Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

omezený přístup na internet

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
MAT
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 10 pro 2005 22:02

omezený přístup na internet

#1 Příspěvek od MAT »

Zdravím, asi před 2 týdny jsem tady řešil problém s tím, že se nemohu dostat na určité weby (třeba apple.com, irobot.com, ale mohu na sony.com.... takže asi náhodný výběr). K vánocům jsem pořídil nový PC a asi po dvou dnech stejný problém jako u minulého.

Kouknete mi prosím na to, zda nemám nějakou havěť. Vynutí firewallu a antiviru nepomoho, přeinstalace firefox, exploreru taky ne.


Moooc dík za pomoc. Jsem už trochu v koncích, jo a antivir taky nic nechytnul.

MAT



Logfile of random's system information tool 1.09 (written by random/random)
Run by Gabriela at 2012-01-02 14:53:06
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 33 GB (34%) free of 98 GB
Total RAM: 3999 MB (63% free)

HijackThis download failed

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe /pipeName=63d4b42c-35e7-4466-a306-423dad92e740 /coreSdkOptions=286 /logConfFile="C:\ProgramData\AVG2012\temp\08667d6d-5c62-4743-a136-f66a415ae813-1c4-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2012\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2012" /tempPath="C:\ProgramData\AVG2012\temp\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
winlogon.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
C:\Windows\system32\WLANExt.exe 21980496
\??\C:\Windows\system32\conhost.exe "343071551388292863-538148079258213542421936141-1199230520-388487405-371388240
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Trend Micro\Titanium\TiMiniService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe"
\??\C:\Windows\system32\conhost.exe "2120525316-20820076761227135705128661106-963133126-152898370416011107121677552088
"C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe"
WLIDSvcM.exe 2420
"C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2012\avgemca.exe"
"taskhost.exe"
"C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe"
taskeng.exe {39BD8F5E-34A9-4240-91C4-4DF40C3A24B2}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe"
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
"C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe"
taskeng.exe {495E92CC-3189-4286-BCE1-61E305015828}
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
C:\Windows\SysWOW64\ACEngSvr.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
ATKOSD.exe
KBFiltr.exe
"C:\Windows\System32\igfxtray.exe"
WDC.exe
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe /pipeName=999c9b06-ab50-4121-93fb-8f23f516ce1e /coreSdkOptions=18 /logConfFile="C:\ProgramData\AVG2012\temp\7926ce4a-ad18-4e5d-816a-a217f7fbfd11-aec-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2012\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2012" /tempPath="C:\ProgramData\AVG2012\temp\"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4880.1287ad40.74087063 "C:\Windows\system32\Macromed\Flash\NPSWF32.dll" Mozilla.Firefox.9.0 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.jar" 4880 "\\.\pipe\gecko-crash-server-pipe.4880" plugin
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Gabriela\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup

=========Mozilla firefox=========

ProfilePath - C:\Users\Gabriela\AppData\Roaming\Mozilla\Firefox\Profiles\28i91e2l.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\ZEON/PDF,version=2.0]
"Description"=
"Path"=C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
avg-secure-search.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Gabriela\AppData\Roaming\Mozilla\Firefox\Profiles\28i91e2l.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}]
TmIEPlugInBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll [2010-09-17 235344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll [2011-11-11 1942368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}]
TmBpIeBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll [2010-09-17 264528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}]
TmIEPlugInBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll [2010-09-17 185680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll [2011-11-11 1378144]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-08-02 51872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}]
TmBpIeBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll [2010-09-17 234832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-02 1089288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-02 1089288]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"VizorHtmlDialog.exe"=C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe [2010-10-08 1123664]
"Trend Micro Client Framework"=C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [2010-10-12 192520]
"Trend Micro Titanium"=C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe [2010-09-17 322384]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-09-16 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-09-16 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-09-16 416024]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2011-10-18 2776880]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-08-25 12681320]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-08-02 961184]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-08-02 798880]
"IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 5"=C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe [2011-11-12 1647448]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2011-10-19 3331312]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [2011-07-29 737104]
"FLxHCIm64"=C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe [2011-10-17 47616]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-07-22 5716608]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2011-09-09 2317312]
"AVG_TRAY"=C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2011-12-03 2415456]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-11-01 59240]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-12-08 421736]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AsusVibeLauncher.lnk - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-09-16 390144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-01-02 14:53:06 ----D---- C:\rsit
2012-01-01 21:27:26 ----D---- C:\Users\Gabriela\AppData\Roaming\Mozilla
2012-01-01 20:03:50 ----D---- C:\Users\Gabriela\AppData\Roaming\pdfforge
2012-01-01 20:03:43 ----A---- C:\Windows\system32\pdfcmnnt.dll
2012-01-01 20:03:39 ----D---- C:\Program Files (x86)\PDFCreator
2012-01-01 20:03:39 ----A---- C:\Windows\SYSWOW64\MSMPIDE.DLL
2012-01-01 19:15:48 ----A---- C:\Windows\system32\MRT.exe
2011-12-31 17:29:20 ----D---- C:\ProgramData\Hewlett-Packard
2011-12-31 17:04:01 ----N---- C:\bootsqm.dat
2011-12-31 13:06:26 ----D---- C:\ProgramData\IObit
2011-12-31 13:06:13 ----D---- C:\Users\Gabriela\AppData\Roaming\FreeSoftwareDownload
2011-12-31 13:05:49 ----D---- C:\Users\Gabriela\AppData\Roaming\IObit
2011-12-31 13:05:37 ----D---- C:\Program Files (x86)\IObit
2011-12-31 12:20:53 ----D---- C:\Windows\system32\appmgmt
2011-12-30 17:51:31 ----D---- C:\Users\Gabriela\AppData\Roaming\Rovio
2011-12-30 17:48:15 ----D---- C:\Users\Gabriela\AppData\Roaming\WinRAR
2011-12-30 10:36:34 ----D---- C:\Záloha 12.2011
2011-12-30 10:31:21 ----D---- C:\Windows\SYSWOW64\Wat
2011-12-30 10:31:21 ----D---- C:\Windows\system32\Wat
2011-12-30 01:33:46 ----A---- C:\Windows\system32\mshtmled.dll
2011-12-30 01:33:45 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-12-30 01:33:45 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-12-30 01:33:45 ----A---- C:\Windows\system32\iertutil.dll
2011-12-30 01:33:44 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-12-30 01:33:44 ----A---- C:\Windows\SYSWOW64\url.dll
2011-12-30 01:33:44 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-12-30 01:33:44 ----A---- C:\Windows\system32\urlmon.dll
2011-12-30 01:33:44 ----A---- C:\Windows\system32\url.dll
2011-12-30 01:33:44 ----A---- C:\Windows\system32\ieui.dll
2011-12-30 01:33:43 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-12-30 01:33:43 ----A---- C:\Windows\system32\wininet.dll
2011-12-30 01:33:43 ----A---- C:\Windows\system32\jsproxy.dll
2011-12-30 01:33:42 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2011-12-30 01:33:42 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-12-30 01:33:42 ----A---- C:\Windows\system32\jscript9.dll
2011-12-30 01:33:41 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-12-30 01:33:41 ----A---- C:\Windows\system32\jscript.dll
2011-12-30 01:33:40 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-12-30 01:33:38 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-12-30 01:33:38 ----A---- C:\Windows\system32\mshtml.dll
2011-12-30 01:33:37 ----A---- C:\Windows\system32\ieframe.dll
2011-12-29 10:22:47 ----A---- C:\Windows\system32\csrsrv.dll
2011-12-29 10:22:42 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2011-12-29 10:22:42 ----A---- C:\Windows\system32\XpsPrint.dll
2011-12-29 10:22:38 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-12-29 10:22:28 ----A---- C:\Windows\SYSWOW64\tzres.dll
2011-12-29 10:22:28 ----A---- C:\Windows\system32\tzres.dll
2011-12-29 10:22:20 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2011-12-29 10:22:20 ----A---- C:\Windows\system32\psisdecd.dll
2011-12-29 10:19:18 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2011-12-29 10:19:18 ----A---- C:\Windows\system32\EncDec.dll
2011-12-29 10:19:15 ----A---- C:\Windows\system32\win32k.sys
