.2.1, {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1, engine@conduit.com:3.2.5.2, {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.2.5.2, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15"
prefs.js - "keyword.URL" - "http://www.crawler.com/search/dispatche ... 60747&qkw="
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}"=C:\Program Files\Crawler\Toolbar\firefox\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
GoogleDesktopMozilla.dll
GoogleDesktopMozillaStub.js
GoogleDesktopMozillaStub.xpt
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
Cetrumcz_igeared.xml
crawlersrch.xml
google.xml
googledesktop.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\extensions\
engine@conduit.com
{20a82645-c095-46ed-80e3-08825760534b}
{32a1fd71-835e-4b11-8e54-886fda0b4c89}
{699661f3-1e3b-4129-831b-cd5660cdc72e}
{800b5000-a755-47e1-992b-48a1c1357f07}
{8445d605-e889-9c78-e3f4-c579193cb55f}
{872b5b88-9db5-4310-bdd0-ac189557e5f5}
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\
conduit.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.gif
icqplugin.src
icqplugin.xml
qip-search.xml
search.xml
searchhub.xml
searchrise.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
&Crawler Toolbar Helper - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2011-09-12 1237240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Users\lubos\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2010-08-12 149968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Lištička - C:\Program Files\Seznam.cz\listicka.dll [2011-03-15 2201600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0BF43445-2F28-4351-9252-17FE6E806AA0}
{D5D47440-0750-463D-BAEF-A47D02414806}
{BFC32E1D-EE75-4A48-BC60-104E11EE2431}
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]
{1EA00BE1-6E54-4E2A-8099-680300BF23E1} - Nástroje Lištičky - C:\Program Files\Seznam.cz\toolbar\toolbar.dll [2011-03-10 183808]
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler Toolbar - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2011-09-12 1237240]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-09-06 3722416]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"SpywareTerminatorShield"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2011-09-28 2775728]
"SpywareTerminatorUpdater"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2011-09-28 3609776]
"Malwarebytes' Anti-Malware (reboot)"=C:\programy\Malwarebytes' Anti-Malware\mbam.exe [2010-11-29 963976]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2011-02-09 395640]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2011-10-28 09:47:47 ----D---- C:\rsit
2011-10-28 08:50:32 ----SD---- C:\32788R22FWJFW
2011-10-26 16:52:56 ----D---- C:\Windows\temp
2011-10-26 16:47:29 ----SHD---- C:\$RECYCLE.BIN
2011-10-26 08:48:11 ----D---- C:\Users\lubos\AppData\Roaming\Malwarebytes
2011-10-26 08:48:03 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2011-10-26 08:48:02 ----D---- C:\ProgramData\Malwarebytes
2011-10-26 08:47:58 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-10-17 18:00:54 ----D---- C:\Program Files\Crawler
2011-10-17 18:00:32 ----A---- C:\Windows\system32\drivers\sp_rsdrv2.sys
2011-10-17 18:00:31 ----D---- C:\Users\lubos\AppData\Roaming\Spyware Terminator
2011-10-17 18:00:31 ----D---- C:\ProgramData\Spyware Terminator
2011-10-17 17:55:57 ----D---- C:\Program Files\Spyware Terminator
2011-10-17 13:33:53 ----A---- C:\log.txt - poslán.txt
2011-10-17 13:33:13 ----A---- C:\log.txt
2011-10-17 13:12:24 ----D---- C:\Program Files\trend micro
2011-10-16 08:50:44 ----D---- C:\Program Files\Sunbelt Software
2011-10-14 04:41:36 ----A---- C:\Windows\system32\mshtmled.dll
2011-10-14 04:41:36 ----A---- C:\Windows\system32\iertutil.dll
2011-10-14 04:41:34 ----A---- C:\Windows\system32\ieui.dll
2011-10-14 04:41:33 ----A---- C:\Windows\system32\wininet.dll
2011-10-14 04:41:33 ----A---- C:\Windows\system32\jscript.dll
2011-10-14 04:41:32 ----A---- C:\Windows\system32\jscript9.dll
2011-10-14 04:41:31 ----A---- C:\Windows\system32\jsproxy.dll
2011-10-14 04:41:30 ----A---- C:\Windows\system32\urlmon.dll
2011-10-14 04:41:30 ----A---- C:\Windows\system32\url.dll
2011-10-14 04:41:29 ----A---- C:\Windows\system32\ieframe.dll
2011-10-14 04:41:24 ----A---- C:\Windows\system32\mshtml.dll
2011-10-13 19:35:38 ----A---- C:\Windows\system32\psisdecd.dll
2011-10-13 19:35:36 ----A---- C:\Windows\system32\win32k.sys
2011-10-13 19:34:54 ----A---- C:\Windows\system32\UIAutomationCore.dll
2011-10-13 19:34:54 ----A---- C:\Windows\system32\oleaut32.dll
2011-10-13 19:34:54 ----A---- C:\Windows\system32\oleacc.dll
2011-10-13 19:34:53 ----A---- C:\Windows\system32\oleaccrc.dll
======List of files/folders modified in the last 1 month======
2011-10-28 09:47:58 ----D---- C:\Windows\Prefetch
2011-10-28 09:44:40 ----D---- C:\Users\lubos\AppData\Roaming\uTorrent
2011-10-28 09:29:52 ----D---- C:\Windows\System32
2011-10-28 09:29:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-10-28 09:29:51 ----D---- C:\Windows\inf
2011-10-28 09:23:06 ----D---- C:\Windows
2011-10-28 08:53:59 ----D---- C:\Windows\system32\drivers
2011-10-28 08:38:30 ----SHD---- C:\System Volume Information
2011-10-27 23:03:25 ----A---- C:\Windows\NeroDigital.ini
2011-10-27 14:02:46 ----SHD---- C:\Windows\Installer
2011-10-27 13:48:27 ----D---- C:\programy
2011-10-27 13:48:23 ----D---- C:\Windows\Tasks
2011-10-27 13:45:39 ----D---- C:\Windows\system32\Tasks
2011-10-26 16:44:54 ----A---- C:\Windows\system.ini
2011-10-26 16:38:48 ----D---- C:\Windows\AppPatch
2011-10-26 16:38:44 ----D---- C:\Program Files\Common Files
2011-10-26 15:34:31 ----D---- C:\Windows\Panther
2011-10-26 15:33:22 ----HD---- C:\Windows\system32\asam
2011-10-26 08:48:02 ----D---- C:\ProgramData
2011-10-24 21:13:06 ----D---- C:\Users\lubos\AppData\Roaming\Skype
2011-10-24 18:20:54 ----D---- C:\Users\lubos\AppData\Roaming\skypePM
2011-10-22 20:30:26 ----D---- C:\Windows\system32\catroot2
2011-10-22 11:48:07 ----D---- C:\Acer
2011-10-22 11:47:10 ----D---- C:\luba
2011-10-18 18:04:30 ----D---- C:\Program Files\Kouzelny morsky svet 2 - Okolo sveta
2011-10-18 18:04:00 ----RD---- C:\Program Files
2011-10-18 18:03:38 ----D---- C:\Program Files\Auta snu
2011-10-18 18:02:02 ----RD---- C:\Program Files\Skype
2011-10-18 17:56:45 ----D---- C:\Program Files\Mozilla Firefox
2011-10-17 19:39:56 ----D---- C:\Program Files\Winferno
2011-10-17 14:34:07 ----D---- C:\Program Files\Zrychleni Pocitace
2011-10-16 08:51:06 ----D---- C:\Windows\system32\catroot
2011-10-14 06:52:11 ----D---- C:\Windows\Microsoft.NET
2011-10-14 06:52:08 ----RSD---- C:\Windows\assembly
2011-10-14 05:11:21 ----D---- C:\Windows\winsxs
2011-10-14 05:09:21 ----D---- C:\Windows\Debug
2011-10-14 05:07:06 ----D---- C:\Windows\rescache
2011-10-14 04:46:49 ----D---- C:\Windows\system32\migration
2011-10-14 04:46:49 ----D---- C:\Program Files\Internet Explorer
2011-10-14 04:46:48 ----D---- C:\Windows\system32\cs-CZ
2011-10-14 04:46:48 ----D---- C:\Program Files\Windows Mail
2011-10-14 04:42:29 ----A---- C:\Windows\system32\mrt.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-09-06 691696]
R0 UBHelper;UBHelper; C:\Windows\system32\drivers\UBHelper.sys [2008-01-31 13824]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-09-06 34392]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-09-06 442200]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-09-06 320856]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-09-06 52568]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-01-01 26024]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2011-06-21 32768]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-09-06 20568]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-09-06 54616]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2008-03-21 15392]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2008-01-21 95744]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-20 12672]
R2 regi;regi; C:\Windows\system32\drivers\regi.sys [2007-04-17 11032]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-11-29 8192]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-07-09 3848192]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-03-28 210432]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-03 21264]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-05-21 2143136]
R3 NETw5v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-04-28 3658752]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-31 14848]
R3 O2MDRDR;O2MDRDR; C:\Windows\system32\DRIVERS\o2media.sys [2008-04-15 51160]
R3 O2SDRDR;O2SDRDR; C:\Windows\system32\DRIVERS\o2sd.sys [2008-04-08 43736]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-02-22 198064]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 azhodmdm;azhodmdm; C:\Windows\system32\drivers\azhodmdm.sys []
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-12-22 985600]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-12-22 207360]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 23424]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 102912]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 101120]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\Windows\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NSCIRDA;NSC Infrared Device Driver; C:\Windows\system32\DRIVERS\nscirda.sys [2008-01-21 30720]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 TpChoice;Touch Pad Detection Filter driver; C:\Windows\system32\DRIVERS\TpChoice.sys [2007-12-26 17968]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-12-22 659968]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-07-09 692224]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-09-06 44768]
R2 BcmSqlStartupSvc;Služba spouštění serveru SQL Server aplikace Business Contact Manager; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-02-12 440872]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-03-21 24576]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-12-06 110592]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-06 50424]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-04 131072]
R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe [2007-02-13 65536]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files\Spyware Terminator\st_rsser.exe [2011-09-28 482992]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-11-29 386560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 PCSpeedUpService;PCSpeedUp Service; C:\Program Files\Zrychleni Pocitace\PCSpeedUpService.exe []
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe []
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe []
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2006-04-14 28933976]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2006-04-14 87840]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2006-04-14 240416]
-----------------EOF-----------------
vše uděláno a posílám nový log
Logfile of random's system information tool 1.09 (written by random/random)
Run by lubos at 2011-10-28 09:47:47
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 14 GB (9%) free of 147 GB
Total RAM: 3066 MB (64% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:47:58, on 28.10.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\lubos\Desktop\RSIT.exe
C:\Program Files\trend micro\lubos.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60747
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60747
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60747
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: &Crawler Toolbar Helper - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: &Crawler Toolbar Helper - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: (no name) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - (no file)
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\lubos\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\listicka.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - (no file)
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\toolbar\toolbar.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SpywareTerminatorShield] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
O4 - HKLM\..\Run: [SpywareTerminatorUpdater] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\programy\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - (no file)
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Unknown owner - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: PCSpeedUp Service (PCSpeedUpService) - Unknown owner - C:\Program Files\Zrychleni Pocitace\PCSpeedUpService.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files\Spyware Terminator\st_rsser.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 10277 bytes
=========Mozilla firefox=========
ProfilePath - C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default
prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://searchrise.com?hl=cs&fh="
prefs.js - "extensions.enabledItems" - "Cetrumcz@igeared:1.202.012.001, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778, {a1e75a0e-4397-4ba8-bb50-e19fb66890f4}:3.2.5.2, {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9, {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.2.1, {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1, engine@conduit.com:3.2.5.2, {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.2.5.2, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15"
prefs.js - "keyword.URL" - "http://www.crawler.com/search/dispatche ... 60747&qkw="
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}"=C:\Program Files\Crawler\Toolbar\firefox\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
GoogleDesktopMozilla.dll
GoogleDesktopMozillaStub.js
GoogleDesktopMozillaStub.xpt
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
Cetrumcz_igeared.xml
crawlersrch.xml
google.xml
googledesktop.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\extensions\
engine@conduit.com
{20a82645-c095-46ed-80e3-08825760534b}
{32a1fd71-835e-4b11-8e54-886fda0b4c89}
{699661f3-1e3b-4129-831b-cd5660cdc72e}
{800b5000-a755-47e1-992b-48a1c1357f07}
{8445d605-e889-9c78-e3f4-c579193cb55f}
{872b5b88-9db5-4310-bdd0-ac189557e5f5}
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\
conduit.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.gif
icqplugin.src
icqplugin.xml
qip-search.xml
search.xml
searchhub.xml
searchrise.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
&Crawler Toolbar Helper - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2011-09-12 1237240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Users\lubos\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2010-08-12 149968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Lištička - C:\Program Files\Seznam.cz\listicka.dll [2011-03-15 2201600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0BF43445-2F28-4351-9252-17FE6E806AA0}
{D5D47440-0750-463D-BAEF-A47D02414806}
{BFC32E1D-EE75-4A48-BC60-104E11EE2431}
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]
{1EA00BE1-6E54-4E2A-8099-680300BF23E1} - Nástroje Lištičky - C:\Program Files\Seznam.cz\toolbar\toolbar.dll [2011-03-10 183808]
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler Toolbar - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2011-09-12 1237240]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-09-06 3722416]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"SpywareTerminatorShield"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2011-09-28 2775728]
"SpywareTerminatorUpdater"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2011-09-28 3609776]
"Malwarebytes' Anti-Malware (reboot)"=C:\programy\Malwarebytes' Anti-Malware\mbam.exe [2010-11-29 963976]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2011-02-09 395640]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2011-10-28 09:47:47 ----D---- C:\rsit
2011-10-28 08:50:32 ----SD---- C:\32788R22FWJFW
2011-10-26 16:52:56 ----D---- C:\Windows\temp
2011-10-26 16:47:29 ----SHD---- C:\$RECYCLE.BIN
2011-10-26 08:48:11 ----D---- C:\Users\lubos\AppData\Roaming\Malwarebytes
2011-10-26 08:48:03 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2011-10-26 08:48:02 ----D---- C:\ProgramData\Malwarebytes
2011-10-26 08:47:58 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-10-17 18:00:54 ----D---- C:\Program Files\Crawler
2011-10-17 18:00:32 ----A---- C:\Windows\system32\drivers\sp_rsdrv2.sys
2011-10-17 18:00:31 ----D---- C:\Users\lubos\AppData\Roaming\Spyware Terminator
2011-10-17 18:00:31 ----D---- C:\ProgramData\Spyware Terminator
2011-10-17 17:55:57 ----D---- C:\Program Files\Spyware Terminator
2011-10-17 13:33:53 ----A---- C:\log.txt - poslán.txt
2011-10-17 13:33:13 ----A---- C:\log.txt
2011-10-17 13:12:24 ----D---- C:\Program Files\trend micro
2011-10-16 08:50:44 ----D---- C:\Program Files\Sunbelt Software
2011-10-14 04:41:36 ----A---- C:\Windows\system32\mshtmled.dll
2011-10-14 04:41:36 ----A---- C:\Windows\system32\iertutil.dll
2011-10-14 04:41:34 ----A---- C:\Windows\system32\ieui.dll
2011-10-14 04:41:33 ----A---- C:\Windows\system32\wininet.dll
2011-10-14 04:41:33 ----A---- C:\Windows\system32\jscript.dll
2011-10-14 04:41:32 ----A---- C:\Windows\system32\jscript9.dll
2011-10-14 04:41:31 ----A---- C:\Windows\system32\jsproxy.dll
2011-10-14 04:41:30 ----A---- C:\Windows\system32\urlmon.dll
2011-10-14 04:41:30 ----A---- C:\Windows\system32\url.dll
2011-10-14 04:41:29 ----A---- C:\Windows\system32\ieframe.dll
2011-10-14 04:41:24 ----A---- C:\Windows\system32\mshtml.dll
2011-10-13 19:35:38 ----A---- C:\Windows\system32\psisdecd.dll
2011-10-13 19:35:36 ----A---- C:\Windows\system32\win32k.sys
2011-10-13 19:34:54 ----A---- C:\Windows\system32\UIAutomationCore.dll
2011-10-13 19:34:54 ----A---- C:\Windows\system32\oleaut32.dll
2011-10-13 19:34:54 ----A---- C:\Windows\system32\oleacc.dll
2011-10-13 19:34:53 ----A---- C:\Windows\system32\oleaccrc.dll
======List of files/folders modified in the last 1 month======
2011-10-28 09:47:58 ----D---- C:\Windows\Prefetch
2011-10-28 09:44:40 ----D---- C:\Users\lubos\AppData\Roaming\uTorrent
2011-10-28 09:29:52 ----D---- C:\Windows\System32
2011-10-28 09:29:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-10-28 09:29:51 ----D---- C:\Windows\inf
2011-10-28 09:23:06 ----D---- C:\Windows
2011-10-28 08:53:59 ----D---- C:\Windows\system32\drivers
2011-10-28 08:38:30 ----SHD---- C:\System Volume Information
2011-10-27 23:03:25 ----A---- C:\Windows\NeroDigital.ini
2011-10-27 14:02:46 ----SHD---- C:\Windows\Installer
2011-10-27 13:48:27 ----D---- C:\programy
2011-10-27 13:48:23 ----D---- C:\Windows\Tasks
2011-10-27 13:45:39 ----D---- C:\Windows\system32\Tasks
2011-10-26 16:44:54 ----A---- C:\Windows\system.ini
2011-10-26 16:38:48 ----D---- C:\Windows\AppPatch
2011-10-26 16:38:44 ----D---- C:\Program Files\Common Files
2011-10-26 15:34:31 ----D---- C:\Windows\Panther
2011-10-26 15:33:22 ----HD---- C:\Windows\system32\asam
2011-10-26 08:48:02 ----D---- C:\ProgramData
2011-10-24 21:13:06 ----D---- C:\Users\lubos\AppData\Roaming\Skype
2011-10-24 18:20:54 ----D---- C:\Users\lubos\AppData\Roaming\skypePM
2011-10-22 20:30:26 ----D---- C:\Windows\system32\catroot2
2011-10-22 11:48:07 ----D---- C:\Acer
2011-10-22 11:47:10 ----D---- C:\luba
2011-10-18 18:04:30 ----D---- C:\Program Files\Kouzelny morsky svet 2 - Okolo sveta
2011-10-18 18:04:00 ----RD---- C:\Program Files
2011-10-18 18:03:38 ----D---- C:\Program Files\Auta snu
2011-10-18 18:02:02 ----RD---- C:\Program Files\Skype
2011-10-18 17:56:45 ----D---- C:\Program Files\Mozilla Firefox
2011-10-17 19:39:56 ----D---- C:\Program Files\Winferno
2011-10-17 14:34:07 ----D---- C:\Program Files\Zrychleni Pocitace
2011-10-16 08:51:06 ----D---- C:\Windows\system32\catroot
2011-10-14 06:52:11 ----D---- C:\Windows\Microsoft.NET
2011-10-14 06:52:08 ----RSD---- C:\Windows\assembly
2011-10-14 05:11:21 ----D---- C:\Windows\winsxs
2011-10-14 05:09:21 ----D---- C:\Windows\Debug
2011-10-14 05:07:06 ----D---- C:\Windows\rescache
2011-10-14 04:46:49 ----D---- C:\Windows\system32\migration
2011-10-14 04:46:49 ----D---- C:\Program Files\Internet Explorer
2011-10-14 04:46:48 ----D---- C:\Windows\system32\cs-CZ
2011-10-14 04:46:48 ----D---- C:\Program Files\Windows Mail
2011-10-14 04:42:29 ----A---- C:\Windows\system32\mrt.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-09-06 691696]
R0 UBHelper;UBHelper; C:\Windows\system32\drivers\UBHelper.sys [2008-01-31 13824]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-09-06 34392]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-09-06 442200]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-09-06 320856]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-09-06 52568]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-01-01 26024]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2011-06-21 32768]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-09-06 20568]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-09-06 54616]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2008-03-21 15392]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2008-01-21 95744]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-20 12672]
R2 regi;regi; C:\Windows\system32\drivers\regi.sys [2007-04-17 11032]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-11-29 8192]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-07-09 3848192]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-03-28 210432]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-03 21264]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-05-21 2143136]
R3 NETw5v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-04-28 3658752]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-31 14848]
R3 O2MDRDR;O2MDRDR; C:\Windows\system32\DRIVERS\o2media.sys [2008-04-15 51160]
R3 O2SDRDR;O2SDRDR; C:\Windows\system32\DRIVERS\o2sd.sys [2008-04-08 43736]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-02-22 198064]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 azhodmdm;azhodmdm; C:\Windows\system32\drivers\azhodmdm.sys []
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-12-22 985600]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-12-22 207360]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 23424]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 102912]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 101120]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\Windows\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NSCIRDA;NSC Infrared Device Driver; C:\Windows\system32\DRIVERS\nscirda.sys [2008-01-21 30720]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 TpChoice;Touch Pad Detection Filter driver; C:\Windows\system32\DRIVERS\TpChoice.sys [2007-12-26 17968]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-12-22 659968]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-07-09 692224]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-09-06 44768]
R2 BcmSqlStartupSvc;Služba spouštění serveru SQL Server aplikace Business Contact Manager; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-02-12 440872]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-03-21 24576]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-12-06 110592]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-06 50424]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-04 131072]
R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe [2007-02-13 65536]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files\Spyware Terminator\st_rsser.exe [2011-09-28 482992]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-11-29 386560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 PCSpeedUpService;PCSpeedUp Service; C:\Program Files\Zrychleni Pocitace\PCSpeedUpService.exe []
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe []
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe []
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2006-04-14 28933976]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2006-04-14 87840]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2006-04-14 240416]
-----------------EOF-----------------
Smutné je, že hlupáci jsou tak sebejistí a lidé moudří tak plni pochybností.
