Dobrý večer,
prosím o preventivní kontrolu logu.
Předem moc děkuji.
Logfile of random's system information tool 1.09 (written by random/random)
Run by aost at 2012-04-22 23:10:48
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 12 GB (27%) free of 45 GB
Total RAM: 2046 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:10:54, on 22.4.2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Programy\Ochrana PC\AVAST Software\Avast\AvastUI.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Programy\Ochrana PC\Comodo Firewall\COMODO\COMODO Internet Security\cfp.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Programy\Total Commander\TOTALCMD.EXE
C:\Programy\Ochrana PC\RSIT\RSIT.exe
C:\Program Files\trend micro\aost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programy\Ochrana PC\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programy\Ochrana PC\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [avast] "C:\Programy\Ochrana PC\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Programy\Ochrana PC\Comodo Firewall\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1583777143-300269307-4166726652-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Programy\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programy\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: ?zÄz?????z?z?z C:\Windows\system32\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Programy\Ochrana PC\SAS\SASWINLO.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Programy\Ochrana PC\SAS\SASCORE.EXE
O23 - Service: avast! Antivirus - AVAST Software - C:\Programy\Ochrana PC\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Programy\Ochrana PC\Comodo Firewall\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Creative Centrale Media Server (CTUPnPSv) - Creative Technology Ltd - C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
--
End of file - 4458 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1583777143-300269307-4166726652-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1583777143-300269307-4166726652-1000UA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3, elemhidehelper@adblockplus.org:1.1.1, cs@dictionaries.addons.mozilla.org:1.0.2, {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8, {89506680-e3f4-484c-a2c0-ed711d481eda}:0.9.5.6, {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.1, {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.12, {6e84150a-d526-41f1-a480-a67d3fed910d}:1.4.5.1, locationbar2@design-noir.de:1.0.6, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, noia2_option@kk.noia:3.76, {35106bca-6c78-48c7-ac28-56df30b51d2c}:0.6.4, {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.2, {EF522540-89F5-46b9-B6FE-1829E2B572C6}:5.0.1, {dc572301-7619-498c-a57d-39143191b318}:0.3.8.5, {95f24680-9e31-11da-a746-0800200c9a66}:0.1.5.5, contact@searchfiles.de:1.3, mgDownloadHelper@yevgenyandrov.net:1.0.2, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15, {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76"
prefs.js - "keyword.enabled" - false
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"fe_9.0@nokia.com"=C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0
"wrc@avast.com"=C:\Programy\Ochrana PC\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm LTD Toolbar Api
"Path"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Programy\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=1.1.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Programy\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Programy\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Programy\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{AB2CE124-6272-4b12-94A9-7303C7397BD1}
C:\Programy\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Programy\Mozilla Firefox\plugins\
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
npwachk.dll
C:\Programy\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default\extensions\
cs@dictionaries.addons.mozilla.org
flashfirebug@o-minds.com
locationbar2@design-noir.de
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
{1018e4d6-728f-4b20-ad56-37578a4de76b}
{37E4D8EA-8BDA-4831-8EA1-89053939A250}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Programy\Ochrana PC\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-28 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Programy\Ochrana PC\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"P17Helper"=Rundll32 P17.dll,P17Helper []
"avast"=C:\Programy\Ochrana PC\AVAST Software\Avast\avastUI.exe [2012-03-07 4241512]
"COMODO Internet Security"=C:\Programy\Ochrana PC\Comodo Firewall\COMODO\COMODO Internet Security\cfp.exe [2012-03-11 6749512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
""= []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
C:\Programy\SlySoft\AnyDVD\AnyDVD.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\aost\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-12 136176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent]