2011-12-29 10:19:13 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2011-12-29 10:19:13 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2011-12-29 10:19:13 ----A---- C:\Windows\system32\oleaut32.dll
2011-12-29 10:19:13 ----A---- C:\Windows\system32\oleacc.dll
2011-12-29 09:38:26 ----HD---- C:\$AVG
2011-12-28 22:25:54 ----D---- C:\Program Files\Microsoft Office
2011-12-28 22:25:44 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2011-12-28 22:25:29 ----D---- C:\ProgramData\Microsoft Help
2011-12-28 22:25:23 ----RHD---- C:\MSOCache
2011-12-28 21:24:21 ----D---- C:\Users\Gabriela\AppData\Roaming\Apple Computer
2011-12-28 21:24:16 ----A---- C:\Windows\SYSWOW64\GEARAspi.dll
2011-12-28 21:24:16 ----A---- C:\Windows\system32\GEARAspi64.dll
2011-12-28 21:24:16 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2011-12-28 21:23:54 ----D---- C:\Program Files\iPod
2011-12-28 21:23:53 ----D---- C:\ProgramData\Apple Computer
2011-12-28 21:23:53 ----D---- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2011-12-28 21:23:53 ----D---- C:\Program Files\iTunes
2011-12-28 21:23:53 ----D---- C:\Program Files (x86)\iTunes
2011-12-28 21:22:56 ----D---- C:\Program Files (x86)\Apple Software Update
2011-12-28 21:22:46 ----D---- C:\Program Files\Common Files\Apple
2011-12-28 21:22:33 ----D---- C:\Program Files\Bonjour
2011-12-28 21:22:33 ----D---- C:\Program Files (x86)\Bonjour
2011-12-28 21:22:25 ----D---- C:\ProgramData\Apple
2011-12-28 21:05:09 ----D---- C:\Users\Gabriela\AppData\Roaming\Skype
2011-12-28 21:05:00 ----RD---- C:\Program Files (x86)\Skype
2011-12-28 21:04:52 ----D---- C:\ProgramData\Skype
2011-12-28 20:57:58 ----D---- C:\Users\Gabriela\AppData\Roaming\AVG2012
2011-12-28 20:55:28 ----D---- C:\Windows\SYSWOW64\drivers\AVG
2011-12-28 20:55:20 ----D---- C:\Windows\system32\drivers\AVG
2011-12-28 20:55:20 ----D---- C:\ProgramData\AVG2012
2011-12-28 20:54:23 ----D---- C:\Program Files (x86)\AVG
2011-12-28 20:46:42 ----HD---- C:\ProgramData\Common Files
2011-12-28 20:45:22 ----D---- C:\ProgramData\MFAData
2011-12-28 20:42:56 ----D---- C:\Users\Gabriela\AppData\Roaming\Zoner
2011-12-28 20:42:32 ----D---- C:\Program Files (x86)\Zoner
2011-12-28 20:40:06 ----D---- C:\Users\Gabriela\AppData\Roaming\FLEXnet
2011-12-28 20:40:05 ----D---- C:\Users\Gabriela\AppData\Roaming\Nuance
2011-12-28 20:40:04 ----D---- C:\Users\Gabriela\AppData\Roaming\Zeon
2011-12-28 20:35:08 ----D---- C:\Users\Gabriela\AppData\Roaming\ASUS WebStorage
2011-12-28 20:34:29 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-12-28 20:32:34 ----D---- C:\Users\Gabriela\AppData\Roaming\Macromedia
2011-12-28 20:31:26 ----D---- C:\Users\Gabriela\AppData\Roaming\Adobe
2011-12-28 20:28:36 ----D---- C:\Users\Gabriela\AppData\Roaming\Atheros
2011-12-28 20:27:22 ----D---- C:\Users\Gabriela\AppData\Roaming\Identities
2011-12-28 20:27:12 ----D---- C:\ProgramData\FolderView
2011-12-28 20:27:10 ----A---- C:\Windows\SYSWOW64\acovcnt.exe
2011-12-28 20:27:07 ----SD---- C:\Users\Gabriela\AppData\Roaming\Microsoft
2011-12-28 20:27:07 ----D---- C:\Users\Gabriela\AppData\Roaming\Media Center Programs
2011-12-09 10:37:30 ----D---- C:\eSupport
2011-12-09 10:36:23 ----A---- C:\Windows\AsToolCDVer.txt
2011-12-09 09:57:44 ----A---- C:\Pass.txt
2011-12-09 09:56:52 ----A---- C:\devlist.txt
2011-12-09 09:49:47 ----A---- C:\Windows\AsChkDev.txt
2011-12-09 09:48:46 ----D---- C:\Program Files\Intel
2011-12-09 09:48:35 ----A---- C:\Windows\SYSWOW64\ACEngSvr.exe
2011-12-09 09:47:43 ----A---- C:\Windows\system32\drivers\assd.sys
2011-12-09 09:47:42 ----D---- C:\Program Files\ASUS
2011-12-09 09:47:35 ----D---- C:\ProgramData\P4G
2011-12-09 09:47:35 ----D---- C:\Program Files\P4G
2011-12-09 09:47:17 ----D---- C:\ProgramData\USBChargerPlus
2011-12-09 09:47:16 ----D---- C:\ProgramData\Atheros
2011-12-09 09:46:26 ----A---- C:\Windows\system32\drivers\AiCharger.sys
2011-12-09 09:44:38 ----D---- C:\Program Files (x86)\Bluetooth Suite
2011-12-09 09:44:06 ----D---- C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation
2011-12-09 09:44:06 ----A---- C:\Windows\system32\drivers\athrx.sys
2011-12-09 09:44:06 ----A---- C:\Windows\system32\athrx.sys
2011-12-09 09:43:48 ----D---- C:\ProgramData\Qualcomm Atheros
2011-12-09 09:43:37 ----D---- C:\Program Files (x86)\ASIX Electronics Corporation
2011-12-09 09:43:32 ----D---- C:\Windows\SYSWOW64\sda
2011-12-09 09:43:30 ----N---- C:\Windows\system32\drivers\diskperf64.sys
2011-12-09 09:43:30 ----A---- C:\Windows\SYSWOW64\RtsUVStoricon.dll
2011-12-09 09:43:30 ----A---- C:\Windows\system32\drivers\rtsuvstor.sys
2011-12-09 09:43:18 ----D---- C:\Windows\SYSWOW64\RTCOM
2011-12-09 09:43:18 ----D---- C:\Program Files\Realtek
2011-12-09 09:43:05 ----A---- C:\Windows\SYSWOW64\SFCOM.dll
2011-12-09 09:43:05 ----A---- C:\Windows\system32\WavesGUILib.dll
2011-12-09 09:43:05 ----A---- C:\Windows\system32\tosade.dll
2011-12-09 09:43:05 ----A---- C:\Windows\system32\tepeqapo64.dll
2011-12-09 09:43:05 ----A---- C:\Windows\system32\tadefxapo264.dll
2011-12-09 09:43:05 ----A---- C:\Windows\system32\tadefxapo.dll
2011-12-09 09:43:05 ----A---- C:\Windows\system32\SRSWOW64.dll
2011-12-09 09:43:05 ----A---- C:\Windows\system32\SRSTSX64.dll
2011-12-09 09:43:05 ----A---- C:\Windows\system32\SRSTSH64.dll
2011-12-09 09:43:05 ----A---- C:\Windows\system32\SRSHP64.dll
2011-12-09 09:43:05 ----A---- C:\Windows\system32\SFSS_APO.dll
2011-12-09 09:43:05 ----A---- C:\Windows\system32\SFNHK64.dll
2011-12-09 09:43:05 ----A---- C:\Windows\system32\SFCOM64.dll
2011-12-09 09:43:05 ----A---- C:\Windows\system32\SFAPO64.dll
2011-12-09 09:43:05 ----A---- C:\Windows\system32\RtPgEx64.dll
2011-12-09 09:43:05 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2011-12-09 09:43:05 ----A---- C:\Windows\system32\RtkCfg64.dll
2011-12-09 09:43:05 ----A---- C:\Windows\system32\RtkAPO64.dll
2011-12-09 09:43:05 ----A---- C:\Windows\system32\RtkApi64.dll
2011-12-09 09:43:05 ----A---- C:\Windows\system32\RTEEP64A.dll
2011-12-09 09:43:05 ----A---- C:\Windows\system32\RTEEL64A.dll
2011-12-09 09:43:05 ----A---- C:\Windows\system32\RTEEG64A.dll
2011-12-09 09:43:05 ----A---- C:\Windows\system32\RTEED64A.dll
2011-12-09 09:43:05 ----A---- C:\Windows\system32\RTCOM64.dll
2011-12-09 09:43:05 ----A---- C:\Windows\system32\RP3DHT64.dll
2011-12-09 09:43:05 ----A---- C:\Windows\system32\RP3DAA64.dll
2011-12-09 09:43:05 ----A---- C:\Windows\system32\RCoRes64.dat
2011-12-09 09:43:05 ----A---- C:\Windows\system32\RCoInst64.dll
2011-12-09 09:43:05 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2011-12-09 09:43:04 ----A---- C:\Windows\system32\R4EEP64A.dll
2011-12-09 09:43:04 ----A---- C:\Windows\system32\R4EEL64A.dll
2011-12-09 09:43:04 ----A---- C:\Windows\system32\R4EEG64A.dll
2011-12-09 09:43:04 ----A---- C:\Windows\system32\R4EED64A.dll
2011-12-09 09:43:04 ----A---- C:\Windows\system32\R4EEA64A.dll
2011-12-09 09:43:04 ----A---- C:\Windows\system32\MaxxVolumeSDAPO.dll
2011-12-09 09:43:02 ----A---- C:\Windows\system32\MaxxAudioRealtek.dll
2011-12-09 09:43:02 ----A---- C:\Windows\system32\MaxxAudioEQ.dll
2011-12-09 09:43:02 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2011-12-09 09:43:02 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2011-12-09 09:43:02 ----A---- C:\Windows\system32\KAAPORT64.dll
2011-12-09 09:43:02 ----A---- C:\Windows\system32\FMAPO64.dll
2011-12-09 09:43:02 ----A---- C:\Windows\system32\DTSVoiceClarityDLL64.dll
2011-12-09 09:43:02 ----A---- C:\Windows\system32\DTSU2PREC64.dll
2011-12-09 09:43:02 ----A---- C:\Windows\system32\DTSU2PLFX64.dll
2011-12-09 09:43:02 ----A---- C:\Windows\system32\DTSU2PGFX64.dll
2011-12-09 09:43:02 ----A---- C:\Windows\system32\DTSSymmetryDLL64.dll
2011-12-09 09:43:02 ----A---- C:\Windows\system32\DTSS2SpeakerDLL64.dll
2011-12-09 09:43:02 ----A---- C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2011-12-09 09:43:02 ----A---- C:\Windows\system32\DTSNeoPCDLL64.dll
2011-12-09 09:43:02 ----A---- C:\Windows\system32\DTSLimiterDLL64.dll
2011-12-09 09:43:02 ----A---- C:\Windows\system32\DTSLFXAPO64.dll
2011-12-09 09:43:01 ----N---- C:\Windows\RtlExUpd.dll
2011-12-09 09:43:01 ----HD---- C:\Program Files (x86)\Temp
2011-12-09 09:43:01 ----D---- C:\Program Files (x86)\Realtek
2011-12-09 09:43:01 ----A---- C:\Windows\system32\DTSGFXAPONS64.dll
2011-12-09 09:43:01 ----A---- C:\Windows\system32\DTSGFXAPO64.dll
2011-12-09 09:43:01 ----A---- C:\Windows\system32\DTSGainCompensatorDLL64.dll
2011-12-09 09:43:01 ----A---- C:\Windows\system32\DTSBoostDLL64.dll
2011-12-09 09:43:01 ----A---- C:\Windows\system32\DTSBassEnhancementDLL64.dll
2011-12-09 09:43:01 ----A---- C:\Windows\system32\AERTAR64.dll
2011-12-09 09:43:01 ----A---- C:\Windows\system32\AERTAC64.dll
2011-12-09 09:42:58 ----D---- C:\ProgramData\Intel
2011-12-09 09:41:57 ----D---- C:\Program Files\Elantech
2011-12-09 09:41:52 ----SHD---- C:\Windows\SYSWOW64\AI_RecycleBin
2011-12-09 09:41:47 ----D---- C:\Program Files\Fresco Logic
2011-12-09 09:41:40 ----D---- C:\Program Files\Common Files\Intel
2011-12-09 09:41:13 ----A---- C:\Windows\system32\drivers\IntelMEFWVer.dll
2011-12-09 09:41:11 ----A---- C:\Windows\SYSWOW64\log.txt
2011-12-09 09:41:07 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-12-09 09:41:07 ----A---- C:\Windows\system32\drivers\HECIx64.sys
2011-12-09 09:40:53 ----D---- C:\Program Files (x86)\Intel
2011-12-09 09:40:53 ----A---- C:\Windows\SYSWOW64\CSVer.dll
2011-12-09 09:40:50 ----D---- C:\Intel
2011-12-09 09:39:59 ----A---- C:\Windows\SYSWOW64\ifsutil.dll
2011-12-09 09:39:59 ----A---- C:\Windows\system32\ifsutil.dll
2011-12-09 09:39:45 ----A---- C:\Windows\system32\drivers\ndis.sys
2011-12-09 09:39:42 ----D---- C:\Windows\SoftwareDistribution
2011-12-09 09:38:15 ----D---- C:\Windows\CSC
2011-12-09 09:38:05 ----SHD---- C:\System Volume Information
2011-12-09 09:38:05 ----ASH---- C:\pagefile.sys
2011-12-09 09:38:05 ----ASH---- C:\hiberfil.sys