Bertrand Russell
Bertrand Russell
Re: prosím o kontrolu logu
Počítač se mi zdá lepší, děkuji moc za pomoc. Ještě ten zone alarm doinstaluji, odinstaluji terminatora a sunbelt...
jen mi přijde divné, pokud jsme dobře viděla, byli tady trojský koně, že nám to po přejetí terminatora a avastu nic neukázalo
jen mi přijde divné, pokud jsme dobře viděla, byli tady trojský koně, že nám to po přejetí terminatora a avastu nic neukázalo
Smutné je, že hlupáci jsou tak sebejistí a lidé moudří tak plni pochybností.
Bertrand Russell
Bertrand Russell
Re: prosím o kontrolu logu
Tuto složku znáte?
C:\luba
C:\luba
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: prosím o kontrolu logu
jj, to je manželova složka
Smutné je, že hlupáci jsou tak sebejistí a lidé moudří tak plni pochybností.
Bertrand Russell
Bertrand Russell
Re: prosím o kontrolu logu
Můžu ještě něco zkusit?
Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:
- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde
Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:
Kód: Vybrat vše
netsvcs
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
/md5start
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
hal.dll
logevent.dll
netlogon.dll
ntelogon.dll
scecli.dll
sceclt.dll
ws2_32.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
cdrom.sys
Changer.sys
fastfat.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
mv61xx.sys
ndis.sys
ntfs.sys
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
symmpi.sys
tcpip.sys
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
/md5stop
C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: prosím o kontrolu logu
jj určitě, jdu na to
Smutné je, že hlupáci jsou tak sebejistí a lidé moudří tak plni pochybností.
Bertrand Russell
Bertrand Russell
Re: prosím o kontrolu logu
OTL logfile created on: 29.10.2011 10:21:06 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\lubos\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,99 Gb Total Physical Memory | 1,70 Gb Available Physical Memory | 56,70% Memory free
6,19 Gb Paging File | 4,90 Gb Available in Paging File | 79,18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 143,18 Gb Total Space | 12,92 Gb Free Space | 9,02% Space Free | Partition Type: NTFS
Drive D: | 143,18 Gb Total Space | 25,62 Gb Free Space | 17,89% Space Free | Partition Type: NTFS
Drive K: | 596,02 Gb Total Space | 157,28 Gb Free Space | 26,39% Space Free | Partition Type: FAT32
Computer Name: LUBOS-PC | User Name: lubos | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.10.29 10:18:43 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\lubos\Desktop\OTL.exe
PRC - [2011.10.18 17:56:43 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.09.28 03:09:56 | 000,482,992 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\st_rsser.exe
PRC - [2011.09.28 03:09:50 | 003,609,776 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
PRC - [2011.09.28 03:09:40 | 002,775,728 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
PRC - [2011.09.06 22:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011.09.06 22:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.02.09 17:31:16 | 000,395,640 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.03.21 13:22:52 | 000,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
PRC - [2008.01.16 10:26:38 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007.12.06 16:15:28 | 000,110,592 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe
PRC - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007.02.13 02:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
PRC - [2007.01.04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
========== Modules (No Company Name) ==========
MOD - [2011.10.18 17:56:42 | 001,833,944 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011.09.27 14:25:46 | 000,076,800 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCoreGecko7.dll
MOD - [2011.03.29 04:42:43 | 006,053,536 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2010.03.15 11:28:24 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008.07.09 09:26:04 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (PCSpeedUpService)
SRV - File not found [On_Demand | Stopped] -- -- (gusvc)
SRV - File not found [On_Demand | Stopped] -- -- (GoogleDesktopManager-051210-111108)
SRV - [2011.09.28 03:09:56 | 000,482,992 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\st_rsser.exe -- (ST2012_Svc)
SRV - [2011.09.06 22:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2008.03.21 13:22:52 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.16 10:26:38 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007.12.06 16:15:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)
SRV - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007.02.13 02:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)
SRV - [2007.01.04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
========== Driver Services (SafeList) ==========
DRV - [2011.09.06 22:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.09.06 22:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.09.06 22:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.09.06 22:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.09.06 22:36:26 | 000,054,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011.09.06 22:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.06.21 11:24:06 | 000,032,768 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2010.09.06 13:22:46 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.12.15 14:05:42 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.12.15 14:05:42 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009.12.15 14:05:42 | 000,023,424 | ---- | M] (Huawei Tech. Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewdcsc.sys -- (Huawei)
DRV - [2008.07.09 10:46:38 | 003,848,192 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.04.28 16:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Ovladač adaptéru Intel(R)
DRV - [2008.04.15 20:13:14 | 000,051,160 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2media.sys -- (O2MDRDR)
DRV - [2008.04.08 20:46:02 | 000,043,736 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2sd.sys -- (O2SDRDR)
DRV - [2008.03.21 10:48:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2007.12.26 08:23:10 | 000,017,968 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TpChoice.sys -- (TpChoice)
DRV - [2007.04.17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2006.11.29 02:44:52 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2005.02.11 11:19:20 | 000,055,216 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-465257137-3806693963-3011938715-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-465257137-3806693963-3011938715-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60747
IE - HKU\S-1-5-21-465257137-3806693963-3011938715-1003\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-465257137-3806693963-3011938715-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-465257137-3806693963-3011938715-1003\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
IE - HKU\S-1-5-21-465257137-3806693963-3011938715-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: " "
FF - prefs.js..browser.search.order.1: "Crawler Search"
FF - prefs.js..browser.search.selectedEngine: "Searchrise"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://searchrise.com?hl=cs&fh="
FF - prefs.js..extensions.enabledItems: Cetrumcz@igeared:1.202.012.001
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4}:3.2.5.2
FF - prefs.js..extensions.enabledItems: {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.2.1
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.2.5.2
FF - prefs.js..keyword.URL: "http://www.crawler.com/search/dispatche ... 60747&qkw="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\Toolbar\firefox\ [2011.10.17 18:01:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.10.18 17:56:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.10.27 14:02:19 | 000,000,000 | ---D | M]
[2010.06.04 16:22:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lubos\AppData\Roaming\Mozilla\Extensions
[2011.10.21 04:47:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\extensions
[2010.06.25 07:21:46 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.10.04 12:54:57 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
[2011.06.05 15:11:37 | 000,000,000 | ---D | M] (Trendster Toolbar) -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\extensions\{699661f3-1e3b-4129-831b-cd5660cdc72e}
[2011.09.28 23:19:49 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.06.05 15:11:37 | 000,000,000 | ---D | M] (Safe Browse) -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\extensions\{8445d605-e889-9c78-e3f4-c579193cb55f}
[2011.09.28 23:19:54 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2011.09.28 23:19:58 | 000,000,000 | ---D | M] (MyAshampoo Community Toolbar) -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
[2011.09.22 20:24:14 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011.10.21 04:48:00 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2011.03.25 12:44:18 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\extensions\engine@conduit.com
[2011.02.09 17:32:14 | 000,000,863 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\conduit.xml
[2011.10.22 13:53:41 | 000,000,950 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\icqplugin-1.xml
[2011.09.02 15:34:14 | 000,000,950 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\icqplugin-10.xml
[2011.09.08 04:38:48 | 000,000,950 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\icqplugin-11.xml
[2011.10.17 18:16:04 | 000,000,950 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\icqplugin-12.xml
[2010.11.20 12:34:06 | 000,000,950 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\icqplugin-2.xml
[2010.12.10 11:38:46 | 000,000,950 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\icqplugin-3.xml
[2011.02.09 19:53:12 | 000,000,950 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\icqplugin-4.xml
[2011.03.23 17:59:33 | 000,000,950 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\icqplugin-5.xml
[2011.03.24 05:51:39 | 000,000,950 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\icqplugin-6.xml
[2011.04.30 05:43:33 | 000,000,950 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\icqplugin-7.xml
[2011.07.04 09:24:48 | 000,000,950 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\icqplugin-8.xml
[2011.08.23 10:10:22 | 000,000,950 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\icqplugin-9.xml
[2011.09.25 17:27:46 | 000,000,168 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\icqplugin.gif
[2011.09.25 17:27:46 | 000,000,618 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\icqplugin.src
[2010.11.04 19:52:45 | 000,001,056 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\icqplugin.xml
[2010.10.05 19:51:31 | 000,002,062 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\qip-search.xml
[2011.07.21 13:56:03 | 000,002,376 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\search.xml
[2011.06.06 07:34:29 | 000,001,800 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\searchhub.xml
[2011.06.06 07:34:28 | 000,002,150 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\searchrise.xml
[2011.10.18 18:02:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.03.25 12:42:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2011.03.25 12:42:50 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2011.10.18 17:56:44 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.02.12 00:11:32 | 000,001,425 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Cetrumcz_igeared.xml
[2009.09.21 12:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\crawlersrch.xml
[2011.10.18 17:56:38 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.10.18 17:56:38 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.10.18 17:56:38 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.10.18 17:56:38 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.10.18 17:56:38 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
O1 HOSTS File: ([2011.07.26 11:19:45 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (&Crawler Toolbar Helper) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O2 - BHO: (no name) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - No CLSID value found.
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\lubos\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No CLSID value found.