C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe [2011-12-14 190768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="䥠ƶÄƶ䖓㽐窗ࠀ䶰ƶ䣀ƶરƶ C:\Windows\system32\guard32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Programy\Ochrana PC\SAS\SASWINLO.DLL [2011-05-04 551296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Programy\Ochrana PC\SAS\SASSEH.DLL [2011-07-19 113024]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\avas_service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\avss_service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tpavdrw_service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tpmgma_service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"vidc.XVID"=xvidvfw.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-04-22 23:03:37 ----A---- C:\Windows\system32\cmdcsr.dll
2012-04-22 22:59:25 ----D---- C:\rsit
2012-04-21 22:45:00 ----D---- C:\Windows\Minidump
2012-04-21 21:31:34 ----D---- C:\Users\aost\AppData\Roaming\HandBrake
2012-04-21 20:54:42 ----D---- C:\Users\aost\AppData\Roaming\CheckPoint
2012-04-21 20:46:10 ----D---- C:\Users\aost\AppData\Roaming\SUPERAntiSpyware.com
2012-04-21 20:45:06 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2012-04-21 20:43:23 ----RASH---- C:\MSDOS.SYS
2012-04-21 20:43:23 ----RASH---- C:\IO.SYS
2012-04-21 20:39:32 ----A---- C:\Windows\system32\drivers\aswSP.sys
2012-04-21 20:39:32 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2012-04-21 20:39:30 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2012-04-21 20:39:29 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2012-04-21 20:39:28 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2012-04-21 20:39:26 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2012-04-21 20:39:03 ----A---- C:\Windows\avastSS.scr
2012-04-21 20:39:02 ----A---- C:\Windows\system32\aswBoot.exe
2012-04-21 20:38:47 ----D---- C:\ProgramData\AVAST Software
2012-04-13 10:52:40 ----D---- C:\Program Files\GIMP-2.0
2012-04-11 21:51:10 ----A---- C:\Windows\system32\mshtmled.dll
2012-04-11 21:51:09 ----A---- C:\Windows\system32\wininet.dll
2012-04-11 21:51:09 ----A---- C:\Windows\system32\url.dll
2012-04-11 21:51:09 ----A---- C:\Windows\system32\jscript9.dll
2012-04-11 21:51:09 ----A---- C:\Windows\system32\jscript.dll
2012-04-11 21:51:09 ----A---- C:\Windows\system32\iertutil.dll
2012-04-11 21:51:08 ----A---- C:\Windows\system32\urlmon.dll
2012-04-11 21:51:08 ----A---- C:\Windows\system32\jsproxy.dll
2012-04-11 21:51:08 ----A---- C:\Windows\system32\ieui.dll
2012-04-11 21:51:07 ----A---- C:\Windows\system32\mshtml.dll
2012-04-11 21:51:07 ----A---- C:\Windows\system32\ieframe.dll
2012-04-11 21:51:02 ----A---- C:\Windows\system32\wmi.dll
2012-04-11 21:51:02 ----A---- C:\Windows\system32\wintrust.dll
2012-04-11 21:51:02 ----A---- C:\Windows\system32\imagehlp.dll
2012-04-11 21:51:02 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2012-04-11 21:50:55 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-04-11 21:50:55 ----A---- C:\Windows\system32\ntkrnlpa.exe
2012-03-23 00:00:36 ----D---- C:\ProgramData\SlySoft
======List of files/folders modified in the last 1 month======
2012-04-22 23:10:53 ----D---- C:\Program Files\trend micro
2012-04-22 23:09:32 ----D---- C:\Windows\Prefetch
2012-04-22 23:08:45 ----D---- C:\Windows\Temp
2012-04-22 23:07:45 ----D---- C:\ProgramData\NVIDIA
2012-04-22 23:07:41 ----D---- C:\Windows\System32
2012-04-22 23:07:41 ----AD---- C:\Windows
2012-04-22 23:01:02 ----SHD---- C:\Windows\Installer
2012-04-22 22:59:09 ----D---- C:\Windows\inf
2012-04-22 22:57:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-04-22 22:40:35 ----D---- C:\ProgramData\Comodo
2012-04-22 22:34:02 ----SHD---- C:\Config.Msi
2012-04-22 22:33:48 ----D---- C:\Windows\system32\drivers
2012-04-22 22:33:47 ----D---- C:\Windows\system32\catroot
2012-04-22 22:32:31 ----SHD---- C:\System Volume Information
2012-04-22 22:31:22 ----HD---- C:\ProgramData
2012-04-22 22:28:31 ----D---- C:\Windows\SoftwareDistribution
2012-04-22 22:25:32 ----RD---- C:\Program Files
2012-04-21 22:45:53 ----D---- C:\Windows\system32\catroot2
2012-04-21 21:30:32 ----D---- C:\Programy
2012-04-21 21:12:26 ----D---- C:\Users\aost\AppData\Roaming\Winamp
2012-04-21 21:10:58 ----A---- C:\Users\aost\AppData\Roaming\AutoGK.ini
2012-04-21 20:54:51 ----D---- C:\Windows\winsxs
2012-04-21 20:39:03 ----D---- C:\Program Files\Windows Sidebar
2012-04-21 20:34:24 ----D---- C:\Program Files\Common Files\TrustPort
2012-04-19 21:21:27 ----D---- C:\Program Files\XviD
2012-04-14 22:37:48 ----D---- C:\Windows\Debug
2012-04-13 11:03:07 ----D---- C:\Users\aost\AppData\Roaming\gtk-2.0
2012-04-12 18:19:33 ----D---- C:\ProgramData\Microsoft Help
2012-04-11 22:04:25 ----RSD---- C:\Windows\assembly
2012-04-11 22:04:25 ----D---- C:\Windows\Microsoft.NET
2012-04-11 21:53:23 ----D---- C:\Windows\system32\migration
2012-04-11 21:53:23 ----D---- C:\Program Files\Internet Explorer
2012-04-11 21:40:43 ----A---- C:\Windows\system32\mrt.exe
2012-03-29 21:11:13 ----D---- C:\ProgramData\NokiaInstallerCache
2012-03-29 09:57:30 ----D---- C:\Windows\Tasks