======List of files/folders modified in the last 1 month======

2012-01-02 14:52:20 ----D---- C:\Windows\Temp
2012-01-02 14:29:31 ----D---- C:\Windows\system32\config
2012-01-02 14:23:41 ----D---- C:\Windows\System32
2012-01-02 14:23:41 ----D---- C:\Windows\inf
2012-01-02 14:23:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-01-02 14:19:27 ----D---- C:\Windows\system32\Tasks
2012-01-01 20:03:49 ----D---- C:\Windows\SysWOW64
2012-01-01 20:03:39 ----RD---- C:\Program Files (x86)
2012-01-01 19:15:54 ----D---- C:\Windows\debug
2011-12-31 22:15:12 ----D---- C:\Windows\system32\drivers
2011-12-31 22:15:11 ----D---- C:\Windows\system32\drivers\UMDF
2011-12-31 18:28:28 ----D---- C:\Windows\system32\NDF
2011-12-31 17:29:20 ----HD---- C:\ProgramData
2011-12-31 17:04:24 ----D---- C:\Windows
2011-12-31 13:36:21 ----D---- C:\Windows\winsxs
2011-12-31 13:33:31 ----D---- C:\Windows\system32\catroot2
2011-12-31 13:09:49 ----SHD---- C:\Boot
2011-12-31 12:51:06 ----D---- C:\Windows\system32\catroot
2011-12-31 12:22:24 ----RD---- C:\Program Files
2011-12-31 12:20:52 ----SHD---- C:\Windows\Installer
2011-12-31 12:12:38 ----D---- C:\Windows\Prefetch
2011-12-31 12:04:50 ----D---- C:\Windows\rescache
2011-12-31 12:03:50 ----D---- C:\Windows\Tasks
2011-12-31 12:03:50 ----D---- C:\Windows\system32\wfp
2011-12-31 12:03:48 ----D---- C:\Windows\system32\wbem
2011-12-31 12:00:53 ----D---- C:\Windows\system32\DriverStore
2011-12-31 11:55:29 ----D---- C:\Windows\system32\CodeIntegrity
2011-12-31 11:55:07 ----D---- C:\ProgramData\Trend Micro
2011-12-31 11:54:49 ----D---- C:\Windows\en-US
2011-12-31 11:54:16 ----D---- C:\Windows\system32\en
2011-12-31 11:54:03 ----D---- C:\Windows\SYSWOW64\en
2011-12-31 11:54:03 ----D---- C:\Windows\SYSWOW64\drivers\en-US
2011-12-31 11:49:45 ----D---- C:\Windows\registration
2011-12-31 11:42:32 ----D---- C:\Windows\SYSWOW64\migration
2011-12-31 11:42:31 ----D---- C:\Windows\system32\migration
2011-12-31 11:41:50 ----D---- C:\Windows\servicing
2011-12-31 11:41:48 ----D---- C:\Windows\ehome
2011-12-31 11:41:43 ----D---- C:\Program Files\Windows Sidebar
2011-12-31 11:41:43 ----D---- C:\Program Files\Common Files\System
2011-12-31 11:41:43 ----D---- C:\Program Files (x86)\Windows Sidebar
2011-12-30 20:01:52 ----D---- C:\Windows\system32\wdi
2011-12-30 19:59:19 ----D---- C:\Program Files\Windows Media Player
2011-12-30 19:59:19 ----D---- C:\Program Files\Windows Defender
2011-12-30 19:59:19 ----D---- C:\Program Files (x86)\Windows Mail
2011-12-30 19:59:18 ----D---- C:\Program Files (x86)\Windows Media Player
2011-12-30 19:59:17 ----D---- C:\Windows\SYSWOW64\winrm
2011-12-30 19:59:17 ----D---- C:\Windows\SYSWOW64\sr-Latn-CS
2011-12-30 19:59:17 ----D---- C:\Windows\SYSWOW64\slmgr
2011-12-30 19:59:17 ----D---- C:\Program Files (x86)\Windows Defender
2011-12-30 19:59:14 ----D---- C:\Windows\SYSWOW64\en-US
2011-12-30 19:59:14 ----D---- C:\Windows\SYSWOW64\drivers
2011-12-30 19:59:06 ----D---- C:\Windows\SYSWOW64\Printing_Admin_Scripts
2011-12-30 19:59:06 ----D---- C:\Windows\SYSWOW64\DriverStore
2011-12-30 19:59:06 ----D---- C:\Windows\SYSWOW64\Dism
2011-12-30 19:59:06 ----D---- C:\Windows\sr-Latn-CS
2011-12-30 19:59:04 ----D---- C:\Windows\system32\winrm
2011-12-30 19:59:04 ----D---- C:\Windows\system32\sysprep
2011-12-30 19:59:04 ----D---- C:\Windows\system32\sr-Latn-CS
2011-12-30 19:59:04 ----D---- C:\Windows\system32\slmgr
2011-12-30 19:59:04 ----D---- C:\Windows\system32\oobe
2011-12-30 19:59:04 ----D---- C:\Windows\system32\Boot
2011-12-30 19:58:57 ----D---- C:\Windows\system32\en-US
2011-12-30 19:58:57 ----D---- C:\Windows\system32\drivers\en-US
2011-12-30 19:58:53 ----D---- C:\Windows\system32\Dism
2011-12-30 19:58:50 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2011-12-30 19:58:38 ----D---- C:\Program Files\Windows Photo Viewer
2011-12-30 19:58:38 ----D---- C:\Program Files\Windows Mail
2011-12-30 19:58:38 ----D---- C:\Program Files\Windows Journal
2011-12-30 19:58:37 ----D---- C:\Windows\SYSWOW64\sl-SI
2011-12-30 19:58:37 ----D---- C:\Windows\SYSWOW64\migwiz
2011-12-30 19:58:37 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2011-12-30 19:58:33 ----D---- C:\Windows\SYSWOW64\WCN
2011-12-30 19:58:33 ----D---- C:\Windows\system32\migwiz
2011-12-30 19:58:32 ----D---- C:\Windows\system32\sl-SI
2011-12-30 19:58:26 ----D---- C:\Windows\system32\WCN
2011-12-30 19:58:16 ----D---- C:\Windows\SYSWOW64\sk-SK
2011-12-30 19:58:11 ----D---- C:\Windows\system32\sk-SK
2011-12-30 19:57:55 ----D---- C:\Windows\SYSWOW64\ro-RO
2011-12-30 19:57:48 ----D---- C:\Windows\system32\ro-RO
2011-12-30 19:57:23 ----D---- C:\Windows\SYSWOW64\XPSViewer
2011-12-30 19:57:23 ----D---- C:\Windows\SYSWOW64\pl-PL
2011-12-30 19:57:23 ----D---- C:\Windows\SYSWOW64\MUI
2011-12-30 19:57:14 ----D---- C:\Windows\SYSWOW64\com
2011-12-30 19:57:14 ----D---- C:\Windows\IME
2011-12-30 19:57:11 ----D---- C:\Windows\system32\MUI
2011-12-30 19:57:09 ----D---- C:\Windows\system32\pl-PL
2011-12-30 19:56:59 ----D---- C:\Windows\system32\com
2011-12-30 19:56:59 ----D---- C:\Windows\AppPatch
2011-12-30 19:56:37 ----D---- C:\Windows\SYSWOW64\hu-HU
2011-12-30 19:56:20 ----D---- C:\Windows\system32\hu-HU
2011-12-30 19:55:50 ----D---- C:\Windows\SYSWOW64\lv-LV
2011-12-30 19:55:45 ----D---- C:\Windows\system32\lv-LV
2011-12-30 19:55:28 ----D---- C:\Windows\SYSWOW64\lt-LT
2011-12-30 19:55:23 ----D---- C:\Windows\system32\lt-LT
2011-12-30 19:55:05 ----D---- C:\Windows\SYSWOW64\hr-HR
2011-12-30 19:55:00 ----D---- C:\Windows\system32\hr-HR
2011-12-30 19:54:43 ----D---- C:\Windows\SYSWOW64\et-EE
2011-12-30 19:54:37 ----D---- C:\Windows\system32\et-EE
2011-12-30 19:54:17 ----D---- C:\Windows\SYSWOW64\bg-BG
2011-12-30 19:54:11 ----D---- C:\Windows\system32\bg-BG
2011-12-30 17:10:12 ----D---- C:\Program Files\DVD Maker
2011-12-30 17:08:09 ----D---- C:\Windows\Logs
2011-12-30 15:08:39 ----RSD---- C:\Windows\assembly
2011-12-30 15:08:39 ----D---- C:\Windows\Microsoft.NET
2011-12-30 10:31:20 ----D---- C:\Program Files\Internet Explorer
2011-12-30 10:31:20 ----D---- C:\Program Files (x86)\Internet Explorer
2011-12-30 02:01:48 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-12-30 01:58:05 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-12-30 01:57:14 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2011-12-30 01:20:27 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-12-30 01:20:27 ----D---- C:\Windows\system32\cs-CZ
2011-12-30 00:03:54 ----D---- C:\Program Files (x86)\ASUS
2011-12-29 09:52:02 ----D---- C:\Windows\system32\LogFiles
2011-12-28 22:28:30 ----RSD---- C:\Windows\Fonts
2011-12-28 22:28:07 ----D---- C:\Program Files (x86)\Common Files
2011-12-28 22:28:01 ----D---- C:\Program Files (x86)\Microsoft.NET
2011-12-28 22:28:01 ----D---- C:\Program Files (x86)\Microsoft Office
2011-12-28 22:26:25 ----SD---- C:\ProgramData\Microsoft
2011-12-28 22:25:52 ----D---- C:\Windows\ShellNew
2011-12-28 21:24:16 ----DC---- C:\Windows\system32\DRVSTORE
2011-12-28 21:22:46 ----D---- C:\Program Files\Common Files
2011-12-28 20:53:40 ----D---- C:\Windows\system32\restore
2011-12-28 20:40:05 ----D---- C:\ProgramData\Nuance
2011-12-28 20:30:12 ----D---- C:\ProgramData\ChangeFolderView
2011-12-28 20:27:20 ----SHD---- C:\$Recycle.Bin
2011-12-28 20:27:07 ----RD---- C:\Users
2011-12-28 20:26:29 ----SHD---- C:\Recovery
2011-12-09 11:43:56 ----D---- C:\Windows\Log
2011-12-09 10:37:39 ----D---- C:\Windows\ASUS
2011-12-09 09:57:02 ----D---- C:\Windows\Panther

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 assd;assd; C:\Windows\system32\drivers\assd.sys [2010-04-28 27264]
R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 26704]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2011-09-13 37456]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-04-26 557848]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2011-10-07 283728]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2011-08-08 46672]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2011-07-11 375376]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 tmtdi;Trend Micro TDI Driver; C:\Windows\system32\DRIVERS\tmtdi.sys [2010-09-17 105552]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 tmactmon;tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys [2010-09-17 90704]
R2 tmcomm;tmcomm; C:\Windows\system32\DRIVERS\tmcomm.sys [2010-09-17 144464]
R2 tmevtmgr;tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys [2010-09-17 67664]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2010-11-30 16120]
R3 AiCharger;ASUS Charger Driver; C:\Windows\system32\DRIVERS\AiCharger.sys [2011-02-26 16768]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-08-02 36000]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-10-04 2770944]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 120400]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 29776]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-08-02 330912]
R3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2011-08-02 110240]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-08-02 30368]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-08-02 167584]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-08-02 68256]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-08-02 280992]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-08-02 511136]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-10-18 80384]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2011-10-18 198448]
R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver; C:\Windows\system32\DRIVERS\FLxHCIc.sys [2011-10-17 202496]
R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver; C:\Windows\system32\DRIVERS\FLxHCIh.sys [2011-10-17 69888]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-09-16 12289472]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-08-26 3064936]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-09-16 317440]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2011-03-15 311400]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2011-10-18 552960]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 71168]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2011-05-13 48488]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-08-02 51712]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-23 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService5;Advanced SystemCare Service 5; C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2011-11-10 490840]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-24 55144]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe [2011-09-29 92800]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-08-02 146592]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-08-02 103584]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
R2 TiMiniService;TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2010-09-17 241488]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 2292096]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-12-08 934760]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 Amsp;Trend Micro Solution Platform; C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2010-09-17 267480]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-05-13 1492840]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-30 149504]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-30 1255736]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
chodnik74
Přítel fóra
Přítel fóra
Příspěvky: 4975
Registrován: 13 zář 2010 21:30
Bydliště: Napajedla
Kontaktovat uživatele:
Kontaktovat uživatele chodnik74

Re: omezený přístup na internet

#2 Příspěvek od chodnik74 »

Dobrý den :welcome:

:arrow: Trváte na antiviru od AVG? :roll: U nás ho moc nedoporučujeme. Důvody: Slabší detekce, vysoká zátěž systému a způsobuje dosti problémů.. Doporučuji výměnu za Avast, MSE nebo Aviru (anglická)

:arrow: Odinstalovat Bing Bar, Advanced SystemCare 5


:arrow: Malwarebytes' Anti-Malware Obrázek
  • Stáhneme,nainstalujeme a spustíme(pokud si nevíte rady jak,klikněte ZDE)
  • Vybereme Úplná kontrola a klikneme na tlačítko ProhledatObrázek
  • Program provede kontrolu počítače a na konci se vám objeví hláska,že bylo skenování dokončeno,tak potvrdíme tlačítkem OK
  • Objeví se vám log,který mi sem vložte
  • NIC NEMAZAT!!Program mívá občas falešné detekce,takže mazat budeme až po konzultaci :twisted:
Napiš mi: chodnik74@gmail.com nebo Obrázek

>RSIT<>MBAM<>VirusTotal

Doporučuji:Obrázek | Obrázek

:!: Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. ;-) Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! :!:

:!: Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!

:idea: Jste s naší pomocí spokojeni :???: Neváhejte a podpořte forum ZDE.

Pravidla fora: č.1 a č.2
Nahoru
MAT
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 10 pro 2005 22:02

Re: omezený přístup na internet

#3 Příspěvek od MAT »

Tak stránka s
Malwarebytes' Anti-Malware

se mi velmi špatně zobrazuje, jen text při levém okraji - ještě jedna varianta zobrazení nějakých stránek 1. vše OK, 2. nejde vůbec, 3. zobrazí se jen text

tkže nevím, zda se mi to podaří stáhnout. Tak nepodaří, je to možné stáhnout i od jinud? :(

programy smazány dle instrukcí (proč i adwanced system care? - jen pro info?)
Nahoru
MAT
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 10 pro 2005 22:02

Re: omezený přístup na internet

#4 Příspěvek od MAT »

stahuju ze sunečnice.cz, tak to snad půjde.
Nahoru
Uživatelský avatar
chodnik74
Přítel fóra
Přítel fóra
Příspěvky: 4975
Registrován: 13 zář 2010 21:30
Bydliště: Napajedla
Kontaktovat uživatele:
Kontaktovat uživatele chodnik74

Re: omezený přístup na internet

#5 Příspěvek od chodnik74 »

Advanced system care je čínský šmejd, který krade databáze jiným firmám a dost často právě on boří systém :) Proto pryč..

Místo AVG doporučuji Avast :)
Napiš mi: chodnik74@gmail.com nebo Obrázek

>RSIT<>MBAM<>VirusTotal

Doporučuji:Obrázek | Obrázek

:!: Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. ;-) Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! :!:

:!: Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!

:idea: Jste s naší pomocí spokojeni :???: Neváhejte a podpořte forum ZDE.

Pravidla fora: č.1 a č.2
Nahoru
MAT
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 10 pro 2005 22:02

Re: omezený přístup na internet

#6 Příspěvek od MAT »

pustil jsem Malwarebytes Anti-Malware, ale bez aktulizace, ta mi nejde stáhnout. To je asi trochu k ničemu, co?
Nahoru
Uživatelský avatar
chodnik74
Přítel fóra
Přítel fóra
Příspěvky: 4975
Registrován: 13 zář 2010 21:30
Bydliště: Napajedla
Kontaktovat uživatele:
Kontaktovat uživatele chodnik74

Re: omezený přístup na internet

#7 Příspěvek od chodnik74 »

Dejte i bez aktualizace.. ;-)
Napiš mi: chodnik74@gmail.com nebo Obrázek

>RSIT<>MBAM<>VirusTotal

Doporučuji:Obrázek | Obrázek

:!: Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. ;-) Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! :!:

:!: Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!

:idea: Jste s naší pomocí spokojeni :???: Neváhejte a podpořte forum ZDE.

Pravidla fora: č.1 a č.2
Nahoru
MAT
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 10 pro 2005 22:02

Re: omezený přístup na internet

#8 Příspěvek od MAT »

Toto to vytvořilo, takže asi OK.