O2 - BHO: (Lištička) - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\listicka.dll ()
O2 - BHO: (no name) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Nástroje Lištičky) - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\toolbar\toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Conduit EngineĀky) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKLM\..\Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O3 - HKU\S-1-5-21-465257137-3806693963-3011938715-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-465257137-3806693963-3011938715-1003\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-465257137-3806693963-3011938715-1003\..\Toolbar\WebBrowser: (Nástroje Lištičky) - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - C:\Program Files\Seznam.cz\listicka.dll ()
O3 - HKU\S-1-5-21-465257137-3806693963-3011938715-1003\..\Toolbar\WebBrowser: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\programy\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SpywareTerminatorShield] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
O4 - HKLM..\Run: [SpywareTerminatorUpdater] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKU\S-1-5-21-465257137-3806693963-3011938715-1003..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-465257137-3806693963-3011938715-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-465257137-3806693963-3011938715-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Crawler Search - tbr:iemenu File not found
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O9 - Extra Button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra Button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - Reg Error: Key error. File not found
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O15 - HKU\S-1-5-21-465257137-3806693963-3011938715-1003\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-465257137-3806693963-3011938715-1003\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 82.114.192.15 82.114.192.6
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D09053C7-4852-47A0-8CE9-9156DFE3EC9F}: DhcpNameServer = 82.114.192.15 82.114.192.6
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\lubos\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\lubos\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2011.10.29 10:18:28 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\lubos\Desktop\OTL.exe
[2011.10.28 09:47:47 | 000,000,000 | ---D | C] -- C:\rsit
[2011.10.28 08:50:32 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2011.10.26 16:52:56 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011.10.26 16:47:29 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011.10.26 08:48:11 | 000,000,000 | ---D | C] -- C:\Users\lubos\AppData\Roaming\Malwarebytes
[2011.10.26 08:48:03 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.10.26 08:48:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.10.26 08:48:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.10.26 08:47:58 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.10.26 08:45:15 | 007,622,112 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\lubos\Desktop\mbam-setup.exe
[2011.10.24 16:48:21 | 000,000,000 | ---D | C] -- C:\Users\lubos\Desktop\kočár
[2011.10.17 18:01:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crawler lišta
[2011.10.17 18:00:54 | 000,000,000 | ---D | C] -- C:\Program Files\Crawler
[2011.10.17 18:00:31 | 000,000,000 | ---D | C] -- C:\Users\lubos\AppData\Roaming\Spyware Terminator
[2011.10.17 18:00:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator
[2011.10.17 18:00:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
[2011.10.17 17:55:57 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Terminator
[2011.10.17 13:12:24 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.10.16 08:50:44 | 000,000,000 | ---D | C] -- C:\Program Files\Sunbelt Software
[2011.10.14 04:41:37 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.10.14 04:41:34 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.10.14 04:41:32 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.10.14 04:41:31 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.10.14 04:41:30 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.10.13 19:35:38 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011.10.13 19:35:38 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011.10.13 19:35:38 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2011.10.13 19:35:38 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2011.10.13 19:35:36 | 002,043,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.10.13 19:34:54 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2011.10.13 19:34:53 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2011.10.08 15:50:09 | 000,000,000 | ---D | C] -- C:\Users\lubos\Desktop\foto hadry
[2011.10.01 09:21:20 | 000,000,000 | ---D | C] -- C:\Users\lubos\Desktop\V...ce
[2010.06.11 11:31:36 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\lubos\AppData\Roaming\pcouffin.sys
[2010.06.04 23:06:04 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
========== Files - Modified Within 30 Days ==========
[2011.10.29 10:28:32 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.10.29 10:18:43 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\lubos\Desktop\OTL.exe
[2011.10.29 09:45:03 | 000,136,192 | ---- | M] () -- C:\Users\lubos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.10.29 09:38:31 | 000,654,172 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.10.29 09:38:31 | 000,642,704 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.10.29 09:38:31 | 000,135,618 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.10.29 09:38:31 | 000,121,592 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.10.29 08:35:59 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2011.10.29 08:35:44 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.10.29 08:35:44 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.10.29 08:35:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.10.29 08:35:23 | 3213,881,344 | -HS- | M] () -- C:\hiberfil.sys
[2011.10.28 22:58:56 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.10.28 09:47:00 | 000,781,383 | ---- | M] () -- C:\Users\lubos\Desktop\RSIT.exe
[2011.10.28 09:23:31 | 000,378,264 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.10.27 23:03:25 | 000,000,049 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2011.10.26 08:48:04 | 000,000,791 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.10.26 08:45:33 | 007,622,112 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\lubos\Desktop\mbam-setup.exe
[2011.10.25 13:57:13 | 029,205,028 | ---- | M] () -- C:\Users\lubos\Desktop\tulip.zip
[2011.10.25 13:42:11 | 018,419,950 | ---- | M] () -- C:\Users\lubos\Desktop\elegant.zip
[2011.10.24 14:50:12 | 000,051,365 | ---- | M] () -- C:\Users\lubos\Desktop\tomáš komplet 1.jpg
[2011.10.18 18:19:48 | 006,483,607 | ---- | M] () -- C:\Users\lubos\Desktop\Ccleaner www.pdf
[2011.10.17 18:00:26 | 000,000,851 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
[2011.10.14 12:31:15 | 000,066,712 | ---- | M] () -- C:\Users\lubos\Desktop\b42658607.jpg
========== Files Created - No Company Name ==========
[2011.10.29 10:28:32 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.10.28 09:46:59 | 000,781,383 | ---- | C] () -- C:\Users\lubos\Desktop\RSIT.exe
[2011.10.26 08:48:04 | 000,000,791 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.10.25 13:57:13 | 029,205,028 | ---- | C] () -- C:\Users\lubos\Desktop\tulip.zip
[2011.10.25 13:42:10 | 018,419,950 | ---- | C] () -- C:\Users\lubos\Desktop\elegant.zip
[2011.10.24 14:50:12 | 000,051,365 | ---- | C] () -- C:\Users\lubos\Desktop\tomáš komplet 1.jpg
[2011.10.18 18:19:47 | 006,483,607 | ---- | C] () -- C:\Users\lubos\Desktop\Ccleaner www.pdf
[2011.10.17 18:00:32 | 000,032,768 | ---- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
[2011.10.17 18:00:26 | 000,000,851 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
[2011.10.14 12:31:07 | 000,066,712 | ---- | C] () -- C:\Users\lubos\Desktop\b42658607.jpg
[2011.09.03 16:20:15 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011.02.22 13:43:23 | 000,000,000 | ---- | C] () -- C:\Windows\Infob.dat
[2011.02.22 13:43:23 | 000,000,000 | ---- | C] () -- C:\Windows\Infoa.dat
[2011.02.18 10:03:00 | 000,002,080 | ---- | C] () -- C:\Program Files\Uninstall.ini
[2011.02.13 10:29:23 | 000,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011.01.22 18:55:27 | 000,000,680 | ---- | C] () -- C:\Users\lubos\AppData\Local\d3d9caps.dat
[2010.12.19 07:40:01 | 000,000,270 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010.12.17 19:20:51 | 000,000,695 | ---- | C] () -- C:\Windows\System32\psusr.ini
[2010.11.20 10:15:09 | 000,000,034 | ---- | C] () -- C:\Windows\WTRDCTM.INI
[2010.11.12 13:59:24 | 000,000,077 | ---- | C] () -- C:\Windows\System32\winitn.dll
[2010.11.12 13:59:09 | 000,000,001 | ---- | C] () -- C:\Windows\sslzdlt.dll
[2010.11.12 13:59:07 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2010.10.04 13:36:03 | 000,000,043 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.10.04 12:58:35 | 000,000,014 | ---- | C] () -- C:\Windows\System32\systeminfo3.dll
[2010.10.04 12:58:23 | 000,081,920 | ---- | C] () -- C:\Users\lubos\AppData\Roaming\ezpinst.exe
[2010.06.25 21:07:55 | 000,000,552 | ---- | C] () -- C:\Users\lubos\AppData\Local\d3d8caps.dat
[2010.06.25 18:12:13 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.06.11 11:32:04 | 000,001,057 | ---- | C] () -- C:\Users\lubos\AppData\Roaming\vso_ts_preview.xml
[2010.06.11 11:31:36 | 000,007,887 | ---- | C] () -- C:\Users\lubos\AppData\Roaming\pcouffin.cat
[2010.06.11 11:31:36 | 000,001,144 | ---- | C] () -- C:\Users\lubos\AppData\Roaming\pcouffin.inf
[2010.06.08 11:48:26 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.06.06 07:28:35 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010.06.06 07:28:35 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010.06.06 01:39:25 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010.06.05 06:01:16 | 000,136,192 | ---- | C] () -- C:\Users\lubos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.04 22:55:35 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2010.06.04 22:54:49 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2010.06.04 22:54:49 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2010.06.04 22:54:48 | 000,174,819 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010.06.04 22:54:48 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2010.06.04 16:22:09 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.06.04 13:38:56 | 000,204,800 | ---- | C] () -- C:\Windows\System32\SysHook.dll
[2010.06.04 13:32:26 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2010.06.04 13:32:26 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2010.06.04 13:32:26 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2010.06.04 13:26:01 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2010.06.04 13:26:01 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2010.06.04 13:26:01 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2010.06.04 13:26:01 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2010.06.04 13:23:09 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2010.06.04 13:12:35 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.01.07 21:24:12 | 000,074,330 | ---- | C] () -- C:\Program Files\Uninstall.exe
[2008.05.20 06:12:32 | 000,286,912 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2008.05.20 06:12:31 | 000,654,172 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2008.05.20 06:12:31 | 000,135,618 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2008.05.20 06:12:31 | 000,034,724 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2008.05.19 20:35:20 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008.05.19 20:31:40 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2008.05.19 20:31:40 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008.05.07 09:26:05 | 000,872,448 | ---- | C] () -- C:\Windows\iconv.dll
[2008.05.07 09:26:05 | 000,743,424 | ---- | C] () -- C:\Windows\libxml2.dll
[2008.05.07 09:26:04 | 000,000,040 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,378,264 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,642,704 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,121,592 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2001.12.26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001.11.14 12:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[2001.09.03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001.07.30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
========== LOP Check ==========
[2011.07.14 16:02:21 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Ashampoo
[2011.02.20 16:23:13 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Babylonia
[2011.09.03 16:20:11 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\BlamGames
[2011.07.21 11:04:54 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Broad Intelligence
[2011.07.15 16:05:42 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Canneverbe Limited
[2010.09.06 13:28:53 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\DAEMON Tools Lite
[2010.11.20 11:40:35 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.08.10 12:27:56 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\ERS G-Studio
[2011.07.04 19:42:27 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\ICQ
[2010.06.08 11:48:31 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\InterVideo
[2010.12.13 17:11:57 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\LangSoft
[2010.07.08 11:06:44 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Mount&Blade
[2011.08.04 23:54:07 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Mount&Blade Warband
[2011.07.21 11:05:51 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Movier
[2011.07.20 12:36:22 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\OpenCandy
[2011.04.09 21:50:13 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Opera
[2011.03.24 14:40:49 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\PhotoFiltre Studio X
[2011.01.10 05:39:47 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Rapid Software
[2011.10.17 18:00:31 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Spyware Terminator
[2011.06.27 20:08:03 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Telefónica Móviles
[2011.10.29 10:35:59 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\uTorrent
[2011.07.23 12:37:54 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Vso
[2011.10.28 22:58:57 | 000,032,542 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"uTorrent" = "C:\Program Files\uTorrent\uTorrent.exe" -- [2011.02.09 17:31:16 | 000,395,640 | ---- | M] (BitTorrent, Inc.)
< >
< MD5 for: AGP440.SYS >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2008.03.12 08:38:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys
[2008.03.12 08:38:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.03.12 08:24:20 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.21 04:24:45 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
< MD5 for: CDROM.SYS >
[2008.01.21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2008.01.21 04:24:35 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\System32\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
< MD5 for: CSRSS.EXE >
[2008.01.21 04:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\System32\csrss.exe
[2008.01.21 04:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.0.6001.18000_none_58e3e3d7e415ae4c\csrss.exe
< MD5 for: EXPLORER.EXE >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 04:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: FASTFAT.SYS >
[2009.04.11 06:13:52 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=1E9B9A70D332103C52995E957DC09EF8 -- C:\Windows\System32\drivers\fastfat.sys
[2009.04.11 06:13:52 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=1E9B9A70D332103C52995E957DC09EF8 -- C:\Windows\winsxs\x86_microsoft-windows-fat_31bf3856ad364e35_6.0.6002.18005_none_b09ea48c5485f42b\fastfat.sys
[2008.01.21 04:24:13 | 000,143,360 | ---- | M] (Microsoft Corporation) MD5=3C489390C2E2064563727752AF8EAB9E -- C:\Windows\winsxs\x86_microsoft-windows-fat_31bf3856ad364e35_6.0.6001.18000_none_aeb32b80576428df\fastfat.sys
< MD5 for: HAL.DLL >
[2009.04.11 08:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll
< MD5 for: IASTORV.SYS >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008.01.21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\drivers\isapnp.sys
[2008.01.21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\isapnp.sys
[2008.01.21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008.01.21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2008.01.21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.06.15 14:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009.09.10 16:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\System32\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009.02.13 09:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2009.06.15 15:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2009.06.15 14:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009.02.13 06:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009.06.15 14:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2009.06.15 15:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009.09.09 13:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009.09.10 16:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008.01.21 04:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008.01.21 04:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2008.01.21 04:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2009.02.13 10:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe
< MD5 for: NDIS.SYS >
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008.01.21 04:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NTFS.SYS >
[2009.04.11 08:32:49 | 001,083,880 | ---- | M] (Společnost Microsoft) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\Windows\System32\drivers\ntfs.sys
[2009.04.11 08:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18005_none_a85ca2c91a0d64df\ntfs.sys
[2008.01.21 04:23:51 | 001,081,912 | ---- | M] (Microsoft Corporation) MD5=B4EFFE29EB4F15538FD8A9681108492D -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6001.18000_none_a67129bd1ceb9993\ntfs.sys
< MD5 for: NVRAID.SYS >
[2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\drivers\nvraid.sys
[2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: SERVICES.EXE >
[2008.01.21 04:24:48 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009.04.11 08:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\System32\services.exe
[2009.04.11 08:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
< MD5 for: SMSS.EXE >
[2008.01.21 04:23:50 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009.04.11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\System32\smss.exe
[2009.04.11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe
< MD5 for: SPOOLSV.EXE >
[2010.08.17 15:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) MD5=3665F79026A3F91FBCA63F2C65A09B19 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe
[2009.04.11 08:28:05 | 000,127,488 | ---- | M] (Microsoft Corporation) MD5=524BFBEA40E6E404737CCBC754647A2E -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe
[2008.01.21 04:24:45 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=846CDF9A3CF4DA9B306ADFB7D55EE4C2 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe
[2010.08.17 16:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\System32\spoolsv.exe
[2010.08.17 16:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe
[2010.08.17 16:20:09 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=AAE98B295E88D439A6E0F6E8929424FB -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe
[2010.08.17 15:27:48 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=E807FC542C295BA256CE3567829E02A6 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe
< MD5 for: SVCHOST.EXE >
[2008.01.21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
< MD5 for: TCPIP.SYS >
[2010.06.04 23:03:15 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009.04.11 08:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2009.08.15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2011.06.17 22:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\System32\drivers\tcpip.sys
[2011.06.17 22:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[2010.02.18 13:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2010.06.16 17:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009.08.14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2011.06.17 22:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[2010.06.16 18:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2010.06.16 17:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2010.06.04 23:03:15 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009.08.14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010.02.18 19:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010.06.16 18:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2010.02.18 16:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2008.01.21 04:25:03 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009.08.14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2_32.DLL >
[2008.01.21 04:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\System32\ws2_32.dll
[2008.01.21 04:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
< >
< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2006.11.02 14:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2008.05.20 06:10:23 | 000,003,584 | ---- | M] (Lexmark International Inc.) -- C:\Windows\System32\spool\prtprocs\w32x86\cs-CZ\LMPRTPRC.DLL.mui
< %systemroot%\system32\drivers\*.sys /5 >
< %systemroot%\system32\drivers\*.sys /X >
[2006.10.19 23:27:24 | 000,000,000 | ---- | M] () -- C:\Windows\system32\drivers\1025_ACER_Extensa5630.mrk
[2008.07.09 08:29:20 | 000,053,248 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\system32\drivers\ati2erec.dll
[2006.08.24 03:26:58 | 000,328,162 | ---- | M] () -- C:\Windows\system32\drivers\ativcaxx.cpa
[2006.08.24 03:26:58 | 000,000,929 | ---- | M] () -- C:\Windows\system32\drivers\ativcaxx.vp
[2007.04.18 18:19:50 | 000,002,096 | ---- | M] () -- C:\Windows\system32\drivers\ativdkxx.vp
[2007.05.30 21:37:38 | 000,002,096 | ---- | M] () -- C:\Windows\system32\drivers\ativokxx.vp
[2007.05.30 21:37:38 | 000,002,096 | ---- | M] () -- C:\Windows\system32\drivers\ativpkxx.vp
[2007.09.09 08:37:08 | 000,052,400 | ---- | M] () -- C:\Windows\system32\drivers\ativvpxx.vp
[2006.09.18 23:26:46 | 003,440,660 | ---- | M] () -- C:\Windows\system32\drivers\gm.dls
[2006.09.18 23:26:46 | 000,000,646 | ---- | M] () -- C:\Windows\system32\drivers\gmreadme.txt
[2006.12.23 01:04:52 | 000,144,201 | ---- | M] () -- C:\Windows\system32\drivers\HSFProf.cty
[2008.01.21 04:23:51 | 000,000,003 | ---- | M] () -- C:\Windows\system32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf
[2010.06.04 13:33:44 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2008.05.07 08:39:58 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_Kernel_TpChoice_01005.Wdf
[2010.06.08 11:32:54 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010.12.06 09:25:42 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2005.06.27 15:29:50 | 000,000,520 | ---- | M] () -- C:\Windows\system32\drivers\RTEQEX0.dat
[2005.06.27 15:29:28 | 000,000,520 | ---- | M] () -- C:\Windows\system32\drivers\RTEQEX1.dat
[2007.07.14 00:11:56 | 000,000,008 | ---- | M] () -- C:\Windows\system32\drivers\rtkhdaud.dat
[2008.01.21 04:23:23 | 000,133,972 | ---- | M] () -- C:\Windows\system32\drivers\VSTDProf.cty
[2008.01.21 04:23:23 | 000,133,528 | ---- | M] () -- C:\Windows\system32\drivers\VSTEProf.cty
[2008.01.21 04:23:22 | 000,141,611 | ---- | M] () -- C:\Windows\system32\drivers\VSTProf.cty
[2008.01.21 04:23:23 | 000,141,572 | ---- | M] () -- C:\Windows\system32\drivers\VSTSProf.cty
[2006.11.29 02:44:58 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\drivers\XAudio.exe
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.09.06 13:22:46 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys
< %systemroot%\system32\*.* /5 >
[2011.10.29 10:35:32 | 000,003,216 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.10.29 10:35:32 | 000,003,216 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.10.29 08:35:55 | 000,000,147 | ---- | M] () -- C:\Windows\system32\agent.log
[2011.10.28 09:23:31 | 000,378,264 | ---- | M] () -- C:\Windows\system32\FNTCACHE.DAT
[2011.10.29 08:35:59 | 000,000,000 | ---- | M] () -- C:\Windows\system32\LogConfigTemp.xml
[2011.10.29 09:38:31 | 000,135,618 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2011.10.29 09:38:31 | 000,121,592 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2011.10.29 09:38:31 | 000,654,172 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2011.10.29 09:38:31 | 000,642,704 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2011.10.29 09:38:31 | 001,549,404 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\system32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\system32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\system32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\system32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\system32\config\SYSTEM.SAV
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\*.* /U /s >
[16 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[3 C:\Windows\temp\*.tmp files -> C:\Windows\temp\*.tmp -> ]
< %systemroot%\*. /mp /s >
< %ALLUSERSPROFILE%\Data Aplikací\*.* >
< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >
< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >
< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\lubos\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,99 Gb Total Physical Memory | 1,70 Gb Available Physical Memory | 56,70% Memory free
6,19 Gb Paging File | 4,90 Gb Available in Paging File | 79,18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 143,18 Gb Total Space | 12,92 Gb Free Space | 9,02% Space Free | Partition Type: NTFS
Drive D: | 143,18 Gb Total Space | 25,62 Gb Free Space | 17,89% Space Free | Partition Type: NTFS
Drive K: | 596,02 Gb Total Space | 157,28 Gb Free Space | 26,39% Space Free | Partition Type: FAT32
Computer Name: LUBOS-PC | User Name: lubos | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.10.29 10:18:43 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\lubos\Desktop\OTL.exe
PRC - [2011.10.18 17:56:43 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.09.28 03:09:56 | 000,482,992 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\st_rsser.exe
PRC - [2011.09.28 03:09:50 | 003,609,776 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
PRC - [2011.09.28 03:09:40 | 002,775,728 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
PRC - [2011.09.06 22:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011.09.06 22:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.02.09 17:31:16 | 000,395,640 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.03.21 13:22:52 | 000,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
PRC - [2008.01.16 10:26:38 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007.12.06 16:15:28 | 000,110,592 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe
PRC - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007.02.13 02:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
PRC - [2007.01.04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
========== Modules (No Company Name) ==========
MOD - [2011.10.18 17:56:42 | 001,833,944 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011.09.27 14:25:46 | 000,076,800 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCoreGecko7.dll
MOD - [2011.03.29 04:42:43 | 006,053,536 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2010.03.15 11:28:24 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008.07.09 09:26:04 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (PCSpeedUpService)
SRV - File not found [On_Demand | Stopped] -- -- (gusvc)
SRV - File not found [On_Demand | Stopped] -- -- (GoogleDesktopManager-051210-111108)
SRV - [2011.09.28 03:09:56 | 000,482,992 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\st_rsser.exe -- (ST2012_Svc)
SRV - [2011.09.06 22:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2008.03.21 13:22:52 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.16 10:26:38 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007.12.06 16:15:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)
SRV - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007.02.13 02:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)
SRV - [2007.01.04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
========== Driver Services (SafeList) ==========
DRV - [2011.09.06 22:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.09.06 22:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.09.06 22:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.09.06 22:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.09.06 22:36:26 | 000,054,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011.09.06 22:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.06.21 11:24:06 | 000,032,768 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2010.09.06 13:22:46 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.12.15 14:05:42 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.12.15 14:05:42 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009.12.15 14:05:42 | 000,023,424 | ---- | M] (Huawei Tech. Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewdcsc.sys -- (Huawei)
DRV - [2008.07.09 10:46:38 | 003,848,192 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.04.28 16:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Ovladač adaptéru Intel(R)
DRV - [2008.04.15 20:13:14 | 000,051,160 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2media.sys -- (O2MDRDR)
DRV - [2008.04.08 20:46:02 | 000,043,736 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2sd.sys -- (O2SDRDR)
DRV - [2008.03.21 10:48:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2007.12.26 08:23:10 | 000,017,968 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TpChoice.sys -- (TpChoice)
DRV - [2007.04.17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2006.11.29 02:44:52 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2005.02.11 11:19:20 | 000,055,216 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-465257137-3806693963-3011938715-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-465257137-3806693963-3011938715-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60747
IE - HKU\S-1-5-21-465257137-3806693963-3011938715-1003\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-465257137-3806693963-3011938715-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-465257137-3806693963-3011938715-1003\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
IE - HKU\S-1-5-21-465257137-3806693963-3011938715-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: " "
FF - prefs.js..browser.search.order.1: "Crawler Search"
FF - prefs.js..browser.search.selectedEngine: "Searchrise"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://searchrise.com?hl=cs&fh="
FF - prefs.js..extensions.enabledItems: Cetrumcz@igeared:1.202.012.001
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4}:3.2.5.2
FF - prefs.js..extensions.enabledItems: {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.2.1
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.2.5.2
FF - prefs.js..keyword.URL: "http://www.crawler.com/search/dispatche ... 60747&qkw="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\Toolbar\firefox\ [2011.10.17 18:01:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.10.18 17:56:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.10.27 14:02:19 | 000,000,000 | ---D | M]
[2010.06.04 16:22:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lubos\AppData\Roaming\Mozilla\Extensions
[2011.10.21 04:47:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\extensions
[2010.06.25 07:21:46 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.10.04 12:54:57 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
[2011.06.05 15:11:37 | 000,000,000 | ---D | M] (Trendster Toolbar) -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\extensions\{699661f3-1e3b-4129-831b-cd5660cdc72e}
[2011.09.28 23:19:49 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.06.05 15:11:37 | 000,000,000 | ---D | M] (Safe Browse) -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\extensions\{8445d605-e889-9c78-e3f4-c579193cb55f}
[2011.09.28 23:19:54 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2011.09.28 23:19:58 | 000,000,000 | ---D | M] (MyAshampoo Community Toolbar) -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
[2011.09.22 20:24:14 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011.10.21 04:48:00 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2011.03.25 12:44:18 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\extensions\engine@conduit.com
[2011.02.09 17:32:14 | 000,000,863 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\conduit.xml
[2011.10.22 13:53:41 | 000,000,950 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\icqplugin-1.xml
[2011.09.02 15:34:14 | 000,000,950 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\icqplugin-10.xml
[2011.09.08 04:38:48 | 000,000,950 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\icqplugin-11.xml
[2011.10.17 18:16:04 | 000,000,950 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\icqplugin-12.xml
[2010.11.20 12:34:06 | 000,000,950 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\icqplugin-2.xml
[2010.12.10 11:38:46 | 000,000,950 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\icqplugin-3.xml
[2011.02.09 19:53:12 | 000,000,950 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\icqplugin-4.xml
[2011.03.23 17:59:33 | 000,000,950 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\icqplugin-5.xml
[2011.03.24 05:51:39 | 000,000,950 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\icqplugin-6.xml
[2011.04.30 05:43:33 | 000,000,950 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\icqplugin-7.xml
[2011.07.04 09:24:48 | 000,000,950 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\icqplugin-8.xml
[2011.08.23 10:10:22 | 000,000,950 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\icqplugin-9.xml
[2011.09.25 17:27:46 | 000,000,168 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\icqplugin.gif
[2011.09.25 17:27:46 | 000,000,618 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\icqplugin.src
[2010.11.04 19:52:45 | 000,001,056 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\icqplugin.xml
[2010.10.05 19:51:31 | 000,002,062 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\qip-search.xml
[2011.07.21 13:56:03 | 000,002,376 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\search.xml
[2011.06.06 07:34:29 | 000,001,800 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\searchhub.xml
[2011.06.06 07:34:28 | 000,002,150 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\Mozilla\Firefox\Profiles\pl31k3lv.default\searchplugins\searchrise.xml
[2011.10.18 18:02:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.03.25 12:42:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2011.03.25 12:42:50 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2011.10.18 17:56:44 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.02.12 00:11:32 | 000,001,425 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Cetrumcz_igeared.xml
[2009.09.21 12:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\crawlersrch.xml
[2011.10.18 17:56:38 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.10.18 17:56:38 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.10.18 17:56:38 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.10.18 17:56:38 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.10.18 17:56:38 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
O1 HOSTS File: ([2011.07.26 11:19:45 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (&Crawler Toolbar Helper) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O2 - BHO: (no name) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - No CLSID value found.
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\lubos\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No CLSID value found.
O2 - BHO: (Lištička) - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\listicka.dll ()
O2 - BHO: (no name) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Nástroje Lištičky) - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\toolbar\toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Conduit EngineĀky) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKLM\..\Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O3 - HKU\S-1-5-21-465257137-3806693963-3011938715-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-465257137-3806693963-3011938715-1003\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-465257137-3806693963-3011938715-1003\..\Toolbar\WebBrowser: (Nástroje Lištičky) - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - C:\Program Files\Seznam.cz\listicka.dll ()
O3 - HKU\S-1-5-21-465257137-3806693963-3011938715-1003\..\Toolbar\WebBrowser: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\programy\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SpywareTerminatorShield] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
O4 - HKLM..\Run: [SpywareTerminatorUpdater] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKU\S-1-5-21-465257137-3806693963-3011938715-1003..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-465257137-3806693963-3011938715-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-465257137-3806693963-3011938715-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Crawler Search - tbr:iemenu File not found
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O9 - Extra Button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra Button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - Reg Error: Key error. File not found
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O15 - HKU\S-1-5-21-465257137-3806693963-3011938715-1003\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-465257137-3806693963-3011938715-1003\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 82.114.192.15 82.114.192.6
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D09053C7-4852-47A0-8CE9-9156DFE3EC9F}: DhcpNameServer = 82.114.192.15 82.114.192.6
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\lubos\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\lubos\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2011.10.29 10:18:28 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\lubos\Desktop\OTL.exe
[2011.10.28 09:47:47 | 000,000,000 | ---D | C] -- C:\rsit
[2011.10.28 08:50:32 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2011.10.26 16:52:56 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011.10.26 16:47:29 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011.10.26 08:48:11 | 000,000,000 | ---D | C] -- C:\Users\lubos\AppData\Roaming\Malwarebytes
[2011.10.26 08:48:03 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.10.26 08:48:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.10.26 08:48:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.10.26 08:47:58 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.10.26 08:45:15 | 007,622,112 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\lubos\Desktop\mbam-setup.exe
[2011.10.24 16:48:21 | 000,000,000 | ---D | C] -- C:\Users\lubos\Desktop\kočár
[2011.10.17 18:01:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crawler lišta
[2011.10.17 18:00:54 | 000,000,000 | ---D | C] -- C:\Program Files\Crawler
[2011.10.17 18:00:31 | 000,000,000 | ---D | C] -- C:\Users\lubos\AppData\Roaming\Spyware Terminator
[2011.10.17 18:00:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator
[2011.10.17 18:00:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
[2011.10.17 17:55:57 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Terminator
[2011.10.17 13:12:24 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.10.16 08:50:44 | 000,000,000 | ---D | C] -- C:\Program Files\Sunbelt Software
[2011.10.14 04:41:37 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.10.14 04:41:34 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.10.14 04:41:32 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.10.14 04:41:31 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.10.14 04:41:30 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.10.13 19:35:38 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011.10.13 19:35:38 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011.10.13 19:35:38 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2011.10.13 19:35:38 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2011.10.13 19:35:36 | 002,043,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.10.13 19:34:54 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2011.10.13 19:34:53 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2011.10.08 15:50:09 | 000,000,000 | ---D | C] -- C:\Users\lubos\Desktop\foto hadry
[2011.10.01 09:21:20 | 000,000,000 | ---D | C] -- C:\Users\lubos\Desktop\V...ce
[2010.06.11 11:31:36 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\lubos\AppData\Roaming\pcouffin.sys
[2010.06.04 23:06:04 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
========== Files - Modified Within 30 Days ==========
[2011.10.29 10:28:32 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.10.29 10:18:43 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\lubos\Desktop\OTL.exe
[2011.10.29 09:45:03 | 000,136,192 | ---- | M] () -- C:\Users\lubos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.10.29 09:38:31 | 000,654,172 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.10.29 09:38:31 | 000,642,704 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.10.29 09:38:31 | 000,135,618 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.10.29 09:38:31 | 000,121,592 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.10.29 08:35:59 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2011.10.29 08:35:44 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.10.29 08:35:44 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.10.29 08:35:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.10.29 08:35:23 | 3213,881,344 | -HS- | M] () -- C:\hiberfil.sys
[2011.10.28 22:58:56 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.10.28 09:47:00 | 000,781,383 | ---- | M] () -- C:\Users\lubos\Desktop\RSIT.exe
[2011.10.28 09:23:31 | 000,378,264 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.10.27 23:03:25 | 000,000,049 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2011.10.26 08:48:04 | 000,000,791 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.10.26 08:45:33 | 007,622,112 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\lubos\Desktop\mbam-setup.exe
[2011.10.25 13:57:13 | 029,205,028 | ---- | M] () -- C:\Users\lubos\Desktop\tulip.zip
[2011.10.25 13:42:11 | 018,419,950 | ---- | M] () -- C:\Users\lubos\Desktop\elegant.zip
[2011.10.24 14:50:12 | 000,051,365 | ---- | M] () -- C:\Users\lubos\Desktop\tomáš komplet 1.jpg
[2011.10.18 18:19:48 | 006,483,607 | ---- | M] () -- C:\Users\lubos\Desktop\Ccleaner www.pdf
[2011.10.17 18:00:26 | 000,000,851 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
[2011.10.14 12:31:15 | 000,066,712 | ---- | M] () -- C:\Users\lubos\Desktop\b42658607.jpg
========== Files Created - No Company Name ==========
[2011.10.29 10:28:32 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.10.28 09:46:59 | 000,781,383 | ---- | C] () -- C:\Users\lubos\Desktop\RSIT.exe
[2011.10.26 08:48:04 | 000,000,791 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.10.25 13:57:13 | 029,205,028 | ---- | C] () -- C:\Users\lubos\Desktop\tulip.zip
[2011.10.25 13:42:10 | 018,419,950 | ---- | C] () -- C:\Users\lubos\Desktop\elegant.zip
[2011.10.24 14:50:12 | 000,051,365 | ---- | C] () -- C:\Users\lubos\Desktop\tomáš komplet 1.jpg
[2011.10.18 18:19:47 | 006,483,607 | ---- | C] () -- C:\Users\lubos\Desktop\Ccleaner www.pdf
[2011.10.17 18:00:32 | 000,032,768 | ---- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
[2011.10.17 18:00:26 | 000,000,851 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
[2011.10.14 12:31:07 | 000,066,712 | ---- | C] () -- C:\Users\lubos\Desktop\b42658607.jpg
[2011.09.03 16:20:15 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011.02.22 13:43:23 | 000,000,000 | ---- | C] () -- C:\Windows\Infob.dat
[2011.02.22 13:43:23 | 000,000,000 | ---- | C] () -- C:\Windows\Infoa.dat
[2011.02.18 10:03:00 | 000,002,080 | ---- | C] () -- C:\Program Files\Uninstall.ini
[2011.02.13 10:29:23 | 000,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011.01.22 18:55:27 | 000,000,680 | ---- | C] () -- C:\Users\lubos\AppData\Local\d3d9caps.dat
[2010.12.19 07:40:01 | 000,000,270 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010.12.17 19:20:51 | 000,000,695 | ---- | C] () -- C:\Windows\System32\psusr.ini
[2010.11.20 10:15:09 | 000,000,034 | ---- | C] () -- C:\Windows\WTRDCTM.INI
[2010.11.12 13:59:24 | 000,000,077 | ---- | C] () -- C:\Windows\System32\winitn.dll
[2010.11.12 13:59:09 | 000,000,001 | ---- | C] () -- C:\Windows\sslzdlt.dll
[2010.11.12 13:59:07 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2010.10.04 13:36:03 | 000,000,043 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.10.04 12:58:35 | 000,000,014 | ---- | C] () -- C:\Windows\System32\systeminfo3.dll
[2010.10.04 12:58:23 | 000,081,920 | ---- | C] () -- C:\Users\lubos\AppData\Roaming\ezpinst.exe
[2010.06.25 21:07:55 | 000,000,552 | ---- | C] () -- C:\Users\lubos\AppData\Local\d3d8caps.dat
[2010.06.25 18:12:13 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.06.11 11:32:04 | 000,001,057 | ---- | C] () -- C:\Users\lubos\AppData\Roaming\vso_ts_preview.xml
[2010.06.11 11:31:36 | 000,007,887 | ---- | C] () -- C:\Users\lubos\AppData\Roaming\pcouffin.cat
[2010.06.11 11:31:36 | 000,001,144 | ---- | C] () -- C:\Users\lubos\AppData\Roaming\pcouffin.inf
[2010.06.08 11:48:26 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.06.06 07:28:35 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010.06.06 07:28:35 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010.06.06 01:39:25 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010.06.05 06:01:16 | 000,136,192 | ---- | C] () -- C:\Users\lubos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.04 22:55:35 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2010.06.04 22:54:49 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2010.06.04 22:54:49 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2010.06.04 22:54:48 | 000,174,819 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010.06.04 22:54:48 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2010.06.04 16:22:09 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.06.04 13:38:56 | 000,204,800 | ---- | C] () -- C:\Windows\System32\SysHook.dll
[2010.06.04 13:32:26 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2010.06.04 13:32:26 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2010.06.04 13:32:26 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2010.06.04 13:26:01 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2010.06.04 13:26:01 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2010.06.04 13:26:01 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2010.06.04 13:26:01 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2010.06.04 13:23:09 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2010.06.04 13:12:35 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.01.07 21:24:12 | 000,074,330 | ---- | C] () -- C:\Program Files\Uninstall.exe
[2008.05.20 06:12:32 | 000,286,912 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2008.05.20 06:12:31 | 000,654,172 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2008.05.20 06:12:31 | 000,135,618 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2008.05.20 06:12:31 | 000,034,724 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2008.05.19 20:35:20 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008.05.19 20:31:40 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2008.05.19 20:31:40 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008.05.07 09:26:05 | 000,872,448 | ---- | C] () -- C:\Windows\iconv.dll
[2008.05.07 09:26:05 | 000,743,424 | ---- | C] () -- C:\Windows\libxml2.dll
[2008.05.07 09:26:04 | 000,000,040 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,378,264 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,642,704 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,121,592 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2001.12.26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001.11.14 12:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[2001.09.03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001.07.30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
========== LOP Check ==========
[2011.07.14 16:02:21 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Ashampoo
[2011.02.20 16:23:13 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Babylonia
[2011.09.03 16:20:11 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\BlamGames
[2011.07.21 11:04:54 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Broad Intelligence
[2011.07.15 16:05:42 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Canneverbe Limited
[2010.09.06 13:28:53 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\DAEMON Tools Lite
[2010.11.20 11:40:35 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.08.10 12:27:56 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\ERS G-Studio
[2011.07.04 19:42:27 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\ICQ
[2010.06.08 11:48:31 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\InterVideo
[2010.12.13 17:11:57 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\LangSoft
[2010.07.08 11:06:44 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Mount&Blade
[2011.08.04 23:54:07 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Mount&Blade Warband
[2011.07.21 11:05:51 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Movier
[2011.07.20 12:36:22 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\OpenCandy
[2011.04.09 21:50:13 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Opera
[2011.03.24 14:40:49 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\PhotoFiltre Studio X
[2011.01.10 05:39:47 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Rapid Software
[2011.10.17 18:00:31 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Spyware Terminator
[2011.06.27 20:08:03 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Telefónica Móviles
[2011.10.29 10:35:59 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\uTorrent
[2011.07.23 12:37:54 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Vso
[2011.10.28 22:58:57 | 000,032,542 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"uTorrent" = "C:\Program Files\uTorrent\uTorrent.exe" -- [2011.02.09 17:31:16 | 000,395,640 | ---- | M] (BitTorrent, Inc.)