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Verze databáze: 7622

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

2.1.2012 15:49:50
mbam-log-2012-01-02 (15-49-50).txt

Typ: Úplná kontrola (C:\|D:\|)
Kontrolované objekty: 328685
Uplynulý čas: 17 minut, 27 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
Nahoru
Uživatelský avatar
chodnik74
Přítel fóra
Přítel fóra
Příspěvky: 4975
Registrován: 13 zář 2010 21:30
Bydliště: Napajedla
Kontaktovat uživatele:
Kontaktovat uživatele chodnik74

Re: omezený přístup na internet

#9 Příspěvek od chodnik74 »

:arrow: Stáhneme si na Plochu program OTLObrázek
  • Spustíme soubor OTL.exe (pokud máte Windows Vista nebo Windows 7,tak na soubor klikněte pravým
    tlačítkem myši a dejte ,,Spustit jako správce,,)
  • Pokud používáte 64 bitový systém,zaškrkněte volbu Pro 64 bitové OS,pokud ne,tak by měla být
    nezaškrknutá
  • Zaškrkněte okýnko Pro všechny uživatele,Kontrola havět "LOP",Kontrola havět "Purity"
  • Staří souborů změňte z 30 dnů na 7 dnů
  • Do spodního okýnka Vlastní skenování/opravy vložte následující script:

    Kód: Vybrat vše

    netsvcs
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CryptSvc /s

/md5start
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
hal.dll
logevent.dll
netlogon.dll
ntelogon.dll
scecli.dll
sceclt.dll
user32.dll
ws2_32.dll
autochk.exe
cmd.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
regedit.exe
userinit.exe
winlogon.exe
adp3132.sys
acpi.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
cdrom.sys 
Changer.sys
fastfat.sys
i8042prt.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys 
JakNDis.sys
kbdclass.sys
KR10N.sys
mv61xx.sys
ndis.sys
ntfs.sys
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys 
nvrd32.sys 
nvstor.sys
nvstor32.sys
symmpi.sys
tcpip.sys
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
Win32k.sys
winsrv.dll
consrv.dll
/md5stop

C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\Spool\prtprocs\*.* /s
%systemroot%\system32\drivers\*.sys /10
%systemroot%\system32\drivers\*.sys /X 
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /10
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\*.* /lockedfiles
%systemroot%\system32\config\*.sav 
%systemroot%\Tasks\*.job
%systemroot%\*.* /U /s
%systemroot%\*. /rp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Nabídka Start\*.lnk /x
%ALLUSERSPROFILE%\Data Aplikácií\*.*
%ALLUSERSPROFILE%\Data Aplikácií\*.exe /s
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\system32|bak;true;false;false /fp
%PROGRAMFILES%|bak;true;false;false /fp

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems" /v Windows /c

type c:\boot.ini >> test.txt /c
bcdedit /enum all /v >C:\boot.txt /c
type C:\boot.txt >> test1.txt /c
echo list vol > C:\prikaz.txt | diskpart /s C:\prikaz.txt > C:\test2.txt /c

%SystemDrive%\PhysicalMBR.bin /md5
%systemroot%\system32\drivers\*.sys /md5
%systemroot%\system32\*.sys /md5

CREATERESTOREPOINT
  • Klikněte na tlačítko Prohledat
  • Po dokončení skenu,který trvá mezi 5-15 minuty se vám zobrazý dva logy OTL.txt a Extras.txt a ty
    mě sem vložte
Napiš mi: chodnik74@gmail.com nebo Obrázek

>RSIT<>MBAM<>VirusTotal

Doporučuji:Obrázek | Obrázek

:!: Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. ;-) Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! :!:

:!: Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!

:idea: Jste s naší pomocí spokojeni :???: Neváhejte a podpořte forum ZDE.

Pravidla fora: č.1 a č.2
Nahoru
MAT
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 10 pro 2005 22:02

Re: omezený přístup na internet

#10 Příspěvek od MAT »

OTL.txt

OTL logfile created on: 2.1.2012 20:45:02 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Gabriela\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,90 Gb Total Physical Memory | 2,37 Gb Available Physical Memory | 60,80% Memory free
7,81 Gb Paging File | 5,99 Gb Available in Paging File | 76,76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 95,39 Gb Total Space | 32,49 Gb Free Space | 34,06% Space Free | Partition Type: NTFS
Drive D: | 135,08 Gb Total Space | 35,68 Gb Free Space | 26,41% Space Free | Partition Type: NTFS
Drive E: | 14,62 Gb Total Space | 12,34 Gb Free Space | 84,40% Space Free | Partition Type: FAT32

Computer Name: GABRIELA-NOOT | User Name: Gabriela | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.01.02 20:43:55 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Gabriela\Desktop\OTL.exe
PRC - [2011.12.24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.12.24 17:50:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.12.17 06:07:39 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011.11.17 11:34:00 | 001,548,448 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
PRC - [2011.10.04 21:14:10 | 000,082,944 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
PRC - [2011.10.04 21:14:06 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\SysWOW64\ACEngSvr.exe
PRC - [2011.10.04 03:09:38 | 000,100,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe
PRC - [2011.10.04 00:17:40 | 000,166,528 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2011.10.03 20:45:58 | 000,375,424 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
PRC - [2011.09.29 19:41:06 | 000,092,800 | ---- | M] (ASUS) -- C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
PRC - [2011.09.09 07:10:06 | 002,317,312 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2011.08.02 23:31:22 | 000,146,592 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011.07.22 00:49:10 | 005,716,608 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2011.06.30 01:16:10 | 000,503,728 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
PRC - [2010.12.21 03:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.12.21 03:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.10.07 23:05:14 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2009.12.15 19:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009.06.19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009.06.19 19:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009.06.16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2008.12.23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008.08.14 06:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe


========== Modules (No Company Name) ==========

MOD - [2011.12.30 10:52:28 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07cdef1a740151932dcf161f3306bd9c\PresentationFramework.Aero.ni.dll
MOD - [2011.12.30 10:50:58 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\70e2ca33ffa52c743285dc5b4910a229\PresentationFramework.ni.dll
MOD - [2011.12.30 10:50:17 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2011.12.30 10:49:55 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2011.12.30 10:49:48 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7c94a121334aeca7553c7f01290740f0\PresentationCore.ni.dll
MOD - [2011.12.30 10:49:15 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2011.12.30 10:48:56 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2011.12.30 10:48:43 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2011.12.30 10:48:40 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011.12.30 10:48:21 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011.12.17 06:07:39 | 002,124,760 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.11.17 11:33:58 | 000,209,920 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll
MOD - [2011.11.01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.11.01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.10.04 21:14:06 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
MOD - [2011.09.09 07:10:06 | 001,163,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
MOD - [2011.02.19 11:20:28 | 000,237,568 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_cs_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2011.02.19 11:20:23 | 000,086,016 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsBase.resources\3.0.0.0_cs_31bf3856ad364e35\WindowsBase.resources.dll
MOD - [2010.11.13 03:00:59 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.07.18 04:21:00 | 003,883,424 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010.11.30 00:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2010.09.23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011.12.24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.09.29 19:41:06 | 000,092,800 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe -- (ASUS InstantOn)
SRV - [2011.08.02 23:31:22 | 000,146,592 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011.08.02 23:13:24 | 000,103,584 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2010.12.21 03:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010.12.21 03:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010.03.18 21:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.12.15 19:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009.06.16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.12.10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.10.18 22:37:21 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.10.18 22:37:21 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.10.18 18:47:12 | 000,198,448 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2011.10.17 06:29:08 | 000,202,496 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc) Fresco Logic xHCI (USB3)
DRV:64bit: - [2011.10.17 06:29:08 | 000,069,888 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIh.sys -- (FLxHCIh) Fresco Logic xHCI (USB3)
DRV:64bit: - [2011.10.04 08:49:32 | 002,770,944 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011.09.16 04:35:40 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2011.09.16 04:35:18 | 012,289,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.08.02 23:22:52 | 000,511,136 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011.08.02 23:22:06 | 000,280,992 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011.08.02 23:21:50 | 000,068,256 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011.08.02 23:21:20 | 000,167,584 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011.08.02 23:21:04 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011.08.02 23:20:50 | 000,030,368 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011.08.02 23:20:34 | 000,110,240 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2011.08.02 23:20:18 | 000,330,912 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011.08.02 17:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.05.13 23:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2011.04.26 04:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.03.15 11:09:16 | 000,311,400 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2011.02.26 02:42:18 | 000,016,768 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger)
DRV:64bit: - [2010.11.30 00:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010.11.20 14:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.20 10:57:44 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.10.20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010.04.28 18:59:16 | 000,027,264 | ---- | M] (ASUS Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\assd.sys -- (assd)
DRV:64bit: - [2009.07.20 10:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008.05.23 17:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2011.09.07 18:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com






IE - HKU\S-1-5-21-3695139967-3685341305-43541418-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-3695139967-3685341305-43541418-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-3695139967-3685341305-43541418-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3695139967-3685341305-43541418-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.01.01 21:27:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012.01.01 21:27:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gabriela\AppData\Roaming\Mozilla\Extensions
[2012.01.01 21:27:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gabriela\AppData\Roaming\Mozilla\Firefox\Profiles\28i91e2l.default\extensions
[2012.01.01 21:27:32 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\Gabriela\AppData\Roaming\Mozilla\Firefox\Profiles\28i91e2l.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2012.01.01 21:27:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.01.01 21:27:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
[2012.01.01 21:27:15 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2011.12.17 06:07:40 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.12.28 20:55:41 | 000,003,739 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2011.12.17 03:57:21 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2011.12.17 03:57:21 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.12.17 03:57:21 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2011.12.17 03:57:21 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.12.17 03:57:21 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [FLxHCIm64] C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe (Windows (R) Win 7 DDK provider)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.169.1 192.168.100.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6BB248E2-9C2D-41BD-9C63-06DFB1A57BCE}: DhcpNameServer = 192.168.169.1 192.168.100.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 7 Days ==========