< >
< MD5 for: AGP440.SYS >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2008.03.12 08:38:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys
[2008.03.12 08:38:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.03.12 08:24:20 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.21 04:24:45 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
< MD5 for: CDROM.SYS >
[2008.01.21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2008.01.21 04:24:35 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\System32\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
< MD5 for: CSRSS.EXE >
[2008.01.21 04:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\System32\csrss.exe
[2008.01.21 04:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.0.6001.18000_none_58e3e3d7e415ae4c\csrss.exe
< MD5 for: EXPLORER.EXE >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 04:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: FASTFAT.SYS >
[2009.04.11 06:13:52 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=1E9B9A70D332103C52995E957DC09EF8 -- C:\Windows\System32\drivers\fastfat.sys
[2009.04.11 06:13:52 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=1E9B9A70D332103C52995E957DC09EF8 -- C:\Windows\winsxs\x86_microsoft-windows-fat_31bf3856ad364e35_6.0.6002.18005_none_b09ea48c5485f42b\fastfat.sys
[2008.01.21 04:24:13 | 000,143,360 | ---- | M] (Microsoft Corporation) MD5=3C489390C2E2064563727752AF8EAB9E -- C:\Windows\winsxs\x86_microsoft-windows-fat_31bf3856ad364e35_6.0.6001.18000_none_aeb32b80576428df\fastfat.sys
< MD5 for: HAL.DLL >
[2009.04.11 08:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll
< MD5 for: IASTORV.SYS >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008.01.21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\drivers\isapnp.sys
[2008.01.21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\isapnp.sys
[2008.01.21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008.01.21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2008.01.21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.06.15 14:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009.09.10 16:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\System32\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009.02.13 09:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2009.06.15 15:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2009.06.15 14:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009.02.13 06:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009.06.15 14:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2009.06.15 15:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009.09.09 13:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009.09.10 16:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008.01.21 04:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008.01.21 04:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2008.01.21 04:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2009.02.13 10:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe
< MD5 for: NDIS.SYS >
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008.01.21 04:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NTFS.SYS >
[2009.04.11 08:32:49 | 001,083,880 | ---- | M] (Společnost Microsoft) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\Windows\System32\drivers\ntfs.sys
[2009.04.11 08:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18005_none_a85ca2c91a0d64df\ntfs.sys
[2008.01.21 04:23:51 | 001,081,912 | ---- | M] (Microsoft Corporation) MD5=B4EFFE29EB4F15538FD8A9681108492D -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6001.18000_none_a67129bd1ceb9993\ntfs.sys
< MD5 for: NVRAID.SYS >
[2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\drivers\nvraid.sys
[2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: SERVICES.EXE >
[2008.01.21 04:24:48 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009.04.11 08:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\System32\services.exe
[2009.04.11 08:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
< MD5 for: SMSS.EXE >
[2008.01.21 04:23:50 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009.04.11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\System32\smss.exe
[2009.04.11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe
< MD5 for: SPOOLSV.EXE >
[2010.08.17 15:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) MD5=3665F79026A3F91FBCA63F2C65A09B19 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe
[2009.04.11 08:28:05 | 000,127,488 | ---- | M] (Microsoft Corporation) MD5=524BFBEA40E6E404737CCBC754647A2E -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe
[2008.01.21 04:24:45 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=846CDF9A3CF4DA9B306ADFB7D55EE4C2 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe
[2010.08.17 16:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\System32\spoolsv.exe
[2010.08.17 16:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe
[2010.08.17 16:20:09 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=AAE98B295E88D439A6E0F6E8929424FB -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe
[2010.08.17 15:27:48 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=E807FC542C295BA256CE3567829E02A6 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe
< MD5 for: SVCHOST.EXE >
[2008.01.21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
< MD5 for: TCPIP.SYS >
[2010.06.04 23:03:15 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009.04.11 08:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2009.08.15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2011.06.17 22:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\System32\drivers\tcpip.sys
[2011.06.17 22:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[2010.02.18 13:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2010.06.16 17:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009.08.14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2011.06.17 22:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[2010.06.16 18:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2010.06.16 17:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2010.06.04 23:03:15 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009.08.14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010.02.18 19:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010.06.16 18:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2010.02.18 16:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2008.01.21 04:25:03 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009.08.14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2_32.DLL >
[2008.01.21 04:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\System32\ws2_32.dll
[2008.01.21 04:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
< >
< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2006.11.02 14:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2008.05.20 06:10:23 | 000,003,584 | ---- | M] (Lexmark International Inc.) -- C:\Windows\System32\spool\prtprocs\w32x86\cs-CZ\LMPRTPRC.DLL.mui
< %systemroot%\system32\drivers\*.sys /5 >
< %systemroot%\system32\drivers\*.sys /X >
[2006.10.19 23:27:24 | 000,000,000 | ---- | M] () -- C:\Windows\system32\drivers\1025_ACER_Extensa5630.mrk
[2008.07.09 08:29:20 | 000,053,248 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\system32\drivers\ati2erec.dll
[2006.08.24 03:26:58 | 000,328,162 | ---- | M] () -- C:\Windows\system32\drivers\ativcaxx.cpa
[2006.08.24 03:26:58 | 000,000,929 | ---- | M] () -- C:\Windows\system32\drivers\ativcaxx.vp
[2007.04.18 18:19:50 | 000,002,096 | ---- | M] () -- C:\Windows\system32\drivers\ativdkxx.vp
[2007.05.30 21:37:38 | 000,002,096 | ---- | M] () -- C:\Windows\system32\drivers\ativokxx.vp
[2007.05.30 21:37:38 | 000,002,096 | ---- | M] () -- C:\Windows\system32\drivers\ativpkxx.vp
[2007.09.09 08:37:08 | 000,052,400 | ---- | M] () -- C:\Windows\system32\drivers\ativvpxx.vp
[2006.09.18 23:26:46 | 003,440,660 | ---- | M] () -- C:\Windows\system32\drivers\gm.dls
[2006.09.18 23:26:46 | 000,000,646 | ---- | M] () -- C:\Windows\system32\drivers\gmreadme.txt
[2006.12.23 01:04:52 | 000,144,201 | ---- | M] () -- C:\Windows\system32\drivers\HSFProf.cty
[2008.01.21 04:23:51 | 000,000,003 | ---- | M] () -- C:\Windows\system32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf
[2010.06.04 13:33:44 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2008.05.07 08:39:58 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_Kernel_TpChoice_01005.Wdf
[2010.06.08 11:32:54 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010.12.06 09:25:42 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2005.06.27 15:29:50 | 000,000,520 | ---- | M] () -- C:\Windows\system32\drivers\RTEQEX0.dat
[2005.06.27 15:29:28 | 000,000,520 | ---- | M] () -- C:\Windows\system32\drivers\RTEQEX1.dat
[2007.07.14 00:11:56 | 000,000,008 | ---- | M] () -- C:\Windows\system32\drivers\rtkhdaud.dat
[2008.01.21 04:23:23 | 000,133,972 | ---- | M] () -- C:\Windows\system32\drivers\VSTDProf.cty
[2008.01.21 04:23:23 | 000,133,528 | ---- | M] () -- C:\Windows\system32\drivers\VSTEProf.cty
[2008.01.21 04:23:22 | 000,141,611 | ---- | M] () -- C:\Windows\system32\drivers\VSTProf.cty
[2008.01.21 04:23:23 | 000,141,572 | ---- | M] () -- C:\Windows\system32\drivers\VSTSProf.cty
[2006.11.29 02:44:58 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\drivers\XAudio.exe
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.09.06 13:22:46 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys
< %systemroot%\system32\*.* /5 >
[2011.10.29 10:35:32 | 000,003,216 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.10.29 10:35:32 | 000,003,216 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.10.29 08:35:55 | 000,000,147 | ---- | M] () -- C:\Windows\system32\agent.log
[2011.10.28 09:23:31 | 000,378,264 | ---- | M] () -- C:\Windows\system32\FNTCACHE.DAT
[2011.10.29 08:35:59 | 000,000,000 | ---- | M] () -- C:\Windows\system32\LogConfigTemp.xml
[2011.10.29 09:38:31 | 000,135,618 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2011.10.29 09:38:31 | 000,121,592 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2011.10.29 09:38:31 | 000,654,172 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2011.10.29 09:38:31 | 000,642,704 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2011.10.29 09:38:31 | 001,549,404 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\system32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\system32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\system32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\system32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\system32\config\SYSTEM.SAV
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\*.* /U /s >
[16 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[3 C:\Windows\temp\*.tmp files -> C:\Windows\temp\*.tmp -> ]
< %systemroot%\*. /mp /s >
< %ALLUSERSPROFILE%\Data Aplikací\*.* >
< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >
< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >
< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >
Smutné je, že hlupáci jsou tak sebejistí a lidé moudří tak plni pochybností.
Bertrand Russell
Bertrand Russell
Re: prosím o kontrolu logu
< %APPDATA%\*. >
[2011.09.19 17:53:24 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Adobe
[2010.09.19 09:41:21 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Ahead
[2011.07.14 16:02:21 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Ashampoo
[2010.06.04 13:25:49 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\ATI
[2011.02.20 16:23:13 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Babylonia
[2011.09.03 16:20:11 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\BlamGames
[2011.07.21 11:04:54 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Broad Intelligence
[2011.07.15 16:05:42 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Canneverbe Limited
[2010.06.08 11:48:26 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Corel
[2010.09.06 13:28:53 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\DAEMON Tools Lite
[2011.08.29 13:48:23 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\dvdcss
[2010.11.20 11:40:35 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.08.10 12:27:56 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\ERS G-Studio
[2010.06.04 14:20:35 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Google
[2011.07.04 19:42:27 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\ICQ
[2010.06.30 21:11:13 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Identities
[2010.06.04 13:32:14 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\InstallShield
[2010.06.08 11:48:31 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\InterVideo
[2010.12.13 17:11:57 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\LangSoft
[2010.06.04 13:41:40 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Macromedia
[2011.10.26 08:48:11 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Malwarebytes
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Media Center Programs
[2011.09.19 17:53:24 | 000,000,000 | --SD | M] -- C:\Users\lubos\AppData\Roaming\Microsoft
[2010.07.08 11:06:44 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Mount&Blade
[2011.08.04 23:54:07 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Mount&Blade Warband
[2011.07.21 11:05:51 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Movier
[2010.06.04 16:22:13 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Mozilla
[2011.07.20 12:36:22 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\OpenCandy
[2011.04.09 21:50:13 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Opera
[2011.03.24 14:40:49 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\PhotoFiltre Studio X
[2011.01.10 05:39:47 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Rapid Software
[2011.05.29 18:26:46 | 000,000,000 | RH-D | M] -- C:\Users\lubos\AppData\Roaming\SecuROM
[2011.10.24 21:13:06 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Skype
[2011.10.24 18:20:54 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\skypePM
[2011.10.17 18:00:31 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Spyware Terminator
[2011.06.27 20:08:03 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Telefónica Móviles
[2011.10.29 11:50:35 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\uTorrent
[2011.08.02 21:52:21 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\vlc
[2011.07.23 12:37:54 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Vso
[2010.08.16 07:21:50 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\WinRAR
< %APPDATA%\*.* >
[2010.10.05 20:13:33 | 000,081,920 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\ezpinst.exe
[2011.02.13 09:59:23 | 000,007,887 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\pcouffin.cat
[2011.02.13 09:59:23 | 000,001,144 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\pcouffin.inf
[2011.02.13 09:59:23 | 000,000,055 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\pcouffin.log
[2011.02.13 09:59:23 | 000,047,360 | ---- | M] (VSO Software) -- C:\Users\lubos\AppData\Roaming\pcouffin.sys
[2011.07.23 12:37:53 | 000,001,057 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\vso_ts_preview.xml
< %APPDATA%\*.exe /s >
[2010.10.05 20:13:33 | 000,081,920 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\ezpinst.exe
[2010.06.04 13:23:27 | 000,010,134 | R--- | M] () -- C:\Users\lubos\AppData\Roaming\Microsoft\Installer\{2323E969-2CE5-3ECE-F343-4B2A5634C45D}\ARPPRODUCTICON.exe
[2011.07.20 12:36:23 | 000,416,160 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\OpenCandy\OpenCandy_371EA6FCB23E485D95171F17BE923B21\LatestDLMgr.exe
[2010.12.18 00:07:06 | 000,043,440 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\OpenCandy\OpenCandy_371EA6FCB23E485D95171F17BE923B21\SpeedstarterCZ.exe
[2010.12.17 19:48:22 | 001,720,472 | ---- | M] (Speedchecker Limited ) -- C:\Users\lubos\AppData\Roaming\OpenCandy\OpenCandy_371EA6FCB23E485D95171F17BE923B21\ZrychleniPocitace.exe
[2011.07.20 12:36:34 | 001,842,096 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\OpenCandy\OpenCandy_371EA6FCB23E485D95171F17BE923B21\ZrychleniPocitace_p2v1.exe
< %SYSTEMDRIVE%\*.exe >
< >
< >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-10-28 06:36:43
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s >
"JobInactivityTimeout" = 7776000
"JobMinimumRetryDelay" = 600
"JobNoProgressTimeout" = 1209600
"LogFileFlags" = 0
"LogFileMinMemory" = 120
"LogFileSize" = 1
"TimeQuantaLength" = 300
"UseLmCompat" = 2
"IGDSearcherDLL" = bitsigd.dll -- [2009.04.11 08:28:18 | 000,031,744 | ---- | M] (Microsoft Corporation)
"StateIndex" = 1
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.10.29 10:28:32 | 000,000,512 | ---- | M] () MD5=82D172FED3DCC8609F4B08596AD5DFC8 -- C:\PhysicalMBR.bin
========== Alternate Data Streams ==========
@Alternate Data Stream - 183 bytes -> C:\ProgramData\TEMP:35A81752
< End of report >
[2011.09.19 17:53:24 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Adobe
[2010.09.19 09:41:21 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Ahead
[2011.07.14 16:02:21 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Ashampoo
[2010.06.04 13:25:49 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\ATI
[2011.02.20 16:23:13 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Babylonia
[2011.09.03 16:20:11 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\BlamGames
[2011.07.21 11:04:54 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Broad Intelligence
[2011.07.15 16:05:42 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Canneverbe Limited
[2010.06.08 11:48:26 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Corel
[2010.09.06 13:28:53 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\DAEMON Tools Lite
[2011.08.29 13:48:23 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\dvdcss
[2010.11.20 11:40:35 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.08.10 12:27:56 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\ERS G-Studio
[2010.06.04 14:20:35 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Google
[2011.07.04 19:42:27 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\ICQ
[2010.06.30 21:11:13 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Identities
[2010.06.04 13:32:14 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\InstallShield
[2010.06.08 11:48:31 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\InterVideo
[2010.12.13 17:11:57 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\LangSoft
[2010.06.04 13:41:40 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Macromedia
[2011.10.26 08:48:11 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Malwarebytes
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Media Center Programs
[2011.09.19 17:53:24 | 000,000,000 | --SD | M] -- C:\Users\lubos\AppData\Roaming\Microsoft
[2010.07.08 11:06:44 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Mount&Blade
[2011.08.04 23:54:07 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Mount&Blade Warband
[2011.07.21 11:05:51 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Movier
[2010.06.04 16:22:13 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Mozilla
[2011.07.20 12:36:22 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\OpenCandy
[2011.04.09 21:50:13 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Opera
[2011.03.24 14:40:49 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\PhotoFiltre Studio X
[2011.01.10 05:39:47 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Rapid Software
[2011.05.29 18:26:46 | 000,000,000 | RH-D | M] -- C:\Users\lubos\AppData\Roaming\SecuROM
[2011.10.24 21:13:06 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Skype
[2011.10.24 18:20:54 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\skypePM
[2011.10.17 18:00:31 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Spyware Terminator
[2011.06.27 20:08:03 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Telefónica Móviles
[2011.10.29 11:50:35 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\uTorrent
[2011.08.02 21:52:21 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\vlc
[2011.07.23 12:37:54 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\Vso
[2010.08.16 07:21:50 | 000,000,000 | ---D | M] -- C:\Users\lubos\AppData\Roaming\WinRAR
< %APPDATA%\*.* >
[2010.10.05 20:13:33 | 000,081,920 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\ezpinst.exe
[2011.02.13 09:59:23 | 000,007,887 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\pcouffin.cat
[2011.02.13 09:59:23 | 000,001,144 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\pcouffin.inf
[2011.02.13 09:59:23 | 000,000,055 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\pcouffin.log
[2011.02.13 09:59:23 | 000,047,360 | ---- | M] (VSO Software) -- C:\Users\lubos\AppData\Roaming\pcouffin.sys
[2011.07.23 12:37:53 | 000,001,057 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\vso_ts_preview.xml
< %APPDATA%\*.exe /s >
[2010.10.05 20:13:33 | 000,081,920 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\ezpinst.exe
[2010.06.04 13:23:27 | 000,010,134 | R--- | M] () -- C:\Users\lubos\AppData\Roaming\Microsoft\Installer\{2323E969-2CE5-3ECE-F343-4B2A5634C45D}\ARPPRODUCTICON.exe
[2011.07.20 12:36:23 | 000,416,160 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\OpenCandy\OpenCandy_371EA6FCB23E485D95171F17BE923B21\LatestDLMgr.exe
[2010.12.18 00:07:06 | 000,043,440 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\OpenCandy\OpenCandy_371EA6FCB23E485D95171F17BE923B21\SpeedstarterCZ.exe
[2010.12.17 19:48:22 | 001,720,472 | ---- | M] (Speedchecker Limited ) -- C:\Users\lubos\AppData\Roaming\OpenCandy\OpenCandy_371EA6FCB23E485D95171F17BE923B21\ZrychleniPocitace.exe
[2011.07.20 12:36:34 | 001,842,096 | ---- | M] () -- C:\Users\lubos\AppData\Roaming\OpenCandy\OpenCandy_371EA6FCB23E485D95171F17BE923B21\ZrychleniPocitace_p2v1.exe
< %SYSTEMDRIVE%\*.exe >
< >
< >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-10-28 06:36:43
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s >
"JobInactivityTimeout" = 7776000
"JobMinimumRetryDelay" = 600
"JobNoProgressTimeout" = 1209600
"LogFileFlags" = 0
"LogFileMinMemory" = 120
"LogFileSize" = 1
"TimeQuantaLength" = 300
"UseLmCompat" = 2
"IGDSearcherDLL" = bitsigd.dll -- [2009.04.11 08:28:18 | 000,031,744 | ---- | M] (Microsoft Corporation)
"StateIndex" = 1
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.10.29 10:28:32 | 000,000,512 | ---- | M] () MD5=82D172FED3DCC8609F4B08596AD5DFC8 -- C:\PhysicalMBR.bin
========== Alternate Data Streams ==========
@Alternate Data Stream - 183 bytes -> C:\ProgramData\TEMP:35A81752
< End of report >
Smutné je, že hlupáci jsou tak sebejistí a lidé moudří tak plni pochybností.
Bertrand Russell
Bertrand Russell
Re: prosím o kontrolu logu
OTL Extras logfile created on: 29.10.2011 10:21:06 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\lubos\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,99 Gb Total Physical Memory | 1,70 Gb Available Physical Memory | 56,70% Memory free
6,19 Gb Paging File | 4,90 Gb Available in Paging File | 79,18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 143,18 Gb Total Space | 12,92 Gb Free Space | 9,02% Space Free | Partition Type: NTFS
Drive D: | 143,18 Gb Total Space | 25,62 Gb Free Space | 17,89% Space Free | Partition Type: NTFS
Drive K: | 596,02 Gb Total Space | 157,28 Gb Free Space | 26,39% Space Free | Partition Type: FAT32
Computer Name: LUBOS-PC | User Name: lubos | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-465257137-3806693963-3011938715-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE prezentace fotografií] -- "C:\Program Files\Fotolab\Fotolab Fotosvet 4\CEWE prezentace fotografií.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotolab Fotosvet 4] -- "C:\Program Files\Fotolab\Fotolab Fotosvet 4\Fotolab Fotosvet 4.exe" "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0CAB2E84-2DD7-45F2-A570-5642243A5D6A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0E949906-0EDD-4611-B345-8540AD21295D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{289EB456-6055-4B8C-9A18-E951BE98570F}" = rport=445 | protocol=6 | dir=out | app=system |
"{3A00E2BD-55BA-4689-A971-1856F1F5352C}" = lport=445 | protocol=6 | dir=in | app=system |
"{4F313531-F100-40D0-8157-C6E4D9FB73CB}" = lport=138 | protocol=17 | dir=in | app=system |
"{52D20CA9-9EDC-49F5-B194-035941E00BEA}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{5D19F5AD-CA75-4AF5-B244-69481155234C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5D84111C-57B7-4992-BC68-C666979917BF}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{6805A92D-87D9-473B-BB2A-2D6C2F15B1D5}" = lport=137 | protocol=17 | dir=in | app=system |
"{69F662F6-7C55-4D8D-8FED-1AE057B9573C}" = rport=138 | protocol=17 | dir=out | app=system |
"{72B4E432-DD75-4B61-9E55-5877439FC95A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{72B6E38A-76FB-44B0-90FB-51CE7EAA79A6}" = lport=139 | protocol=6 | dir=in | app=system |
"{7D0DB134-4D44-4D6E-95E5-0930E585239F}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{83DC23B6-4DE2-4C2F-8E87-8AFD53E2CD1F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E079DBF5-AA85-4E53-873B-14A8EF9334FD}" = rport=139 | protocol=6 | dir=out | app=system |
"{E0BC1257-5715-49E2-BECD-C0DA648DFE4C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E211AB69-F584-4A30-ACA2-EB009ECAB97E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E666B3D7-A3F3-4E1E-A265-F9B5B94B53CF}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{E8094A66-343E-48FB-B288-0121212E367C}" = rport=137 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{13FC4ACD-E403-4DFC-8FDF-40683C839DF6}" = protocol=17 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"{28A87E05-B7E3-49D5-AB5C-A31BC7E1AE66}" = protocol=6 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"{38EACFB7-2F63-440D-8D2E-00E106A521E7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{47678800-2B17-4A1F-9192-3B3665C84266}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4A3702F0-4EF3-4DCA-B7CC-563C747363E2}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{54E3FC77-52C6-4947-83EA-9AEEE3B8E325}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{63FFD1B0-A3A9-45AD-84EE-DBDF7AEC0EB4}" = protocol=17 | dir=in | app=c:\windows\svcfiles\msde.exe |
"{6884FF46-F981-4823-A7C4-D8CF794323D3}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{73C28256-EF8F-4B87-99EF-DB5BD6C4009D}" = protocol=17 | dir=in | app=c:\luba\hry\starcraft ii\starcraft ii.exe |
"{74F8EC25-5AF9-4339-A66A-194FACC59219}" = protocol=6 | dir=in | app=c:\program files\spyware terminator\spywareterminator.exe |
"{7DAE3262-5554-44BC-8305-EF735781FDE3}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{7EE710B3-26BD-437D-ACE4-A734A7E3E6E4}" = protocol=6 | dir=in | app=c:\luba\hry\spotauditor\spotauditor.exe |
"{83F15438-C82B-4F6E-9842-F4C28599F7AD}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{86FE8602-F7BD-49D1-97A7-B312BA7C36C5}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{90014A71-364D-42AE-AB44-06751192173E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{904CC520-7E28-47FE-AD26-20FBA7F66C5C}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{930CA24F-8037-4DBE-B8FA-34B4FD621B69}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9DCB7025-EB4F-448F-BADB-EBBEDDAB0788}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{AE3E9577-FDF2-492E-8D8F-BD62125AFB8D}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{C01997A3-5798-4E5C-846C-025755907789}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{C85DE485-C604-4994-BABA-340C49207481}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{CB1D3172-4DB8-469B-9511-5171931CF39D}" = protocol=6 | dir=in | app=c:\luba\hry\starcraft ii\starcraft ii.exe |
"{CDCB86DF-76F6-41DD-A831-EFA7789497B2}" = protocol=17 | dir=in | app=c:\luba\hry\spotauditor\spotauditor.exe |
"{D831A4D9-C263-43F0-B3EA-5B2EB439972D}" = protocol=17 | dir=in | app=c:\program files\spyware terminator\spywareterminator.exe |
"{DF5A2A51-AD76-4E6D-B5B0-59CCB177AA5D}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{E4D5E151-6064-4D94-A1A3-46B5070341CA}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{EEE0F77A-B79B-4BD5-9BC2-7804AAF267BE}" = protocol=6 | dir=in | app=c:\windows\svcfiles\msde.exe |
"{F4C7BD33-CBC4-4AEA-A2CB-131C281BCB81}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{F56BFE3D-8A21-45BD-AD6E-E94482CEA2DE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FFB997BD-3E9A-47F5-9D11-F5B4071EF6F7}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"TCP Query User{1ED05129-EE11-4367-82F0-8BA0684C5A7F}C:\luba\hry\metin2 sindicate\sindicatem2 - kopie (6)\metin2client.bin" = protocol=6 | dir=in | app=c:\luba\hry\metin2 sindicate\sindicatem2 - kopie (6)\metin2client.bin |
"TCP Query User{22B0F666-F76F-4450-8ECB-ADFA772DE733}C:\program files\strongdc++\strongdc.exe" = protocol=6 | dir=in | app=c:\program files\strongdc++\strongdc.exe |
"TCP Query User{23FBFD4A-5D55-422A-BB79-38AD7D85531A}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{2A3A7550-3BA3-4F42-925D-9A3348C739AB}C:\luba\hry\moorhuhn kart thunder - demo\mhk4-demo.exe" = protocol=6 | dir=in | app=c:\luba\hry\moorhuhn kart thunder - demo\mhk4-demo.exe |
"TCP Query User{45223749-17C6-4D1A-B92E-8170BE7958A3}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{4C523811-F51C-4222-BC32-B03E2AC60D93}C:\luba\hry\starcraft ii\versions\base15405\sc2.exe" = protocol=6 | dir=in | app=c:\luba\hry\starcraft ii\versions\base15405\sc2.exe |
"TCP Query User{4D3FE90A-5A46-48BE-8DB2-81639C9633F0}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{55B5A508-A29A-439F-B46C-7B3C71820A71}C:\luba\hry\starcraft ii\versions\base15405\sc2.exe" = protocol=6 | dir=in | app=c:\luba\hry\starcraft ii\versions\base15405\sc2.exe |
"TCP Query User{5D0F6BA5-B7C2-4854-BC44-9959F1914D74}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{69E6327B-ACCF-48D2-A07B-2DED3BA00DEC}C:\luba\hry\metin2\metin2\metin2client.bin" = protocol=6 | dir=in | app=c:\luba\hry\metin2\metin2\metin2client.bin |
"TCP Query User{74E44DD2-C4CC-49BA-A23C-DFD315598BBC}C:\luba\hry\metin2\metin2\metin2.bin" = protocol=6 | dir=in | app=c:\luba\hry\metin2\metin2\metin2.bin |
"TCP Query User{776562A8-D7D6-447D-ADDE-35D8DA99DC2B}C:\windows\svcfiles\msde.exe" = protocol=6 | dir=in | app=c:\windows\svcfiles\msde.exe |
"TCP Query User{7C931A2A-7511-463B-BEA3-B5BDB09DE32F}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{86F53CA6-CEED-4866-8346-EA81CD127E33}C:\luba\hry\metin2\metin2\metin2.bin" = protocol=6 | dir=in | app=c:\luba\hry\metin2\metin2\metin2.bin |
"TCP Query User{8B7250C8-62C3-461B-A311-056BDC63DC23}C:\luba\hry\metin2 sindicate\sindicatem2 - kopie (6)\metin2client.bin" = protocol=6 | dir=in | app=c:\luba\hry\metin2 sindicate\sindicatem2 - kopie (6)\metin2client.bin |
"TCP Query User{9779B3E9-A480-4F31-AD36-BD0544C03068}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{B01EB494-B326-489F-B6B6-A480A0C629CC}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{B0F40572-6449-4F1F-9C6A-BCFA397346B7}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"TCP Query User{C0DD3212-C690-4233-9C14-5D0C25BFB2F9}C:\luba\hry\metin2 sindicate\sindicatem2 - kopie (6)\client.bin" = protocol=6 | dir=in | app=c:\luba\hry\metin2 sindicate\sindicatem2 - kopie (6)\client.bin |
"TCP Query User{C2550B7F-35A1-430C-BCF4-AD76237269C1}C:\luba\hry\metin2 sindicate\sindicatem2 - kopie (6)\client.bin" = protocol=6 | dir=in | app=c:\luba\hry\metin2 sindicate\sindicatem2 - kopie (6)\client.bin |
"TCP Query User{DD409592-367C-4C22-B53A-5D49D4530403}C:\luba\hry\metin2\metin2\metin2client.bin" = protocol=6 | dir=in | app=c:\luba\hry\metin2\metin2\metin2client.bin |
"TCP Query User{DD6E9A1B-868A-4341-944C-D4BEEFB77006}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{E4D0ECF4-047F-44F3-A263-416A96DC9E50}C:\program files\strongdc++\strongdc.exe" = protocol=6 | dir=in | app=c:\program files\strongdc++\strongdc.exe |
"TCP Query User{F55129C9-73D9-467A-B810-10D827721A2B}C:\luba\hry\mount a blade 3\mount&blade warband\mb_warband.exe" = protocol=6 | dir=in | app=c:\luba\hry\mount a blade 3\mount&blade warband\mb_warband.exe |
"UDP Query User{1C55436B-785C-41C6-9482-34EE462FFA40}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{2BA4855C-5D17-4162-9358-CFFF0AD4986E}C:\luba\hry\metin2 sindicate\sindicatem2 - kopie (6)\client.bin" = protocol=17 | dir=in | app=c:\luba\hry\metin2 sindicate\sindicatem2 - kopie (6)\client.bin |
"UDP Query User{2C162F8C-FB6E-4486-97F1-5EC457E3C38B}C:\luba\hry\metin2 sindicate\sindicatem2 - kopie (6)\metin2client.bin" = protocol=17 | dir=in | app=c:\luba\hry\metin2 sindicate\sindicatem2 - kopie (6)\metin2client.bin |
"UDP Query User{3F462361-3249-4CA2-BECB-911C4F3B2202}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{61DFC989-DA35-4707-AD21-3BA005B4AAB7}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{62CCDCC1-4363-45D0-AF91-16850102E423}C:\luba\hry\mount a blade 3\mount&blade warband\mb_warband.exe" = protocol=17 | dir=in | app=c:\luba\hry\mount a blade 3\mount&blade warband\mb_warband.exe |
"UDP Query User{6812DEAA-9F9E-4DF4-BD1A-2FD7B283955C}C:\luba\hry\metin2\metin2\metin2client.bin" = protocol=17 | dir=in | app=c:\luba\hry\metin2\metin2\metin2client.bin |
"UDP Query User{6C3B0205-B2BA-407E-B569-2BA1B2142531}C:\luba\hry\metin2\metin2\metin2.bin" = protocol=17 | dir=in | app=c:\luba\hry\metin2\metin2\metin2.bin |
"UDP Query User{745674B8-3279-4B5B-945A-E8554289C68B}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"UDP Query User{75E7FBB9-1661-4A90-A590-74D9BAA42399}C:\luba\hry\starcraft ii\versions\base15405\sc2.exe" = protocol=17 | dir=in | app=c:\luba\hry\starcraft ii\versions\base15405\sc2.exe |
"UDP Query User{7EC116E0-320B-4B3B-8678-DC03CBE3CF92}C:\program files\strongdc++\strongdc.exe" = protocol=17 | dir=in | app=c:\program files\strongdc++\strongdc.exe |
"UDP Query User{81F24118-40EE-4579-9D48-DB0D5BE79334}C:\luba\hry\metin2 sindicate\sindicatem2 - kopie (6)\metin2client.bin" = protocol=17 | dir=in | app=c:\luba\hry\metin2 sindicate\sindicatem2 - kopie (6)\metin2client.bin |
"UDP Query User{838E8977-9405-43F6-8C62-D77FA12E8A9F}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{8608745C-FABE-4CB2-8A9E-36DD4F87C673}C:\luba\hry\metin2\metin2\metin2.bin" = protocol=17 | dir=in | app=c:\luba\hry\metin2\metin2\metin2.bin |
"UDP Query User{8D4546FF-3C0F-4F7A-8801-4ED3830D77C7}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{92B9DA65-A304-4BC2-9982-7EF235B41F91}C:\program files\strongdc++\strongdc.exe" = protocol=17 | dir=in | app=c:\program files\strongdc++\strongdc.exe |
"UDP Query User{A1C5E244-7AE7-4ABC-8593-060D7101F3C9}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{A4D0EFA7-B590-4F3C-8A98-C4182D54ADCB}C:\luba\hry\starcraft ii\versions\base15405\sc2.exe" = protocol=17 | dir=in | app=c:\luba\hry\starcraft ii\versions\base15405\sc2.exe |
"UDP Query User{A9B86E44-94AD-436C-AEA9-2A149F20315E}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{AA3B6649-A7E0-49BC-8454-6E8F9324B649}C:\luba\hry\metin2 sindicate\sindicatem2 - kopie (6)\client.bin" = protocol=17 | dir=in | app=c:\luba\hry\metin2 sindicate\sindicatem2 - kopie (6)\client.bin |
"UDP Query User{BED5AC35-5BC6-4AC0-B0F3-EB9E2D8607F9}C:\windows\svcfiles\msde.exe" = protocol=17 | dir=in | app=c:\windows\svcfiles\msde.exe |
"UDP Query User{C8A1C99E-2BF8-474E-AD5B-67E09D351557}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{D078878D-F77E-426B-9EDA-7483BB710CDB}C:\luba\hry\moorhuhn kart thunder - demo\mhk4-demo.exe" = protocol=17 | dir=in | app=c:\luba\hry\moorhuhn kart thunder - demo\mhk4-demo.exe |
"UDP Query User{E1B269FE-90AD-4D68-8909-85FB206CE539}C:\luba\hry\metin2\metin2\metin2client.bin" = protocol=17 | dir=in | app=c:\luba\hry\metin2\metin2\metin2client.bin |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00A400C1-8BDA-F414-CBDB-3505CBA6202D}" = Catalyst Control Center Localization Thai
"{02FF8997-F547-A1A6-C8F7-613B8AC1EB9C}" = Catalyst Control Center Graphics Light
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.6300
"{088EA7F1-6DF1-4ADD-CBCA-19EEE2F659B2}" = CCC Help Norwegian
"{0B47426E-36A1-152B-6DDA-BC76FB15879F}" = Catalyst Control Center Localization Chinese Traditional
"{0EF6383A-7F55-36C9-4ED9-473F75468A98}" = CCC Help Italian
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{1754A032-F747-4233-E4D0-406E2F782CDE}" = CCC Help Japanese
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1B8DA948-E5AB-3F68-175A-81A07DD57939}" = CCC Help Hungarian
"{1E2423C8-1A66-CE87-C69B-5EECE4CB820E}" = CCC Help Spanish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F8C81E5-ACBD-22CE-09A0-89BFCF99CFAB}" = ccc-utility
"{2323E969-2CE5-3ECE-F343-4B2A5634C45D}" = Catalyst Control Center InstallProxy
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{25AF3759-CB94-430B-DE41-69FEC1AE3D51}" = Catalyst Control Center Localization Turkish
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{35AC32DA-844D-034A-244A-F711A547164B}" = CCC Help Polish
"{3B539C5E-14C8-43F7-315F-D3DE58ED06F6}" = CCC Help German
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EB6A32F-F693-FA7D-1436-3A0EC93C2784}" = Catalyst Control Center Localization Japanese
"{41073C0A-2319-C5AB-ED19-3AD36E07EF93}" = Catalyst Control Center Localization Italian
"{41725AB8-C848-54B4-4E67-E90E081A2A9D}" = CCC Help English
"{432282b5-d708-431a-9ada-abbbbac3f205}" = Business Contact Manager pro aplikaci Outlook 2007 SP1
"{4A119596-C9AF-2F32-32C8-00CE41094D86}" = Catalyst Control Center Localization Chinese Standard
"{4B297C42-D246-2976-0938-22EBDCFF6528}" = Catalyst Control Center Localization Polish
"{4F2CE68F-EDBB-4592-BF07-5AC930A51029}" = Nero 7 Ultra Edition
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{50A0893D-47D8-48E0-A7E8-44BCD7E4422E}" = Microsoft SQL Server Native Client
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{5473841B-CBA7-2055-1BE0-442293EAC1AE}" = Catalyst Control Center Localization Czech
"{548AF5C1-54E3-4B74-A3E5-D5E6CB7D487C}" = O2Micro Flash Memory Card Reader Driver (x86)
"{56736259-613E-4A3B-B428-6235F2E76F44}_is1" = Spyware Terminator 2012
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5B46DBF6-8DD1-7437-1AC5-07A39BD9BC55}" = Catalyst Control Center Localization Danish