[2012.01.02 20:43:53 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Gabriela\Desktop\OTL.exe
[2012.01.02 15:30:31 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\AppData\Roaming\Malwarebytes
[2012.01.02 15:30:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.01.02 15:30:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.01.02 15:30:20 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.01.02 15:30:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.01.02 15:28:36 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Gabriela\Desktop\mbam-setup-1.51.2.1300.exe
[2012.01.02 15:12:36 | 001,263,344 | ---- | C] (ESET) -- C:\Users\Gabriela\Desktop\eset_nod32_antivirus_live_installer.exe
[2012.01.02 14:53:06 | 000,000,000 | ---D | C] -- C:\rsit
[2012.01.01 21:27:26 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\AppData\Roaming\Mozilla
[2012.01.01 20:03:50 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\AppData\Roaming\pdfforge
[2012.01.01 20:03:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2012.01.01 20:03:44 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMAPI32.OCX
[2012.01.01 20:03:43 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCT2.OCX
[2012.01.01 20:03:39 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPIDE.DLL
[2012.01.01 20:03:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFCreator
[2011.12.31 17:29:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2011.12.31 17:12:14 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\Desktop\AA
[2011.12.31 13:06:26 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2011.12.31 13:06:13 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\AppData\Roaming\FreeSoftwareDownload
[2011.12.31 13:05:49 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\AppData\Roaming\IObit
[2011.12.31 13:05:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2011.12.31 12:20:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2011.12.30 20:14:39 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\AppData\Local\Diagnostics
[2011.12.30 17:51:31 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\AppData\Roaming\Rovio
[2011.12.30 17:48:15 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\AppData\Roaming\WinRAR
[2011.12.30 10:36:34 | 000,000,000 | ---D | C] -- C:\Záloha 12.2011
[2011.12.30 10:31:21 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2011.12.30 10:31:21 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2011.12.30 01:33:46 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.12.30 01:33:45 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.12.30 01:33:44 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.12.30 01:33:44 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.12.30 01:33:44 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.12.30 01:33:44 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.12.30 01:33:42 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.12.30 01:33:42 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011.12.30 01:33:42 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011.12.30 01:33:42 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.12.30 01:33:41 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.12.29 10:37:19 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\Desktop\VAŘENÍ
[2011.12.29 10:37:18 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\Desktop\TJ SOKOL ŽEHUŠICE
[2011.12.29 10:37:10 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\Desktop\SEMINÁŘE
[2011.12.29 10:37:09 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\Desktop\p.Kubalová
[2011.12.29 10:36:52 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\Desktop\KVĚTINKA
[2011.12.29 10:34:39 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\Desktop\FILMY
[2011.12.29 10:22:47 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2011.12.29 10:22:42 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011.12.29 10:22:42 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011.12.29 10:22:20 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2011.12.29 10:22:20 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2011.12.29 10:22:20 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2011.12.29 10:22:20 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2011.12.29 10:19:18 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011.12.29 10:19:18 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011.12.29 10:19:13 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011.12.29 10:19:13 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2011.12.29 09:38:26 | 000,000,000 | -H-D | C] -- C:\$AVG
[2011.12.28 22:28:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011.12.28 22:28:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2011.12.28 22:25:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011.12.28 22:25:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2011.12.28 22:25:31 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\AppData\Local\Microsoft Help
[2011.12.28 22:25:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011.12.28 22:25:23 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011.12.28 21:24:22 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\AppData\Local\Apple Computer
[2011.12.28 21:24:21 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\AppData\Roaming\Apple Computer
[2011.12.28 21:24:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.12.28 21:24:16 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2011.12.28 21:24:16 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2011.12.28 21:24:16 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2011.12.28 21:23:54 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011.12.28 21:23:53 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011.12.28 21:23:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011.12.28 21:23:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011.12.28 21:23:53 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011.12.28 21:22:58 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\AppData\Local\Apple
[2011.12.28 21:22:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011.12.28 21:22:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011.12.28 21:22:33 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011.12.28 21:22:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011.12.28 21:22:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011.12.28 21:22:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2011.12.28 21:05:09 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\AppData\Roaming\Skype
[2011.12.28 21:05:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.12.28 21:05:00 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2011.12.28 21:04:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011.12.28 20:54:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2011.12.28 20:46:42 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2011.12.28 20:45:22 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011.12.28 20:43:20 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\Documents\ZPS12
[2011.12.28 20:42:56 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\AppData\Roaming\Zoner
[2011.12.28 20:42:56 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\AppData\Local\Zoner
[2011.12.28 20:42:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoner Photo Studio 12
[2011.12.28 20:42:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zoner
[2011.12.28 20:40:06 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\AppData\Roaming\FLEXnet
[2011.12.28 20:40:05 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\AppData\Roaming\Nuance
[2011.12.28 20:40:04 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\AppData\Roaming\Zeon
[2011.12.28 20:35:08 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\AppData\Roaming\ASUS WebStorage
[2011.12.28 20:34:37 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\AppData\Local\Mozilla
[2011.12.28 20:34:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011.12.28 20:32:34 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\AppData\Roaming\Macromedia
[2011.12.28 20:31:26 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\AppData\Roaming\Adobe
[2011.12.28 20:28:48 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\AppData\Local\BMExplorer
[2011.12.28 20:28:48 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\Documents\Bluetooth Folder
[2011.12.28 20:28:36 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\AppData\Roaming\Atheros
[2011.12.28 20:27:29 | 000,000,000 | R--D | C] -- C:\Users\Gabriela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011.12.28 20:27:29 | 000,000,000 | R--D | C] -- C:\Users\Gabriela\Searches
[2011.12.28 20:27:29 | 000,000,000 | R--D | C] -- C:\Users\Gabriela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011.12.28 20:27:22 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\AppData\Roaming\Identities
[2011.12.28 20:27:20 | 000,000,000 | R--D | C] -- C:\Users\Gabriela\Contacts
[2011.12.28 20:27:18 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\AppData\Local\VirtualStore
[2011.12.28 20:27:12 | 000,000,000 | R-SD | C] -- C:\Users\Public\Desktop\ASUS
[2011.12.28 20:27:12 | 000,000,000 | ---D | C] -- C:\ProgramData\FolderView
[2011.12.28 20:27:07 | 000,000,000 | --SD | C] -- C:\Users\Gabriela\AppData\Roaming\Microsoft
[2011.12.28 20:27:07 | 000,000,000 | R--D | C] -- C:\Users\Gabriela\Videos
[2011.12.28 20:27:07 | 000,000,000 | R--D | C] -- C:\Users\Gabriela\Saved Games
[2011.12.28 20:27:07 | 000,000,000 | R--D | C] -- C:\Users\Gabriela\Pictures
[2011.12.28 20:27:07 | 000,000,000 | R--D | C] -- C:\Users\Gabriela\Music
[2011.12.28 20:27:07 | 000,000,000 | R--D | C] -- C:\Users\Gabriela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011.12.28 20:27:07 | 000,000,000 | R--D | C] -- C:\Users\Gabriela\Links
[2011.12.28 20:27:07 | 000,000,000 | R--D | C] -- C:\Users\Gabriela\Favorites
[2011.12.28 20:27:07 | 000,000,000 | R--D | C] -- C:\Users\Gabriela\Downloads
[2011.12.28 20:27:07 | 000,000,000 | R--D | C] -- C:\Users\Gabriela\Documents
[2011.12.28 20:27:07 | 000,000,000 | R--D | C] -- C:\Users\Gabriela\Desktop
[2011.12.28 20:27:07 | 000,000,000 | R--D | C] -- C:\Users\Gabriela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011.12.28 20:27:07 | 000,000,000 | -HSD | C] -- C:\Users\Gabriela\AppData\Local\Temporary Internet Files
[2011.12.28 20:27:07 | 000,000,000 | -HSD | C] -- C:\Users\Gabriela\Šablony
[2011.12.28 20:27:07 | 000,000,000 | -HSD | C] -- C:\Users\Gabriela\Soubory cookie
[2011.12.28 20:27:07 | 000,000,000 | -HSD | C] -- C:\Users\Gabriela\SendTo
[2011.12.28 20:27:07 | 000,000,000 | -HSD | C] -- C:\Users\Gabriela\Poslední
[2011.12.28 20:27:07 | 000,000,000 | -HSD | C] -- C:\Users\Gabriela\Okolní tiskárny
[2011.12.28 20:27:07 | 000,000,000 | -HSD | C] -- C:\Users\Gabriela\Okolní síť
[2011.12.28 20:27:07 | 000,000,000 | -HSD | C] -- C:\Users\Gabriela\Documents\Obrázky
[2011.12.28 20:27:07 | 000,000,000 | -HSD | C] -- C:\Users\Gabriela\Nabídka Start
[2011.12.28 20:27:07 | 000,000,000 | -HSD | C] -- C:\Users\Gabriela\Local Settings
[2011.12.28 20:27:07 | 000,000,000 | -HSD | C] -- C:\Users\Gabriela\Documents\Hudba
[2011.12.28 20:27:07 | 000,000,000 | -HSD | C] -- C:\Users\Gabriela\AppData\Local\History
[2011.12.28 20:27:07 | 000,000,000 | -HSD | C] -- C:\Users\Gabriela\Documents\Filmy
[2011.12.28 20:27:07 | 000,000,000 | -HSD | C] -- C:\Users\Gabriela\Dokumenty
[2011.12.28 20:27:07 | 000,000,000 | -HSD | C] -- C:\Users\Gabriela\Data aplikací
[2011.12.28 20:27:07 | 000,000,000 | -HSD | C] -- C:\Users\Gabriela\AppData\Local\Data aplikací
[2011.12.28 20:27:07 | 000,000,000 | -H-D | C] -- C:\Users\Gabriela\AppData
[2011.12.28 20:27:07 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\AppData\Local\Temp
[2011.12.28 20:27:07 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\AppData\Local\Microsoft
[2011.12.28 20:27:07 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\AppData\Roaming\Media Center Programs
[2011.12.28 20:27:07 | 000,000,000 | ---D | C] -- C:\Users\Gabriela\AppData\Local\ASUS

========== Files - Modified Within 7 Days ==========

[2012.01.02 20:47:04 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.01.02 20:43:55 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Gabriela\Desktop\OTL.exe
[2012.01.02 20:43:26 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.02 20:43:26 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.02 20:42:14 | 001,607,314 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.01.02 20:42:14 | 000,677,856 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.01.02 20:42:14 | 000,663,560 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.01.02 20:42:14 | 000,143,860 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.01.02 20:42:14 | 000,124,832 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.01.02 20:36:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.02 20:36:15 | 3144,658,944 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.02 16:52:06 | 000,045,056 | ---- | M] () -- C:\Windows\SysWow64\acovcnt.exe
[2012.01.02 16:40:14 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.01.02 15:29:11 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Gabriela\Desktop\mbam-setup-1.51.2.1300.exe
[2012.01.02 15:12:37 | 001,263,344 | ---- | M] (ESET) -- C:\Users\Gabriela\Desktop\eset_nod32_antivirus_live_installer.exe
[2012.01.02 14:52:15 | 000,935,175 | ---- | M] () -- C:\Users\Gabriela\Desktop\RSITx64.exe
[2011.12.31 22:15:12 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011.12.31 17:04:01 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat
[2011.12.31 11:11:29 | 000,039,162 | ---- | M] () -- C:\Users\Gabriela\Desktop\INKOMA hodnoceni.tif
[2011.12.30 10:32:08 | 000,341,224 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.12.30 01:57:14 | 003,305,004 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.12.29 20:05:54 | 000,237,390 | ---- | M] () -- C:\Users\Gabriela\Desktop\Hrano 12-2011 001.jpg
[2011.12.29 12:25:26 | 000,063,206 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011.12.29 12:25:26 | 000,063,206 | ---- | M] () -- C:\Windows\SysNative\license.rtf

========== Files Created - No Company Name ==========

[2012.01.02 20:47:04 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.01.02 16:40:14 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.01.02 14:52:12 | 000,935,175 | ---- | C] () -- C:\Users\Gabriela\Desktop\RSITx64.exe
[2012.01.01 21:27:20 | 000,001,148 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.01.01 20:03:43 | 000,087,040 | ---- | C] () -- C:\Windows\SysNative\pdfcmnnt.dll
[2011.12.31 22:15:12 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011.12.31 17:04:01 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat
[2011.12.31 11:11:26 | 000,039,162 | ---- | C] () -- C:\Users\Gabriela\Desktop\INKOMA hodnoceni.tif
[2011.12.29 20:05:53 | 000,237,390 | ---- | C] () -- C:\Users\Gabriela\Desktop\Hrano 12-2011 001.jpg
[2011.12.29 10:37:21 | 002,279,759 | ---- | C] () -- C:\Users\Gabriela\Desktop\cucurbita matysa.JPG
[2011.12.29 10:37:09 | 002,168,148 | ---- | C] () -- C:\Users\Gabriela\Desktop\PF 2012.jpg
[2011.12.28 21:22:57 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011.12.28 20:27:53 | 000,001,391 | ---- | C] () -- C:\Users\Gabriela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011.12.28 20:27:36 | 000,001,425 | ---- | C] () -- C:\Users\Gabriela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.12.28 20:27:10 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\acovcnt.exe
[2011.10.20 07:47:09 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.10.20 07:46:59 | 000,216,000 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.10.20 07:46:55 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011.10.20 07:46:53 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.10.20 07:46:50 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011.10.19 00:19:38 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2011.10.18 23:57:38 | 003,305,004 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009.07.29 07:01:09 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.02.26 07:50:32 | 000,000,176 | ---- | C] () -- C:\Windows\explorer.exe.config

========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CryptSvc /s >
"DisplayName" = @%SystemRoot%\system32\cryptsvc.dll,-1001
"ImagePath" = %SystemRoot%\system32\svchost.exe -k NetworkService -- [2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation)
"Description" = @%SystemRoot%\system32\cryptsvc.dll,-1002
"ObjectName" = NT Authority\NetworkService
"ErrorControl" = 1
"Start" = 2
"Type" = 32
"DependOnService" = RpcSs [binary data]
"ServiceSidType" = 1
"RequiredPrivileges" = [Binary data over 100 bytes]
"FailureActions" = 80 51 01 00 00 00 00 00 00 00 00 00 03 00 00 00 14 00 00 00 01 00 00 00 60 EA 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CryptSvc\Parameters]
"ServiceDll" = %SystemRoot%\system32\cryptsvc.dll -- [2010.11.20 13:18:26 | 000,136,192 | ---- | M] (Microsoft Corporation)
"ServiceMain" = CryptServiceMain
"ServiceDllUnloadOnStop" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CryptSvc\Security]
"Security" = 00 00 0E 00 01 [binary data]

< >


< MD5 for: ACPI.SYS >
[2009.07.14 02:52:21 | 000,334,416 | ---- | M] (Microsoft Corporation) MD5=6F11E88748CDEFD2F76AA215F97DDFE5 -- C:\Windows\winsxs\amd64_acpi.inf_31bf3856ad364e35_6.1.7600.16385_none_7e7db5aae7b8d5ef\acpi.sys
[2010.11.20 14:32:48 | 000,334,208 | ---- | M] (Microsoft Corporation) MD5=D81D9E70B8A6DD14D42D7B4EFA65D5F2 -- C:\Windows\SysNative\drivers\acpi.sys
[2010.11.20 14:32:48 | 000,334,208 | ---- | M] (Microsoft Corporation) MD5=D81D9E70B8A6DD14D42D7B4EFA65D5F2 -- C:\Windows\SysNative\DriverStore\FileRepository\acpi.inf_amd64_neutral_aed2e7a487803437\acpi.sys
[2010.11.20 14:32:48 | 000,334,208 | ---- | M] (Microsoft Corporation) MD5=D81D9E70B8A6DD14D42D7B4EFA65D5F2 -- C:\Windows\winsxs\amd64_acpi.inf_31bf3856ad364e35_6.1.7601.17514_none_80aec972e4a75989\acpi.sys

< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:28 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 14:24:28 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:56 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:56 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CMD.EXE >
[2010.11.20 14:24:34 | 000,345,088 | ---- | M] (Microsoft Corporation) MD5=5746BD7E255DD6A8AFA06F7C42C1BA41 -- C:\Windows\SysNative\cmd.exe
[2010.11.20 14:24:34 | 000,345,088 | ---- | M] (Microsoft Corporation) MD5=5746BD7E255DD6A8AFA06F7C42C1BA41 -- C:\Windows\winsxs\amd64_microsoft-windows-commandprompt_31bf3856ad364e35_6.1.7601.17514_none_e932cc2c30fc13b0\cmd.exe
[2009.07.14 02:39:01 | 000,344,576 | ---- | M] (Microsoft Corporation) MD5=6960D29ABE74341FAB8300DB3E6F883D -- C:\Windows\winsxs\amd64_microsoft-windows-commandprompt_31bf3856ad364e35_6.1.7600.16385_none_e701b864340d9016\cmd.exe
[2009.07.14 02:14:15 | 000,301,568 | ---- | M] (Microsoft Corporation) MD5=8AE6DD9A6D246004DA047F704F0CC487 -- C:\Windows\winsxs\wow64_microsoft-windows-commandprompt_31bf3856ad364e35_6.1.7600.16385_none_f15662b6686e5211\cmd.exe
[2010.11.20 13:17:02 | 000,302,592 | ---- | M] (Microsoft Corporation) MD5=AD7B9C14083B52BC532FBA5948342B98 -- C:\Windows\SysWOW64\cmd.exe
[2010.11.20 13:17:02 | 000,302,592 | ---- | M] (Microsoft Corporation) MD5=AD7B9C14083B52BC532FBA5948342B98 -- C:\Windows\winsxs\wow64_microsoft-windows-commandprompt_31bf3856ad364e35_6.1.7601.17514_none_f387767e655cd5ab\cmd.exe
Nahoru
MAT
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 10 pro 2005 22:02