"{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"{62F2E794-A438-3ABA-150E-83BABC73D044}" = CCC Help Thai
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6951E8E4-2B1F-5C66-B9F7-C3682C4A5697}" = ccc-core-static
"{69ACD15D-7878-FBBD-1F70-17C057BB5428}" = CCC Help Finnish
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7287BDE7-797C-E673-B814-2B25B8353DE7}" = Catalyst Control Center Localization Greek
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{79F5F068-AB2B-ABCD-F49D-821117FDEA25}" = Catalyst Control Center Localization Finnish
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{802F0F4E-A0A5-4E4D-9D7B-1933913EF7B6}" = Catalyst Control Center - Branding
"{8259246D-E3FB-A1C9-B0DD-6F011720CBC5}" = CCC Help Korean
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{88DF9268-6C74-CA61-5852-C3872DF18D93}" = CCC Help Russian
"{89E61D45-F5DF-D1E9-571D-E137D4CCBB72}" = Catalyst Control Center Graphics Full Existing
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_PROHYBRIDR_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_PROHYBRIDR_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_PROHYBRIDR_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROHYBRIDR_{3C3813E1-C370-4F32-9639-8B43C7C780CD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROHYBRIDR_{F67648A4-713E-4298-BBAD-A83D8283B0F3}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_PROHYBRIDR_{2659571A-3405-4486-B7D8-2F125BC0E3B2}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{9065F4FF-3CCE-33A4-6D36-22E55DCFE637}" = CCC Help Chinese Traditional
"{90A40405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{9304A431-32E5-78A5-EA03-897EF259F7E1}" = CCC Help Danish
"{93F8184E-A4BD-74E7-5A0D-D7E045AA2D13}" = Catalyst Control Center Localization Portuguese
"{94CFDDD1-E0E8-3A39-9CB6-FA91E632E826}" = Catalyst Control Center Localization Korean
"{9FFD6172-EF28-9ED8-24F2-4E25CA28706C}" = Catalyst Control Center Localization Hungarian
"{A2B8A03D-9A30-D641-F083-BCD56AAC571B}" = CCC Help Turkish
"{A38A7F23-51D0-BEE7-E82A-D7A1823AAEE0}" = Catalyst Control Center Localization German
"{A64A5576-D862-44F8-89DC-2B17FCC9B86E}" = Broadcom Gigabit Integrated Controller
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 2.0.8
"{A7C32EAC-9262-9BB8-89A3-96DB1C7CA2C7}" = Skins
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Součásti připojení sady Microsoft Office Small Business
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Czech
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B4F3A360-E1E2-479D-ADE7-9BE3B07F4539}" = NVIDIA PhysX
"{BFAED765-9E9E-0586-ABBF-FB73392E1594}" = CCC Help French
"{C0D2F614-5CE5-4DCB-8678-E5C9AF7044F8}" = Microsoft SQL Server VSS Writer
"{C28DA486-02EE-AE1E-8A2C-6CD98DF0135D}" = CCC Help Swedish
"{C57AA24F-FA96-3D73-3096-B0BABFF8BC26}" = Catalyst Control Center Localization Swedish
"{C5BDC212-AA0C-5F9C-9FDD-860128E6B000}" = CCC Help Greek
"{C7750329-B69A-5AF0-C5F5-E92AE77EEEC5}" = Catalyst Control Center Localization Dutch
"{CB2A5FC5-8DAA-B847-DF57-F4339B3BB682}" = Catalyst Control Center Localization Norwegian
"{CB70345C-C724-E6B9-4BE6-514A75EB6CEE}" = Catalyst Control Center Graphics Full New
"{CB84BB40-BF16-9DD7-558C-A8A8045651CE}" = Catalyst Control Center Core Implementation
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D3A0A8B3-07C9-76EC-79DC-D43DFDC8B2E0}" = CCC Help Czech
"{DA2176E1-5F64-E581-7C13-0C6763B64A5D}" = Catalyst Control Center Localization Russian
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.1.1.334
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E17D02CF-7EF8-E4D4-F857-2B8C00A0A5F5}" = CCC Help Chinese Standard
"{E533B61F-3176-56D2-4F4F-8A5138E50546}" = CCC Help Dutch
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E725E149-E30B-47BE-71BF-BE4CF259A38A}" = ATI Catalyst Install Manager
"{EE74D039-45D7-44E9-BF95-B9CFB015964F_P1}_is1" = ArcaniA - Gothic 4 Patch
"{EEFE2024-B465-F6AC-E154-FCC040CB7A31}" = Catalyst Control Center Graphics Previews Vista
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2D239EC-F135-1612-D6B4-24FF583F6AFB}" = CCC Help Portuguese
"{F3832CA5-630A-337D-6971-04693BB0E1D2}" = Catalyst Control Center Localization Spanish
"{FC02B4DC-D0F0-EEE3-C4AE-177BFF552DB1}" = Catalyst Control Center Localization French
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ArcaniA" = ArcaniA - Gothic 4
"avast" = avast! Free Antivirus
"Business Contact Manager" = Business Contact Manager pro aplikaci Outlook 2007 SP1
"CCleaner" = CCleaner
"CloneDVD2" = CloneDVD2
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"conduitEngine" = Conduit Engine
"CToolbar_UNINSTALL" = Web Security Guard with Crawler Toolbar
"Fotolab Fotosvet 4" = Fotolab Fotosvet 4
"GridVista" = Acer GridVista
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"InstallShield_{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Moon Clock 15 New Free Screensaver_is1" = NewFreeScreensaver Moon Clock 15
"Mount&Blade Warband" = Mount&Blade Warband
"Mozilla Firefox 7.0.1 (x86 cs)" = Mozilla Firefox 7.0.1 (x86 cs)
"O2 Mobilni internet" = O2 Mobilni internet
"O2CZ" = O2
"Opera 11.10.2092" = Opera 11.10
"PROHYBRIDR" = 2007 Microsoft Office system
"rajče.net_is1" = rajče verze 57 sestavení 190
"StarCraft II" = StarCraft II
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"szn-software-listicka" = Seznam Lištička (Všichni uživatelé tohoto počítače.)
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.1
"WinRAR archiver" = WinRAR
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-465257137-3806693963-3011938715-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"PhotoFiltre Studio X" = PhotoFiltre Studio X
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 8.6.2011 9:02:47 | Computer Name = lubos-PC | Source = EventSystem | ID = 4621
Description =
Error - 8.6.2011 10:14:36 | Computer Name = lubos-PC | Source = WinMgmt | ID = 10
Description =
Error - 8.6.2011 13:43:56 | Computer Name = lubos-PC | Source = EventSystem | ID = 4621
Description =
Error - 8.6.2011 13:47:26 | Computer Name = lubos-PC | Source = WinMgmt | ID = 10
Description =
Error - 8.6.2011 15:27:10 | Computer Name = lubos-PC | Source = EventSystem | ID = 4621
Description =
Error - 8.6.2011 22:35:54 | Computer Name = lubos-PC | Source = WinMgmt | ID = 10
Description =
Error - 9.6.2011 0:47:38 | Computer Name = lubos-PC | Source = WinMgmt | ID = 10
Description =
Error - 9.6.2011 3:35:14 | Computer Name = lubos-PC | Source = WinMgmt | ID = 10
Description =
Error - 9.6.2011 14:54:25 | Computer Name = lubos-PC | Source = EventSystem | ID = 4621
Description =
Error - 9.6.2011 22:22:28 | Computer Name = lubos-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 28.10.2011 2:20:08 | Computer Name = lubos-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 28.10.2011 2:20:08 | Computer Name = lubos-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 28.10.2011 2:54:10 | Computer Name = lubos-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 28.10.2011 3:03:52 | Computer Name = lubos-PC | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.1.100 pro síťovou kartu s adresou 00215D5640F0
byla serverem DHCP 0.0.0.0 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
Error - 28.10.2011 3:24:29 | Computer Name = lubos-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 28.10.2011 3:24:29 | Computer Name = lubos-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 28.10.2011 11:45:57 | Computer Name = lubos-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 28.10.2011 11:45:57 | Computer Name = lubos-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 29.10.2011 2:35:56 | Computer Name = lubos-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 29.10.2011 2:35:56 | Computer Name = lubos-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\lubos\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,99 Gb Total Physical Memory | 1,70 Gb Available Physical Memory | 56,70% Memory free
6,19 Gb Paging File | 4,90 Gb Available in Paging File | 79,18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 143,18 Gb Total Space | 12,92 Gb Free Space | 9,02% Space Free | Partition Type: NTFS
Drive D: | 143,18 Gb Total Space | 25,62 Gb Free Space | 17,89% Space Free | Partition Type: NTFS
Drive K: | 596,02 Gb Total Space | 157,28 Gb Free Space | 26,39% Space Free | Partition Type: FAT32
Computer Name: LUBOS-PC | User Name: lubos | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-465257137-3806693963-3011938715-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE prezentace fotografií] -- "C:\Program Files\Fotolab\Fotolab Fotosvet 4\CEWE prezentace fotografií.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotolab Fotosvet 4] -- "C:\Program Files\Fotolab\Fotolab Fotosvet 4\Fotolab Fotosvet 4.exe" "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0CAB2E84-2DD7-45F2-A570-5642243A5D6A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0E949906-0EDD-4611-B345-8540AD21295D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{289EB456-6055-4B8C-9A18-E951BE98570F}" = rport=445 | protocol=6 | dir=out | app=system |
"{3A00E2BD-55BA-4689-A971-1856F1F5352C}" = lport=445 | protocol=6 | dir=in | app=system |
"{4F313531-F100-40D0-8157-C6E4D9FB73CB}" = lport=138 | protocol=17 | dir=in | app=system |
"{52D20CA9-9EDC-49F5-B194-035941E00BEA}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{5D19F5AD-CA75-4AF5-B244-69481155234C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5D84111C-57B7-4992-BC68-C666979917BF}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{6805A92D-87D9-473B-BB2A-2D6C2F15B1D5}" = lport=137 | protocol=17 | dir=in | app=system |
"{69F662F6-7C55-4D8D-8FED-1AE057B9573C}" = rport=138 | protocol=17 | dir=out | app=system |
"{72B4E432-DD75-4B61-9E55-5877439FC95A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{72B6E38A-76FB-44B0-90FB-51CE7EAA79A6}" = lport=139 | protocol=6 | dir=in | app=system |
"{7D0DB134-4D44-4D6E-95E5-0930E585239F}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{83DC23B6-4DE2-4C2F-8E87-8AFD53E2CD1F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E079DBF5-AA85-4E53-873B-14A8EF9334FD}" = rport=139 | protocol=6 | dir=out | app=system |
"{E0BC1257-5715-49E2-BECD-C0DA648DFE4C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E211AB69-F584-4A30-ACA2-EB009ECAB97E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E666B3D7-A3F3-4E1E-A265-F9B5B94B53CF}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{E8094A66-343E-48FB-B288-0121212E367C}" = rport=137 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{13FC4ACD-E403-4DFC-8FDF-40683C839DF6}" = protocol=17 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"{28A87E05-B7E3-49D5-AB5C-A31BC7E1AE66}" = protocol=6 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"{38EACFB7-2F63-440D-8D2E-00E106A521E7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{47678800-2B17-4A1F-9192-3B3665C84266}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4A3702F0-4EF3-4DCA-B7CC-563C747363E2}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{54E3FC77-52C6-4947-83EA-9AEEE3B8E325}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{63FFD1B0-A3A9-45AD-84EE-DBDF7AEC0EB4}" = protocol=17 | dir=in | app=c:\windows\svcfiles\msde.exe |
"{6884FF46-F981-4823-A7C4-D8CF794323D3}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{73C28256-EF8F-4B87-99EF-DB5BD6C4009D}" = protocol=17 | dir=in | app=c:\luba\hry\starcraft ii\starcraft ii.exe |
"{74F8EC25-5AF9-4339-A66A-194FACC59219}" = protocol=6 | dir=in | app=c:\program files\spyware terminator\spywareterminator.exe |
"{7DAE3262-5554-44BC-8305-EF735781FDE3}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{7EE710B3-26BD-437D-ACE4-A734A7E3E6E4}" = protocol=6 | dir=in | app=c:\luba\hry\spotauditor\spotauditor.exe |
"{83F15438-C82B-4F6E-9842-F4C28599F7AD}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{86FE8602-F7BD-49D1-97A7-B312BA7C36C5}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{90014A71-364D-42AE-AB44-06751192173E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{904CC520-7E28-47FE-AD26-20FBA7F66C5C}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{930CA24F-8037-4DBE-B8FA-34B4FD621B69}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9DCB7025-EB4F-448F-BADB-EBBEDDAB0788}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{AE3E9577-FDF2-492E-8D8F-BD62125AFB8D}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{C01997A3-5798-4E5C-846C-025755907789}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{C85DE485-C604-4994-BABA-340C49207481}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{CB1D3172-4DB8-469B-9511-5171931CF39D}" = protocol=6 | dir=in | app=c:\luba\hry\starcraft ii\starcraft ii.exe |
"{CDCB86DF-76F6-41DD-A831-EFA7789497B2}" = protocol=17 | dir=in | app=c:\luba\hry\spotauditor\spotauditor.exe |
"{D831A4D9-C263-43F0-B3EA-5B2EB439972D}" = protocol=17 | dir=in | app=c:\program files\spyware terminator\spywareterminator.exe |
"{DF5A2A51-AD76-4E6D-B5B0-59CCB177AA5D}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{E4D5E151-6064-4D94-A1A3-46B5070341CA}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{EEE0F77A-B79B-4BD5-9BC2-7804AAF267BE}" = protocol=6 | dir=in | app=c:\windows\svcfiles\msde.exe |
"{F4C7BD33-CBC4-4AEA-A2CB-131C281BCB81}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{F56BFE3D-8A21-45BD-AD6E-E94482CEA2DE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FFB997BD-3E9A-47F5-9D11-F5B4071EF6F7}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"TCP Query User{1ED05129-EE11-4367-82F0-8BA0684C5A7F}C:\luba\hry\metin2 sindicate\sindicatem2 - kopie (6)\metin2client.bin" = protocol=6 | dir=in | app=c:\luba\hry\metin2 sindicate\sindicatem2 - kopie (6)\metin2client.bin |
"TCP Query User{22B0F666-F76F-4450-8ECB-ADFA772DE733}C:\program files\strongdc++\strongdc.exe" = protocol=6 | dir=in | app=c:\program files\strongdc++\strongdc.exe |
"TCP Query User{23FBFD4A-5D55-422A-BB79-38AD7D85531A}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{2A3A7550-3BA3-4F42-925D-9A3348C739AB}C:\luba\hry\moorhuhn kart thunder - demo\mhk4-demo.exe" = protocol=6 | dir=in | app=c:\luba\hry\moorhuhn kart thunder - demo\mhk4-demo.exe |
"TCP Query User{45223749-17C6-4D1A-B92E-8170BE7958A3}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{4C523811-F51C-4222-BC32-B03E2AC60D93}C:\luba\hry\starcraft ii\versions\base15405\sc2.exe" = protocol=6 | dir=in | app=c:\luba\hry\starcraft ii\versions\base15405\sc2.exe |
"TCP Query User{4D3FE90A-5A46-48BE-8DB2-81639C9633F0}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{55B5A508-A29A-439F-B46C-7B3C71820A71}C:\luba\hry\starcraft ii\versions\base15405\sc2.exe" = protocol=6 | dir=in | app=c:\luba\hry\starcraft ii\versions\base15405\sc2.exe |
"TCP Query User{5D0F6BA5-B7C2-4854-BC44-9959F1914D74}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{69E6327B-ACCF-48D2-A07B-2DED3BA00DEC}C:\luba\hry\metin2\metin2\metin2client.bin" = protocol=6 | dir=in | app=c:\luba\hry\metin2\metin2\metin2client.bin |
"TCP Query User{74E44DD2-C4CC-49BA-A23C-DFD315598BBC}C:\luba\hry\metin2\metin2\metin2.bin" = protocol=6 | dir=in | app=c:\luba\hry\metin2\metin2\metin2.bin |
"TCP Query User{776562A8-D7D6-447D-ADDE-35D8DA99DC2B}C:\windows\svcfiles\msde.exe" = protocol=6 | dir=in | app=c:\windows\svcfiles\msde.exe |
"TCP Query User{7C931A2A-7511-463B-BEA3-B5BDB09DE32F}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{86F53CA6-CEED-4866-8346-EA81CD127E33}C:\luba\hry\metin2\metin2\metin2.bin" = protocol=6 | dir=in | app=c:\luba\hry\metin2\metin2\metin2.bin |
"TCP Query User{8B7250C8-62C3-461B-A311-056BDC63DC23}C:\luba\hry\metin2 sindicate\sindicatem2 - kopie (6)\metin2client.bin" = protocol=6 | dir=in | app=c:\luba\hry\metin2 sindicate\sindicatem2 - kopie (6)\metin2client.bin |
"TCP Query User{9779B3E9-A480-4F31-AD36-BD0544C03068}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{B01EB494-B326-489F-B6B6-A480A0C629CC}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{B0F40572-6449-4F1F-9C6A-BCFA397346B7}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"TCP Query User{C0DD3212-C690-4233-9C14-5D0C25BFB2F9}C:\luba\hry\metin2 sindicate\sindicatem2 - kopie (6)\client.bin" = protocol=6 | dir=in | app=c:\luba\hry\metin2 sindicate\sindicatem2 - kopie (6)\client.bin |
"TCP Query User{C2550B7F-35A1-430C-BCF4-AD76237269C1}C:\luba\hry\metin2 sindicate\sindicatem2 - kopie (6)\client.bin" = protocol=6 | dir=in | app=c:\luba\hry\metin2 sindicate\sindicatem2 - kopie (6)\client.bin |
"TCP Query User{DD409592-367C-4C22-B53A-5D49D4530403}C:\luba\hry\metin2\metin2\metin2client.bin" = protocol=6 | dir=in | app=c:\luba\hry\metin2\metin2\metin2client.bin |
"TCP Query User{DD6E9A1B-868A-4341-944C-D4BEEFB77006}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{E4D0ECF4-047F-44F3-A263-416A96DC9E50}C:\program files\strongdc++\strongdc.exe" = protocol=6 | dir=in | app=c:\program files\strongdc++\strongdc.exe |
"TCP Query User{F55129C9-73D9-467A-B810-10D827721A2B}C:\luba\hry\mount a blade 3\mount&blade warband\mb_warband.exe" = protocol=6 | dir=in | app=c:\luba\hry\mount a blade 3\mount&blade warband\mb_warband.exe |
"UDP Query User{1C55436B-785C-41C6-9482-34EE462FFA40}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{2BA4855C-5D17-4162-9358-CFFF0AD4986E}C:\luba\hry\metin2 sindicate\sindicatem2 - kopie (6)\client.bin" = protocol=17 | dir=in | app=c:\luba\hry\metin2 sindicate\sindicatem2 - kopie (6)\client.bin |
"UDP Query User{2C162F8C-FB6E-4486-97F1-5EC457E3C38B}C:\luba\hry\metin2 sindicate\sindicatem2 - kopie (6)\metin2client.bin" = protocol=17 | dir=in | app=c:\luba\hry\metin2 sindicate\sindicatem2 - kopie (6)\metin2client.bin |
"UDP Query User{3F462361-3249-4CA2-BECB-911C4F3B2202}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{61DFC989-DA35-4707-AD21-3BA005B4AAB7}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{62CCDCC1-4363-45D0-AF91-16850102E423}C:\luba\hry\mount a blade 3\mount&blade warband\mb_warband.exe" = protocol=17 | dir=in | app=c:\luba\hry\mount a blade 3\mount&blade warband\mb_warband.exe |
"UDP Query User{6812DEAA-9F9E-4DF4-BD1A-2FD7B283955C}C:\luba\hry\metin2\metin2\metin2client.bin" = protocol=17 | dir=in | app=c:\luba\hry\metin2\metin2\metin2client.bin |
"UDP Query User{6C3B0205-B2BA-407E-B569-2BA1B2142531}C:\luba\hry\metin2\metin2\metin2.bin" = protocol=17 | dir=in | app=c:\luba\hry\metin2\metin2\metin2.bin |
"UDP Query User{745674B8-3279-4B5B-945A-E8554289C68B}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"UDP Query User{75E7FBB9-1661-4A90-A590-74D9BAA42399}C:\luba\hry\starcraft ii\versions\base15405\sc2.exe" = protocol=17 | dir=in | app=c:\luba\hry\starcraft ii\versions\base15405\sc2.exe |
"UDP Query User{7EC116E0-320B-4B3B-8678-DC03CBE3CF92}C:\program files\strongdc++\strongdc.exe" = protocol=17 | dir=in | app=c:\program files\strongdc++\strongdc.exe |
"UDP Query User{81F24118-40EE-4579-9D48-DB0D5BE79334}C:\luba\hry\metin2 sindicate\sindicatem2 - kopie (6)\metin2client.bin" = protocol=17 | dir=in | app=c:\luba\hry\metin2 sindicate\sindicatem2 - kopie (6)\metin2client.bin |
"UDP Query User{838E8977-9405-43F6-8C62-D77FA12E8A9F}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{8608745C-FABE-4CB2-8A9E-36DD4F87C673}C:\luba\hry\metin2\metin2\metin2.bin" = protocol=17 | dir=in | app=c:\luba\hry\metin2\metin2\metin2.bin |
"UDP Query User{8D4546FF-3C0F-4F7A-8801-4ED3830D77C7}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{92B9DA65-A304-4BC2-9982-7EF235B41F91}C:\program files\strongdc++\strongdc.exe" = protocol=17 | dir=in | app=c:\program files\strongdc++\strongdc.exe |
"UDP Query User{A1C5E244-7AE7-4ABC-8593-060D7101F3C9}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{A4D0EFA7-B590-4F3C-8A98-C4182D54ADCB}C:\luba\hry\starcraft ii\versions\base15405\sc2.exe" = protocol=17 | dir=in | app=c:\luba\hry\starcraft ii\versions\base15405\sc2.exe |
"UDP Query User{A9B86E44-94AD-436C-AEA9-2A149F20315E}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{AA3B6649-A7E0-49BC-8454-6E8F9324B649}C:\luba\hry\metin2 sindicate\sindicatem2 - kopie (6)\client.bin" = protocol=17 | dir=in | app=c:\luba\hry\metin2 sindicate\sindicatem2 - kopie (6)\client.bin |
"UDP Query User{BED5AC35-5BC6-4AC0-B0F3-EB9E2D8607F9}C:\windows\svcfiles\msde.exe" = protocol=17 | dir=in | app=c:\windows\svcfiles\msde.exe |
"UDP Query User{C8A1C99E-2BF8-474E-AD5B-67E09D351557}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{D078878D-F77E-426B-9EDA-7483BB710CDB}C:\luba\hry\moorhuhn kart thunder - demo\mhk4-demo.exe" = protocol=17 | dir=in | app=c:\luba\hry\moorhuhn kart thunder - demo\mhk4-demo.exe |
"UDP Query User{E1B269FE-90AD-4D68-8909-85FB206CE539}C:\luba\hry\metin2\metin2\metin2client.bin" = protocol=17 | dir=in | app=c:\luba\hry\metin2\metin2\metin2client.bin |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00A400C1-8BDA-F414-CBDB-3505CBA6202D}" = Catalyst Control Center Localization Thai
"{02FF8997-F547-A1A6-C8F7-613B8AC1EB9C}" = Catalyst Control Center Graphics Light
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.6300
"{088EA7F1-6DF1-4ADD-CBCA-19EEE2F659B2}" = CCC Help Norwegian
"{0B47426E-36A1-152B-6DDA-BC76FB15879F}" = Catalyst Control Center Localization Chinese Traditional
"{0EF6383A-7F55-36C9-4ED9-473F75468A98}" = CCC Help Italian
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{1754A032-F747-4233-E4D0-406E2F782CDE}" = CCC Help Japanese
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1B8DA948-E5AB-3F68-175A-81A07DD57939}" = CCC Help Hungarian
"{1E2423C8-1A66-CE87-C69B-5EECE4CB820E}" = CCC Help Spanish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F8C81E5-ACBD-22CE-09A0-89BFCF99CFAB}" = ccc-utility
"{2323E969-2CE5-3ECE-F343-4B2A5634C45D}" = Catalyst Control Center InstallProxy
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{25AF3759-CB94-430B-DE41-69FEC1AE3D51}" = Catalyst Control Center Localization Turkish
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{35AC32DA-844D-034A-244A-F711A547164B}" = CCC Help Polish
"{3B539C5E-14C8-43F7-315F-D3DE58ED06F6}" = CCC Help German
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EB6A32F-F693-FA7D-1436-3A0EC93C2784}" = Catalyst Control Center Localization Japanese
"{41073C0A-2319-C5AB-ED19-3AD36E07EF93}" = Catalyst Control Center Localization Italian
"{41725AB8-C848-54B4-4E67-E90E081A2A9D}" = CCC Help English
"{432282b5-d708-431a-9ada-abbbbac3f205}" = Business Contact Manager pro aplikaci Outlook 2007 SP1
"{4A119596-C9AF-2F32-32C8-00CE41094D86}" = Catalyst Control Center Localization Chinese Standard
"{4B297C42-D246-2976-0938-22EBDCFF6528}" = Catalyst Control Center Localization Polish
"{4F2CE68F-EDBB-4592-BF07-5AC930A51029}" = Nero 7 Ultra Edition
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{50A0893D-47D8-48E0-A7E8-44BCD7E4422E}" = Microsoft SQL Server Native Client
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{5473841B-CBA7-2055-1BE0-442293EAC1AE}" = Catalyst Control Center Localization Czech
"{548AF5C1-54E3-4B74-A3E5-D5E6CB7D487C}" = O2Micro Flash Memory Card Reader Driver (x86)
"{56736259-613E-4A3B-B428-6235F2E76F44}_is1" = Spyware Terminator 2012
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5B46DBF6-8DD1-7437-1AC5-07A39BD9BC55}" = Catalyst Control Center Localization Danish
"{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"{62F2E794-A438-3ABA-150E-83BABC73D044}" = CCC Help Thai
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6951E8E4-2B1F-5C66-B9F7-C3682C4A5697}" = ccc-core-static
"{69ACD15D-7878-FBBD-1F70-17C057BB5428}" = CCC Help Finnish
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7287BDE7-797C-E673-B814-2B25B8353DE7}" = Catalyst Control Center Localization Greek
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{79F5F068-AB2B-ABCD-F49D-821117FDEA25}" = Catalyst Control Center Localization Finnish
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{802F0F4E-A0A5-4E4D-9D7B-1933913EF7B6}" = Catalyst Control Center - Branding
"{8259246D-E3FB-A1C9-B0DD-6F011720CBC5}" = CCC Help Korean
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{88DF9268-6C74-CA61-5852-C3872DF18D93}" = CCC Help Russian
"{89E61D45-F5DF-D1E9-571D-E137D4CCBB72}" = Catalyst Control Center Graphics Full Existing
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_PROHYBRIDR_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_PROHYBRIDR_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_PROHYBRIDR_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROHYBRIDR_{3C3813E1-C370-4F32-9639-8B43C7C780CD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROHYBRIDR_{F67648A4-713E-4298-BBAD-A83D8283B0F3}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_PROHYBRIDR_{2659571A-3405-4486-B7D8-2F125BC0E3B2}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{9065F4FF-3CCE-33A4-6D36-22E55DCFE637}" = CCC Help Chinese Traditional
"{90A40405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{9304A431-32E5-78A5-EA03-897EF259F7E1}" = CCC Help Danish
"{93F8184E-A4BD-74E7-5A0D-D7E045AA2D13}" = Catalyst Control Center Localization Portuguese
"{94CFDDD1-E0E8-3A39-9CB6-FA91E632E826}" = Catalyst Control Center Localization Korean
"{9FFD6172-EF28-9ED8-24F2-4E25CA28706C}" = Catalyst Control Center Localization Hungarian
"{A2B8A03D-9A30-D641-F083-BCD56AAC571B}" = CCC Help Turkish
"{A38A7F23-51D0-BEE7-E82A-D7A1823AAEE0}" = Catalyst Control Center Localization German
"{A64A5576-D862-44F8-89DC-2B17FCC9B86E}" = Broadcom Gigabit Integrated Controller
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 2.0.8
"{A7C32EAC-9262-9BB8-89A3-96DB1C7CA2C7}" = Skins
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Součásti připojení sady Microsoft Office Small Business
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Czech
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B4F3A360-E1E2-479D-ADE7-9BE3B07F4539}" = NVIDIA PhysX
"{BFAED765-9E9E-0586-ABBF-FB73392E1594}" = CCC Help French
"{C0D2F614-5CE5-4DCB-8678-E5C9AF7044F8}" = Microsoft SQL Server VSS Writer
"{C28DA486-02EE-AE1E-8A2C-6CD98DF0135D}" = CCC Help Swedish
"{C57AA24F-FA96-3D73-3096-B0BABFF8BC26}" = Catalyst Control Center Localization Swedish
"{C5BDC212-AA0C-5F9C-9FDD-860128E6B000}" = CCC Help Greek
"{C7750329-B69A-5AF0-C5F5-E92AE77EEEC5}" = Catalyst Control Center Localization Dutch
"{CB2A5FC5-8DAA-B847-DF57-F4339B3BB682}" = Catalyst Control Center Localization Norwegian
"{CB70345C-C724-E6B9-4BE6-514A75EB6CEE}" = Catalyst Control Center Graphics Full New
"{CB84BB40-BF16-9DD7-558C-A8A8045651CE}" = Catalyst Control Center Core Implementation
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D3A0A8B3-07C9-76EC-79DC-D43DFDC8B2E0}" = CCC Help Czech
"{DA2176E1-5F64-E581-7C13-0C6763B64A5D}" = Catalyst Control Center Localization Russian
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.1.1.334
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E17D02CF-7EF8-E4D4-F857-2B8C00A0A5F5}" = CCC Help Chinese Standard
"{E533B61F-3176-56D2-4F4F-8A5138E50546}" = CCC Help Dutch
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E725E149-E30B-47BE-71BF-BE4CF259A38A}" = ATI Catalyst Install Manager
"{EE74D039-45D7-44E9-BF95-B9CFB015964F_P1}_is1" = ArcaniA - Gothic 4 Patch
"{EEFE2024-B465-F6AC-E154-FCC040CB7A31}" = Catalyst Control Center Graphics Previews Vista
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2D239EC-F135-1612-D6B4-24FF583F6AFB}" = CCC Help Portuguese
"{F3832CA5-630A-337D-6971-04693BB0E1D2}" = Catalyst Control Center Localization Spanish
"{FC02B4DC-D0F0-EEE3-C4AE-177BFF552DB1}" = Catalyst Control Center Localization French
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ArcaniA" = ArcaniA - Gothic 4
"avast" = avast! Free Antivirus
"Business Contact Manager" = Business Contact Manager pro aplikaci Outlook 2007 SP1
"CCleaner" = CCleaner
"CloneDVD2" = CloneDVD2
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"conduitEngine" = Conduit Engine
"CToolbar_UNINSTALL" = Web Security Guard with Crawler Toolbar
"Fotolab Fotosvet 4" = Fotolab Fotosvet 4
"GridVista" = Acer GridVista
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"InstallShield_{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Moon Clock 15 New Free Screensaver_is1" = NewFreeScreensaver Moon Clock 15
"Mount&Blade Warband" = Mount&Blade Warband
"Mozilla Firefox 7.0.1 (x86 cs)" = Mozilla Firefox 7.0.1 (x86 cs)
"O2 Mobilni internet" = O2 Mobilni internet
"O2CZ" = O2
"Opera 11.10.2092" = Opera 11.10
"PROHYBRIDR" = 2007 Microsoft Office system
"rajče.net_is1" = rajče verze 57 sestavení 190
"StarCraft II" = StarCraft II
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"szn-software-listicka" = Seznam Lištička (Všichni uživatelé tohoto počítače.)
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.1
"WinRAR archiver" = WinRAR
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-465257137-3806693963-3011938715-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"PhotoFiltre Studio X" = PhotoFiltre Studio X
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 8.6.2011 9:02:47 | Computer Name = lubos-PC | Source = EventSystem | ID = 4621
Description =
Error - 8.6.2011 10:14:36 | Computer Name = lubos-PC | Source = WinMgmt | ID = 10
Description =
Error - 8.6.2011 13:43:56 | Computer Name = lubos-PC | Source = EventSystem | ID = 4621
Description =
Error - 8.6.2011 13:47:26 | Computer Name = lubos-PC | Source = WinMgmt | ID = 10
Description =
Error - 8.6.2011 15:27:10 | Computer Name = lubos-PC | Source = EventSystem | ID = 4621
Description =
Error - 8.6.2011 22:35:54 | Computer Name = lubos-PC | Source = WinMgmt | ID = 10
Description =
Error - 9.6.2011 0:47:38 | Computer Name = lubos-PC | Source = WinMgmt | ID = 10
Description =
Error - 9.6.2011 3:35:14 | Computer Name = lubos-PC | Source = WinMgmt | ID = 10
Description =
Error - 9.6.2011 14:54:25 | Computer Name = lubos-PC | Source = EventSystem | ID = 4621
Description =
Error - 9.6.2011 22:22:28 | Computer Name = lubos-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 28.10.2011 2:20:08 | Computer Name = lubos-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 28.10.2011 2:20:08 | Computer Name = lubos-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 28.10.2011 2:54:10 | Computer Name = lubos-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 28.10.2011 3:03:52 | Computer Name = lubos-PC | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.1.100 pro síťovou kartu s adresou 00215D5640F0
byla serverem DHCP 0.0.0.0 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
Error - 28.10.2011 3:24:29 | Computer Name = lubos-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 28.10.2011 3:24:29 | Computer Name = lubos-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 28.10.2011 11:45:57 | Computer Name = lubos-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 28.10.2011 11:45:57 | Computer Name = lubos-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 29.10.2011 2:35:56 | Computer Name = lubos-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 29.10.2011 2:35:56 | Computer Name = lubos-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
Smutné je, že hlupáci jsou tak sebejistí a lidé moudří tak plni pochybností.
Bertrand Russell
Bertrand Russell
Přispějete na provoz fóra?