Re: omezený přístup na internet

#11 Příspěvek od MAT »

2/2

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2010.11.20 14:26:00 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\SysNative\cryptsvc.dll
[2010.11.20 14:26:00 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2009.07.14 02:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 13:18:26 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\SysWOW64\cryptsvc.dll
[2010.11.20 13:18:26 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll

< MD5 for: CSRSS.EXE >
[2009.07.14 02:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\SysNative\csrss.exe
[2009.07.14 02:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe

< MD5 for: EXPLORER.EXE >
[2011.10.18 22:36:18 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.10.18 22:36:18 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.10.18 22:36:18 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2011.10.18 22:36:18 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.10.18 22:36:18 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.10.18 22:36:18 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.10.18 22:36:18 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.10.18 22:36:18 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.10.18 22:36:18 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.20 14:24:46 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2011.10.18 22:36:18 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe

< MD5 for: FASTFAT.SYS >
[2009.07.14 00:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=0ADC83218B66A6DB380C330836F3E36D -- C:\Windows\SysNative\drivers\fastfat.sys
[2009.07.14 00:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=0ADC83218B66A6DB380C330836F3E36D -- C:\Windows\winsxs\amd64_microsoft-windows-fat_31bf3856ad364e35_6.1.7600.16385_none_0aa81d2771152f86\fastfat.sys

< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 14:33:36 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 14:33:36 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: I8042PRT.SYS >
[2009.07.14 00:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\SysNative\drivers\i8042prt.sys
[2009.07.14 00:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\SysNative\DriverStore\FileRepository\keyboard.inf_amd64_neutral_0684fdc43059f486\i8042prt.sys
[2009.07.14 00:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\SysNative\DriverStore\FileRepository\msmouse.inf_amd64_neutral_7a5f47d3150cc0eb\i8042prt.sys
[2009.07.14 00:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7600.16385_none_f3435f7ff2a9f325\i8042prt.sys
[2009.07.14 00:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_f5747347ef9876bf\i8042prt.sys
[2009.07.14 00:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\winsxs\amd64_msmouse.inf_31bf3856ad364e35_6.1.7600.16385_none_aa28fd23ec0c39f9\i8042prt.sys

< MD5 for: IASTOR.SYS >
[2011.04.26 04:07:36 | 000,557,848 | ---- | M] (Intel Corporation) MD5=26CF4275034214ECEDD8EC17B0A18A99 -- C:\eSupport\eDriver\Software\Others\Intel\IRST\Vista64_Win7_64_10.5.0.1026\iaStor.sys
[2011.04.26 04:07:36 | 000,557,848 | ---- | M] (Intel Corporation) MD5=26CF4275034214ECEDD8EC17B0A18A99 -- C:\Windows\SysNative\drivers\iaStor.sys
[2011.04.26 04:07:36 | 000,557,848 | ---- | M] (Intel Corporation) MD5=26CF4275034214ECEDD8EC17B0A18A99 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_16d1c1de1eca8452\iaStor.sys

< MD5 for: IASTORV.SYS >
[2010.11.20 14:33:40 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:33:40 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.10.18 22:37:21 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.10.18 22:37:21 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.10.18 22:37:21 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.10.18 22:37:21 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.10.18 22:37:21 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.10.18 22:37:21 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: KBDCLASS.SYS >
[2009.07.14 02:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) MD5=BC02336F1CBA7DCC7D1213BB588A68A5 -- C:\Windows\SysNative\drivers\kbdclass.sys
[2009.07.14 02:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) MD5=BC02336F1CBA7DCC7D1213BB588A68A5 -- C:\Windows\SysNative\DriverStore\FileRepository\keyboard.inf_amd64_neutral_0684fdc43059f486\kbdclass.sys
[2009.07.14 02:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) MD5=BC02336F1CBA7DCC7D1213BB588A68A5 -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7600.16385_none_f3435f7ff2a9f325\kbdclass.sys
[2009.07.14 02:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) MD5=BC02336F1CBA7DCC7D1213BB588A68A5 -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_f5747347ef9876bf\kbdclass.sys

< MD5 for: LSASS.EXE >
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\SysNative\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe

< MD5 for: NDIS.SYS >
[2010.12.29 11:45:14 | 000,947,584 | ---- | M] (Microsoft Corporation) MD5=02A1D495D9CD3C787BDE560CCC6A480E -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.20867_none_045d623d4ecba2f1\ndis.sys
[2010.12.29 11:33:33 | 000,950,656 | ---- | M] (Microsoft Corporation) MD5=303310C91F8C0740ED1C76851C759874 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.21628_none_066fff3d4bd0b870\ndis.sys
[2010.11.20 14:33:46 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2010.12.29 11:41:29 | 000,947,584 | ---- | M] (Microsoft Corporation) MD5=A3151B3463EEA7E47F618F115D0D142E -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16726_none_03fe04d8358e7a0c\ndis.sys
[2010.12.29 11:57:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=C38B8AE57F78915905064A9A24DC1586 -- C:\Windows\SysNative\drivers\ndis.sys
[2010.12.29 11:57:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=C38B8AE57F78915905064A9A24DC1586 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17530_none_05d3903632c269df\ndis.sys
[2009.07.14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 14:27:24 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 14:27:24 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 13:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 13:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NTFS.SYS >
[2010.11.20 14:33:48 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=05D78AA5CB5F3F5C31160BDB955D0B7C -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17514_none_04972f2c338b23d4\ntfs.sys
[2009.07.14 02:48:27 | 001,659,984 | ---- | M] (Microsoft Corporation) MD5=356698A13C4630D5B31C37378D469196 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16385_none_02661b64369ca03a\ntfs.sys
[2011.10.18 22:37:21 | 001,657,216 | ---- | M] (Microsoft Corporation) MD5=378E0E0DFEA67D98AE6EA53ADBBD76BC -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16778_none_0273f3c63691c4ea\ntfs.sys
[2011.10.18 22:37:21 | 001,685,888 | ---- | M] (Microsoft Corporation) MD5=867C1395F0100CBE9ACD73B1C2741149 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.20921_none_032ca00d4f8d24c5\ntfs.sys
[2011.10.18 22:37:21 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=87B104128D4D3BA3C13098BAEBF38082 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.21680_none_04d11b5b4ce521d9\ntfs.sys
[2011.10.18 22:37:21 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=A2F74975097F52A00745F9637451FDD8 -- C:\Windows\SysNative\drivers\ntfs.sys
[2011.10.18 22:37:21 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=A2F74975097F52A00745F9637451FDD8 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17577_none_0459508233b9177f\ntfs.sys

< MD5 for: NVRAID.SYS >
[2011.10.18 22:37:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.10.18 22:37:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.10.18 22:37:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009.07.14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2010.11.20 14:33:50 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 14:33:50 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.10.18 22:37:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2011.10.18 22:37:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2011.10.18 22:37:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.10.18 22:37:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.10.18 22:37:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.10.18 22:37:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.10.18 22:37:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.10.18 22:37:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.10.18 22:37:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 14:33:50 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:33:50 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: REGEDIT.EXE >
[2009.07.14 02:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe
[2009.07.14 02:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe
[2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe
[2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SMSS.EXE >
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SPOOLSV.EXE >
[2009.07.14 02:39:44 | 000,558,080 | ---- | M] (Microsoft Corporation) MD5=89E8550C5862999FCF482EA562B0E98E -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16385_none_324094c8db39cbbd\spoolsv.exe
[2010.11.20 14:25:22 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=B96C17B5DC1424D56EEA3A99E97428CD -- C:\Windows\SysNative\spoolsv.exe
[2010.11.20 14:25:22 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=B96C17B5DC1424D56EEA3A99E97428CD -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_3471a890d8284f57\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2011.12.24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.10.18 22:45:15 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011.09.29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.20 14:33:58 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.10.18 22:53:45 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2011.10.18 22:45:15 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.10.18 22:45:15 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.10.18 22:53:45 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.09.29 17:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2011.10.18 22:45:15 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.10.18 22:53:45 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011.10.18 22:53:45 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 17:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\SysNative\drivers\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USER32.DLL >
[2010.11.20 13:08:58 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.20 13:08:58 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009.07.14 02:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010.11.20 14:27:28 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.20 14:27:28 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WIN32K.SYS >
[2011.10.18 22:48:35 | 003,139,072 | ---- | M] (Microsoft Corporation) MD5=0DF3BD068DBB6BB760F28932D4D7F78E -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.20983_none_15701116cd572f46\win32k.sys
[2011.10.18 22:30:08 | 003,135,488 | ---- | M] (Microsoft Corporation) MD5=0E7FBAD1692AACF9E0FF7E6624CC8B4C -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17570_none_16d49e79b15a964b\win32k.sys
[2011.10.18 22:30:08 | 003,133,440 | ---- | M] (Microsoft Corporation) MD5=11D256F453BE218C3C2AEB35B7633EA3 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16772_none_14f04207b4325d0d\win32k.sys
[2011.11.24 05:45:10 | 003,146,752 | ---- | M] (Microsoft Corporation) MD5=338E48AB7810E1B223DFECD82C44F5A3 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21866_none_176f10b8ca6aac7c\win32k.sys
[2011.10.18 22:21:37 | 003,127,808 | ---- | M] (Microsoft Corporation) MD5=33DD4577B4BA2CF6BD1D1096DCBB0A49 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16732_none_151b81b7b411ed49\win32k.sys
[2011.11.24 05:52:41 | 003,146,240 | ---- | M] (Microsoft Corporation) MD5=3AD5AEA8772DBEB548D0863714D7959D -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21097_none_15691a74cd5be3d5\win32k.sys
[2011.10.18 22:30:08 | 003,137,536 | ---- | M] (Microsoft Corporation) MD5=3B166F6F8AFBB1B4C1FDDAB0149C3BCE -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.20914_none_15bcc0d4cd1d8506\win32k.sys
[2011.11.24 06:00:47 | 003,141,632 | ---- | M] (Microsoft Corporation) MD5=55CF26CF771B086A393750BD494FD6FC -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16920_none_152454dbb40b98f8\win32k.sys
[2011.10.18 22:21:37 | 003,129,344 | ---- | M] (Microsoft Corporation) MD5=643E6764B18CB3266357FD0AB649F7A8 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21634_none_178d7c1cca542bad\win32k.sys
[2011.10.18 22:48:35 | 003,134,464 | ---- | M] (Microsoft Corporation) MD5=69762AB7ADF33748394701B8AA66CD81 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16830_none_15198309b413b7c2\win32k.sys
[2011.11.24 05:52:09 | 003,145,216 | ---- | M] (Microsoft Corporation) MD5=6E810D7C1E3881289733924CE9763B92 -- C:\Windows\SysNative\win32k.sys
[2011.11.24 05:52:09 | 003,145,216 | ---- | M] (Microsoft Corporation) MD5=6E810D7C1E3881289733924CE9763B92 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17730_none_16ffe1f5b13a20d5\win32k.sys
[2011.10.18 22:48:35 | 003,137,536 | ---- | M] (Microsoft Corporation) MD5=7A1BCE8E431CE1083E6807D43C1B0661 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17630_none_16ffe00fb13a23ae\win32k.sys
[2011.10.18 22:21:37 | 003,129,344 | ---- | M] (Microsoft Corporation) MD5=9F9B2A0552CD7FCD1B6A29B94A6AABE1 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.20873_none_157adf1ccd4f162e\win32k.sys
[2010.11.20 10:53:34 | 003,126,272 | ---- | M] (Microsoft Corporation) MD5=A89392A32BA98468710FD7E38318934B -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17514_none_17197f29b1265401\win32k.sys
[2009.07.14 00:40:40 | 003,122,176 | ---- | M] (Microsoft Corporation) MD5=CBEF2EB83438ED9FC39411CC8378B0E7 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16385_none_14e86b61b437d067\win32k.sys
[2011.10.18 22:48:35 | 003,140,096 | ---- | M] (Microsoft Corporation) MD5=D9DC465D72719EB413FDD056B0F25EED -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21744_none_1782ae16ca5c44c5\win32k.sys
[2011.10.18 22:30:08 | 003,137,536 | ---- | M] (Microsoft Corporation) MD5=E5043EE4E7762CBF2E8D69E7D7E726E1 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21673_none_17613c22ca75821a\win32k.sys
[2011.10.18 22:21:37 | 003,129,344 | ---- | M] (Microsoft Corporation) MD5=F7755E762C67E2AFF6087AB5D2CE7A7A -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17535_none_1704df9bb135a53a\win32k.sys

< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2011.12.24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< MD5 for: WINSRV.DLL >
[2011.10.18 22:55:03 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=0CB6EBF4B461A6043353C570BD72A1E1 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.16850_none_128f0019b5f25b8f\winsrv.dll
[2011.10.18 22:49:25 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=1A589228B6DC007120F877DBBD6CB79D -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.21728_none_15276bfecc16de2a\winsrv.dll
[2011.10.18 22:49:23 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=3739AA2F57FE492EA976E20C56CDF2F4 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.16816_none_12c04185b5cc83d5\winsrv.dll
[2011.10.18 22:49:25 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=3A8135A7DED2FA0DAD3BDE1B14865A8A -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17617_none_14a79ed5b2f20918\winsrv.dll
[2009.07.14 02:41:56 | 000,214,016 | ---- | M] (Microsoft Corporation) MD5=457B44AB6D502E55F64A867D4F35C76C -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.16385_none_12738849b6063c52\winsrv.dll
[2011.10.18 22:49:23 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=55917E3ABDDC20D0AAEAC49F5CE67462 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.20978_none_130aff5ccf18fdf3\winsrv.dll
[2011.10.18 22:50:13 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=5AA1C7B5F471C4657BE38447BC397665 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.21738_none_151c9c12cc1efa1b\winsrv.dll
[2011.10.18 22:55:03 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=6D408ABD60A995A2DAB4BAAE38BCA04F -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.20995_none_12f25ea6cf2be9d0\winsrv.dll
[2011.10.18 22:50:13 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=9F761CE1C6C013120B2F0DB27D48C06F -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17625_none_149ace55b2fbf25b\winsrv.dll
[2011.10.18 22:55:05 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=C13D05A015346DED3D722BE285814495 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.21756_none_1504fba6cc30ff4f\winsrv.dll
[2011.10.18 22:50:13 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=DE09FA38A6544829F012B9531C18454F -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.16823_none_12b270bbb5d753c1\winsrv.dll
[2010.11.20 14:27:30 | 000,214,016 | ---- | M] (Microsoft Corporation) MD5=E0406AEF04B088D1C49FC78D0546F689 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17514_none_14a49c11b2f4bfec\winsrv.dll
[2011.10.18 22:55:05 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=EB6A48CC998E1090E44E8E7F1009A640 -- C:\Windows\SysNative\winsrv.dll
[2011.10.18 22:55:05 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=EB6A48CC998E1090E44E8E7F1009A640 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17641_none_14812d55b30fc4e1\winsrv.dll

< MD5 for: WS2_32.DLL >
[2010.11.20 14:27:30 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.20 14:27:30 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009.07.14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010.11.20 13:21:40 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.20 13:21:40 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2009.07.14 02:41:04 | 000,230,400 | ---- | M] (Hewlett-Packard Corporation) --
[2009.07.14 02:41:12 | 000,027,648 | ---- | M] (Microsoft Corporation) --
[2010.11.20 14:27:30 | 000,039,424 | ---- | M] (Microsoft Corporation) --
[2011.02.19 11:20:21 | 000,003,584 | ---- | M] (Lexmark International Inc.) --

< %systemroot%\system32\Spool\prtprocs\*.* /s >
[2009.07.14 02:41:04 | 000,230,400 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\system32\Spool\prtprocs\x64\hpzppw71.dll
[2009.07.14 02:41:12 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\x64\jnwppr.dll
[2010.11.20 14:27:30 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\x64\winprint.dll
[2011.02.19 11:20:21 | 000,003,584 | ---- | M] (Lexmark International Inc.) -- C:\Windows\system32\Spool\prtprocs\x64\cs-CZ\LXKPTPRC.DLL.mui

< %systemroot%\system32\drivers\*.sys /10 >

< %systemroot%\system32\drivers\*.sys /X >
[2011.12.09 09:49:47 | 000,000,000 | ---- | M] () -- C:\Windows\system32\drivers\1043_ASUSTEK_UX31E_V50_WIN7.MRK
[2009.06.10 22:14:29 | 003,440,660 | ---- | M] () -- C:\Windows\system32\drivers\gm.dls
[2009.06.10 22:14:29 | 000,000,646 | ---- | M] () -- C:\Windows\system32\drivers\gmreadme.txt

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.* /10 >
[2012.01.02 16:52:06 | 000,045,056 | ---- | M] () -- C:\Windows\system32\acovcnt.exe
[2011.12.29 12:25:26 | 000,063,206 | ---- | M] () -- C:\Windows\system32\license.rtf
[2012.01.02 20:38:22 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt
[2011.12.30 01:57:14 | 003,305,004 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[2012.01.02 15:18:57 | 000,004,280 | ---- | M] () -- C:\Windows\system32\TmInstall.log

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\*.* /lockedfiles >
[2012.01.02 20:38:22 | 000,000,018 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\log.txt

< %systemroot%\system32\config\*.sav >

< %systemroot%\Tasks\*.job >

< %systemroot%\*.* /U /s >
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\33a1b5a0475cdbfea139233e4d990a8c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\33a1b5a0475cdbfea139233e4d990a8c\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\3fedcac79b66bcf0809496c7a29500cd\*.tmp files -> C:\Windows\SoftwareDistribution\Download\3fedcac79b66bcf0809496c7a29500cd\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\744d0a29f79b4b4949620ac5107e09ad\*.tmp files -> C:\Windows\SoftwareDistribution\Download\744d0a29f79b4b4949620ac5107e09ad\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\ab84c9ab9bce3d469fb4251d05dba4af\*.tmp files -> C:\Windows\SoftwareDistribution\Download\ab84c9ab9bce3d469fb4251d05dba4af\*.tmp -> ]
[11 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %systemroot%\*. /rp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >

< %ALLUSERSPROFILE%\Nabídka Start\*.lnk /x >

< %ALLUSERSPROFILE%\Data Aplikácií\*.* >

< %ALLUSERSPROFILE%\Data Aplikácií\*.exe /s >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %APPDATA%\*. >
[2011.12.28 20:31:26 | 000,000,000 | ---D | M] -- C:\Users\Gabriela\AppData\Roaming\Adobe
[2011.12.31 22:15:15 | 000,000,000 | ---D | M] -- C:\Users\Gabriela\AppData\Roaming\Apple Computer
[2011.12.28 20:35:08 | 000,000,000 | ---D | M] -- C:\Users\Gabriela\AppData\Roaming\ASUS WebStorage
[2011.12.28 20:28:36 | 000,000,000 | ---D | M] -- C:\Users\Gabriela\AppData\Roaming\Atheros
[2011.12.28 20:40:06 | 000,000,000 | ---D | M] -- C:\Users\Gabriela\AppData\Roaming\FLEXnet
[2011.12.31 13:06:25 | 000,000,000 | ---D | M] -- C:\Users\Gabriela\AppData\Roaming\FreeSoftwareDownload
[2011.12.28 20:27:22 | 000,000,000 | ---D | M] -- C:\Users\Gabriela\AppData\Roaming\Identities
[2011.12.31 13:05:50 | 000,000,000 | ---D | M] -- C:\Users\Gabriela\AppData\Roaming\IObit
[2011.12.28 20:32:34 | 000,000,000 | ---D | M] -- C:\Users\Gabriela\AppData\Roaming\Macromedia
[2012.01.02 15:30:31 | 000,000,000 | ---D | M] -- C:\Users\Gabriela\AppData\Roaming\Malwarebytes
[2009.07.14 08:45:37 | 000,000,000 | ---D | M] -- C:\Users\Gabriela\AppData\Roaming\Media Center Programs
[2011.12.31 11:41:43 | 000,000,000 | --SD | M] -- C:\Users\Gabriela\AppData\Roaming\Microsoft
[2012.01.01 21:27:31 | 000,000,000 | ---D | M] -- C:\Users\Gabriela\AppData\Roaming\Mozilla
[2011.12.28 20:40:05 | 000,000,000 | ---D | M] -- C:\Users\Gabriela\AppData\Roaming\Nuance
[2012.01.01 20:03:50 | 000,000,000 | ---D | M] -- C:\Users\Gabriela\AppData\Roaming\pdfforge
[2011.12.30 17:51:31 | 000,000,000 | ---D | M] -- C:\Users\Gabriela\AppData\Roaming\Rovio
[2012.01.02 15:02:09 | 000,000,000 | ---D | M] -- C:\Users\Gabriela\AppData\Roaming\Skype
[2011.12.30 17:48:30 | 000,000,000 | ---D | M] -- C:\Users\Gabriela\AppData\Roaming\WinRAR
[2011.12.28 20:40:04 | 000,000,000 | ---D | M] -- C:\Users\Gabriela\AppData\Roaming\Zeon
[2011.12.28 20:43:17 | 000,000,000 | ---D | M] -- C:\Users\Gabriela\AppData\Roaming\Zoner

< %APPDATA%\*.* >

< %APPDATA%\*.exe /s >

< %SYSTEMDRIVE%\*.exe >

< %systemroot%\system32|bak;true;false;false /fp >

< %PROGRAMFILES%|bak;true;false;false /fp >

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2011.12.17 06:07:39 | 000,924,632 | ---- | M] (Mozilla Corporation) MD5=183B33FC2A372354210742767B177CE8 -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2011.03.28 20:07:19 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s >
"JobInactivityTimeout" = 7776000
"JobMinimumRetryDelay" = 600
"JobNoProgressTimeout" = 1209600
"LogFileFlags" = 0
"LogFileMinMemory" = 120
"LogFileSize" = 1
"TimeQuantaLength" = 300
"UseLmCompat" = 2

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems" /v Windows /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER\SUBSYSTEMS
WINDOWS REG_EXPAND_SZ %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

< >

< type c:\boot.ini >> test.txt /c >

< bcdedit /enum all /v >C:\boot.txt /c >

< type C:\boot.txt >> test1.txt /c >

< echo list vol > C:\prikaz.txt | diskpart /s C:\prikaz.txt > C:\test2.txt /c >
Microsoft DiskPart verze 6.1.7601
Copyright (C) 1999-2008 Microsoft Corporation.
V poźˇtaźi: GABRIELA-NOOT
Svazek ### Ltr Jmenovka Fs Typ Velikost Stav Info
---------- --- ----------- ----- ---------- -------- --------- --------
Svazek 0 C OS NTFS Oddˇl 95 GB V poý dku Syst‚m
Svazek 1 D DATA NTFS Oddˇl 135 GB V poý dku
Svazek 2 E FAT32 VymŘniteln 14 GB V poý dku

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.01.02 20:47:04 | 000,000,512 | ---- | M] () MD5=3F05ADFE8E3F8CA801295F1A181C814D -- C:\PhysicalMBR.bin

< %systemroot%\system32\drivers\*.sys /md5 >
[2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) MD5=5CF95B35E59E2A38023836FFF31BE64C -- C:\Windows\system32\drivers\wimmount.sys

< %systemroot%\system32\*.sys /md5 >

< >

< End of report >
Nahoru
MAT
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 10 pro 2005 22:02

Re: omezený přístup na internet

#12 Příspěvek od MAT »

etras txt.

OTL Extras logfile created on: 2.1.2012 20:45:02 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Gabriela\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,90 Gb Total Physical Memory | 2,37 Gb Available Physical Memory | 60,80% Memory free
7,81 Gb Paging File | 5,99 Gb Available in Paging File | 76,76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 95,39 Gb Total Space | 32,49 Gb Free Space | 34,06% Space Free | Partition Type: NTFS
Drive D: | 135,08 Gb Total Space | 35,68 Gb Free Space | 26,41% Space Free | Partition Type: NTFS
Drive E: | 14,62 Gb Total Space | 12,34 Gb Free Space | 84,40% Space Free | Partition Type: FAT32

Computer Name: GABRIELA-NOOT | User Name: Gabriela | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3695139967-3685341305-43541418-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01E66AC4-B28B-494C-993D-3CD17020BEBC}" = Fresco Logic USB3.0 Host Controller
"{03E5CBD3-73E3-410D-890D-D3F48B2653A6}" = Windows Live Family Safety
"{0E7EF678-587B-43E9-B13C-9F4B52ACFFCA}" = Windows Live Family Safety
"{0F872589-F781-4EAF-9CBC-BF6A9809F17D}" = Windows Live Family Safety
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{19E42E62-8C05-42DE-9DC4-C606F9F8927B}" = Windows Live Family Safety
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1E8F990F-A140-47D4-B266-402E9CF96FC3}" = Windows Live Family Safety
"{1FB31F44-D4D0-4D76-944A-A1A5D79FD321}" = Windows Live Family Safety
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{27F3F8DE-AC95-4E10-90A6-EBA999DDBCAF}" = Windows Live Remote Service Resources
"{29CFD07F-4971-41B0-B14D-621ACCC264AC}" = Windows Live Remote Service Resources
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{553BB3BD-7A2A-4E5E-9B2F-2D14DC70093A}" = Windows Live Family Safety
"{5708148D-3A0E-4587-8311-DFCFA33F4D92}" = Windows Live Family Safety
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{641B32DB-8226-4250-86C9-34671162F5D5}" = Windows Live Remote Client Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6A2482BC-733A-404A-939A-2D5BC636E6F9}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{761C6783-D3BC-48AB-8E7C-61CE918A8436}" = ASUS Secure Delete
"{78654366-5889-4A70-90D9-04B00709EEE0}" = Windows Live Remote Client Resources
"{7D8BBAF2-E7C6-4BB6-9E35-31340373F699}" = Windows Live Family Safety
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{A2D54577-154D-4D8B-9ECF-D7D4553ECE63}" = Windows Live Family Safety
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Intel(R) Turbo Boost Technology Monitor 2.0
"{B96C4CA9-FA40-490C-B3BB-50F84A44694E}" = Windows Live Family Safety
"{BCA3DCDA-170A-44DB-A888-78105ABACF43}" = Windows Live Family Safety
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{D157C6E7-5847-4FD1-BEDC-7389493874F6}" = Windows Live Remote Service Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}" = iTunes
"{D8F30372-43E3-4720-ABDE-11C95E562B71}" = Windows Live Family Safety
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E10CB758-D5FD-4A2D-A1C9-459D6BB0C035}" = Windows Live Remote Client Resources
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{F0793412-6407-4870-9A8C-6FE198A4EB12}" = Windows Live Remote Client Resources
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Elantech" = ETDWare PS/2-X64 10.0.5.2_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{047377C9-C74B-4345-82E8-03BAE5DF2C32}" = Windows Live Writer
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0A093C39-CBB3-4142-B93F-562F176B6305}" = Windows Live Mesh
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B80A0FD-755A-4796-BFB0-A7B07366F33A}" = Windows Live Mail
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{1168ECF1-2932-4E86-BC83-560C256C8022}" = Windows Live Photo Common
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{122800FE-3AAF-4974-9FBD-54B023FA756A}" = „Windows Live Messenger“
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}" = „Windows Live Essentials“
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}" = Kontrola Windows Live Mesh ActiveX za daljinske veze
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}" = Windows Live Mesh ActiveX-i juhtelement kaugühendustele
"{260E3D78-94E6-47EC-8E29-46301572BB1E}" = Control ActiveX Windows Live Mesh pentru conexiuni la distanță
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{2720009D-9566-45A7-A370-0E6DAC313F3F}" = „Windows Live Mail“
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2CC0789D-D31B-445F-8970-6E058BE39754}" = Windows Live UX Platform Language Pack
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2F54E453-8C93-4B3B-936A-233C909E6CAC}" = Windows Live Messenger
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3B8F240C-B75E-4A1E-BDCC-6C7F033078A3}" = Windows Live UX Platform Language Pack
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{442032CB-900C-49C7-B4B4-2B76525DD403}" = Windows Live Photo Common
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{517EAAB9-C35E-4949-B8C2-20C241162BBB}" = Windows Live Pošta
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{545192D4-E817-4EAA-834D-623EA50CF268}" = Windows Live UX Platform Language Pack
"{54A168C9-2250-4058-80EB-1F4A4192548A}" = AX88772B Windows 7 Drivers
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{58172D66-2F69-4215-9AEC-ED8196023736}" = ASUS Tutor
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D163056-96B7-440F-A836-89BA5D3CFF2F}" = Windows Live Photo Common
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS FaceLogon
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B3BAE39-4ED1-4EEB-9769-A3AA0AA58CB4}" = Windows Live Movie Maker
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6DCE9C3E-3DB7-4C3C-8B80-BC55781BB7B6}" = Windows Live Writer Resources
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71684DFF-CDED-450C-AF0C-4A1A6438A1A5}" = Windows Live Essentials
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{749F674B-2674-47E8-879C-5626A06B2A91}" = InstantOn for NB
"{77BC9EAF-14C7-4338-9B1C-D5A3E142C0B8}" = Windows Live Photo Common
"{77DAF553-291A-4471-988C-5677D90DB57E}" = Windows Live Writer Resources
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7D916FA5-DAE9-4A25-B089-655C70EAF607}" = Qualcomm Atheros WiFi Driver Installation
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{826A9D28-CAB2-4950-8AAA-B639DCA444CE}" = Windows Live UX Platform Language Pack
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111249233}" = Dream Vacation Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115065740}" = Bubbletown
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115290153}" = Go Go Gourmet Chef of the Year
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115320460}" = Turbo Fiesta
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116672750}" = World of Goo
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117080787}" = Plants vs Zombies
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117948443}" = Mahjong Memoirs
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118716773}" = Deadtime Stories
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{86E6D3A7-3ADC-44C0-B94E-85D2A9DD36B0}" = Windows Live Writer
"{8985AE5E-622A-4980-8BF8-0A1830643220}" = Windows Live Mesh ActiveX kontrola za daljinske veze
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D33ECF4-1A77-4674-ABAE-DFF978C5BC0A}" = Windows Live Movie Maker
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EFCE1F8-8ADB-40F2-BED7-7728BED00EC0}" = Windows Live Essentials
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-0000-0000000FF1CE}_Office14.SingleImage_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}_Office14.SingleImage_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}_Office14.SingleImage_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}_Office14.SingleImage_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}_Office14.SingleImage_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}_Office14.SingleImage_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}_Office14.SingleImage_{2304F942-79D2-46F7-A512-269A7F5B7EFC}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-0000-0000000FF1CE}_Office14.SingleImage_{A162C5E6-7778-4D5B-9F0A-38F0122DD859}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0405-1000-0000000FF1CE}_Office14.SingleImage_{AB90513B-B892-41B5-8F8B-1D356A449652}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-0000-0000000FF1CE}_Office14.SingleImage_{8148DB19-71B1-4415-8B26-DF5B9E873FC3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}_Office14.SingleImage_{EEF3E2C0-135B-44DC-BEDD-7F01CFBEFF46}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}_Office14.SingleImage_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}" = „Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E771D5B-C429-4CBC-8730-3EBD9EC99E4C}" = Windows Live Movie Maker
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A1668729-C4D2-49AE-877B-FB608362FFF1}" = Windows Live Essentials
"{A3389C72-1782-4BB4-BBAA-33345DE52E3F}" = Windows Live Messenger
"{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}" = Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem
"{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{AECA3622-E634-4A55-A696-70A511CBE06E}" = ASUS USB Charger Plus
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B2DB883F-1AF3-4BE6-BE04-710D9C556C44}" = PowerWiz
"{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}" = ActiveX контрола на Windows Live Mesh за отдалечени връзки
"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B7B60C4F-0DB8-42EF-8EDC-5F21D4C2D73F}" = PWR Option
"{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources
"{B81722D3-0A95-4BDE-AA1A-A2A5D12FCDB2}" = Windows Live Foto-galerija
"{B9B66F77-9D00-4CA4-BDF1-BBA8236B4DB6}" = Windows Live Writer
"{BD0C3887-64E6-41D8-9A38-BC6F34369352}" = Windows Live Messenger
"{BD215FCB-27E8-4C86-9251-8B8C1D548743}" = Windows Live Messenger
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C4BC5A5F-4A97-47CC-99C3-AB8E10572AFE}" = Wireless Console 3
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7DEE8F5-29D4-4A5E-823B-4A7850C5E53D}" = Windows Live'i fotogalerii
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C877E454-FA36-409A-A00E-1240CEC61BBD}" = „Windows Live“ fotogalerija
"{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF936193-C584-458C-B793-15FA945621AF}" = Windows Live fotoattēlu galerija
"{CF9DEFAA-12CD-4D04-AA45-F9F667D21E2E}" = Windows Live Movie Maker
"{D06F10C5-3EDD-4B29-A3B5-16BBB9A047F8}" = Windows Live Mesh
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D27DF849-C8C7-4892-A7F1-E0B381A1BD01}" = Windows Live Writer
"{D39F0676-163E-4595-A917-E28F99BBD4D2}" = ASUS AI Recovery
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D47C66BE-0EB5-4587-93FE-D1E176C4B25C}" = Windows Live Messenger
"{D5A4E5F3-9ACD-412E-B380-F838DF9787B9}" = Windows Live Writer Resources
"{D987098B-3AD4-4E88-B80E-CF27A32D1955}" = Windows Live Writer Resources
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E9AD2143-26D5-4201-BED1-19DCC03B407D}" = Windows Live Messenger
"{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack
"{EAB1BDF2-734A-4D44-9169-7615D185C974}" = Windows Live Mesh
"{EC20FB81-9B5E-4B97-92A2-8DC52548EFCE}" = Windows Live Mesh
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F35DC85A-E96B-496B-ABE7-F04192824856}" = Windows Live Messenger
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F66430D8-08E6-4C96-B9B7-90E66E27D58C}" = Windows Live Mail
"{F783464C-C7C6-4E9B-AC40-BC90E5414BAF}" = Windows Live Messenger
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FA20D803-14E5-4B00-8F03-B519D46F9D4A}" = Windows Live Messenger
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage
"Game Park Console" = Game Park Console
"InstallShield_{54A168C9-2250-4058-80EB-1F4A4192548A}" = AX88772B Windows 7 Drivers
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.60.0.1800
"Mozilla Firefox 9.0 (x86 cs)" = Mozilla Firefox 9.0 (x86 cs)
"Office14.SingleImage" = Microsoft Office 2010 pro podnikatele
"WinLiveSuite" = Windows Live Essentials
"ZonerPhotoStudio12_CZ_is1" = Zoner Photo Studio 12

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 28.12.2011 16:15:36 | Computer Name = Gabriela-NOOT | Source = MsiInstaller | ID = 10005
Description =

Error - 28.12.2011 17:10:32 | Computer Name = Gabriela-NOOT | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 28.12.2011 17:10:32 | Computer Name = Gabriela-NOOT | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1060

Error - 28.12.2011 17:10:32 | Computer Name = Gabriela-NOOT | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1060

Error - 28.12.2011 17:10:33 | Computer Name = Gabriela-NOOT | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 28.12.2011 17:10:33 | Computer Name = Gabriela-NOOT | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2184

Error - 28.12.2011 17:10:33 | Computer Name = Gabriela-NOOT | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2184

[ System Events ]
Error - 29.12.2011 20:16:31 | Computer Name = Gabriela-NOOT | Source = DCOM | ID = 10010
Description =

Error - 30.12.2011 5:32:14 | Computer Name = Gabriela-NOOT | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: cdrom

Error - 30.12.2011 14:53:41 | Computer Name = Gabriela-NOOT | Source = DCOM | ID = 10010
Description =

Error - 30.12.2011 15:02:39 | Computer Name = Gabriela-NOOT | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: cdrom

Error - 30.12.2011 15:04:40 | Computer Name = Gabriela-NOOT | Source = DCOM | ID = 10010
Description =

Error - 30.12.2011 15:04:40 | Computer Name = Gabriela-NOOT | Source = Microsoft-Windows-LanguagePackSetup | ID = 1000
Description = Nepodařilo se inicializovat klienta CBS. Poslední chyba: 0x80080005

Error - 30.12.2011 15:26:05 | Computer Name = Gabriela-NOOT | Source = DCOM | ID = 10010
Description =

Error - 30.12.2011 16:12:08 | Computer Name = Gabriela-NOOT | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: cdrom

Error - 30.12.2011 21:13:28 | Computer Name = Gabriela-NOOT | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: cdrom

Error - 31.12.2011 6:34:21 | Computer Name = Gabriela-NOOT | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: cdrom


< End of report >
Nahoru
Uživatelský avatar
chodnik74
Přítel fóra
Přítel fóra
Příspěvky: 4975
Registrován: 13 zář 2010 21:30
Bydliště: Napajedla
Kontaktovat uživatele:
Kontaktovat uživatele chodnik74

Re: omezený přístup na internet

#13 Příspěvek od chodnik74 »

Přeji hezký večer, zrovna mířím do postele, takže na vás mrknu zítra, nejspíše odpoledne :) Děkuji za pochopení :) Dobrou noc
Napiš mi: chodnik74@gmail.com nebo Obrázek

>RSIT<>MBAM<>VirusTotal

Doporučuji:Obrázek | Obrázek

:!: Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. ;-) Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! :!:

:!: Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!

:idea: Jste s naší pomocí spokojeni :???: Neváhejte a podpořte forum ZDE.

Pravidla fora: č.1 a č.2
Nahoru
MAT
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 10 pro 2005 22:02

Re: omezený přístup na internet

#14 Příspěvek od MAT »

samozřejmě, mooooc diky.

MAT
Nahoru
Uživatelský avatar
chodnik74
Přítel fóra
Přítel fóra
Příspěvky: 4975
Registrován: 13 zář 2010 21:30
Bydliště: Napajedla
Kontaktovat uživatele:
Kontaktovat uživatele chodnik74

Re: omezený přístup na internet

#15 Příspěvek od chodnik74 »

Zatím nainstalujte ten Avast ;-) Dobrou
Napiš mi: chodnik74@gmail.com nebo Obrázek

>RSIT<>MBAM<>VirusTotal

Doporučuji:Obrázek | Obrázek

:!: Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. ;-) Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! :!:

:!: Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!

:idea: Jste s naší pomocí spokojeni :???: Neváhejte a podpořte forum ZDE.

Pravidla fora: č.1 a č.2
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“