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hotcore3;hc3ServiceName; C:\Windows\system32\DRIVERS\hotcore3.sys [2011-05-17 57312]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2007-06-13 48256]
R1 AswRdr;aswRdr; C:\Windows\system32\drivers\AswRdr.sys [2012-03-07 35672]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-03-07 612184]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-03-07 337880]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-03-07 53848]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2012-03-11 491816]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2012-03-11 38616]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-17 31088]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2012-03-11 82400]
R1 SASDIFSV;SASDIFSV; \??\C:\Programy\Ochrana PC\SAS\SASDIFSV.SYS [2011-07-22 12880]
R1 SASKUTIL;SASKUTIL; \??\C:\Programy\Ochrana PC\SAS\SASKUTIL.SYS [2011-07-12 67664]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-03-07 20696]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-03-07 57688]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x32.sys [2011-09-21 21992]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\DRIVERS\ctsfm2k.sys [2005-01-10 138752]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2012-02-10 10816832]
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\DRIVERS\ctoss2k.sys [2005-01-10 106496]
R3 P17;SB Live! 24-bit; C:\Windows\system32\drivers\P17.sys [2007-02-05 1122304]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2010-06-23 259176]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 FlashUSB;FlashUSB; C:\Windows\system32\DRIVERS\FlashUSB.sys [2010-05-12 16896]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2011-02-20 15600]
S3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtport.sys []
S3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbus.sys []
S3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmodem.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-11-01 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-11-01 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2011-11-01 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2011-11-01 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-11-01 8192]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-10 73216]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys []
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys []
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-18 35328]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-10 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-11-01 8192]
S3 VX1000;VX-1000; C:\Windows\system32\DRIVERS\VX1000.sys [2007-04-10 1966312]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Programy\Ochrana PC\SAS\SASCORE.EXE [2011-08-12 116608]
R2 avast! Antivirus;avast! Antivirus; C:\Programy\Ochrana PC\AVAST Software\Avast\AvastSvc.exe [2012-03-07 44768]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Programy\Ochrana PC\Comodo Firewall\COMODO\COMODO Internet Security\cmdagent.exe [2012-04-22 1983232]
R2 CTDevice_Srv;CT Device Query service; C:\Program Files\Creative\Shared Files\CTDevSrv.exe [2007-04-02 61440]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-02-10 645440]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-02-10 2348352]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-09 382272]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 CTUPnPSv;Creative Centrale Media Server; C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-01-04 718888]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Danstahr
- Přítel fóra
- Příspěvky: 1069
- Registrován: 28 říj 2006 20:23
- Bydliště: Londýn
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Dobrý večer 
!
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
! Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 %PROGRAMFILES%\Opera\opera.exe /md5 %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows C:\Windows\system32\guard32.dll /md5- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Koupím trochu času, cenu respektuji.
Re: Prosím o kontrolu logu
OTL logfile created on: 23.4.2012 0:07:07 - Run 1
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\aost\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,05 Gb Available Physical Memory | 52,51% Memory free
4,24 Gb Paging File | 3,15 Gb Available in Paging File | 74,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 43,95 Gb Total Space | 12,03 Gb Free Space | 27,38% Space Free | Partition Type: NTFS
Drive D: | 188,94 Gb Total Space | 154,75 Gb Free Space | 81,91% Space Free | Partition Type: NTFS
Computer Name: AOST-PC | User Name: aost | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.04.22 23:57:32 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\aost\Desktop\OTL.exe
PRC - [2012.04.22 23:02:48 | 001,983,232 | ---- | M] (COMODO) -- C:\Programy\Ochrana PC\Comodo Firewall\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2012.03.22 11:01:12 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Programy\Mozilla Firefox\firefox.exe
PRC - [2012.03.11 23:13:00 | 006,749,512 | ---- | M] (COMODO) -- C:\Programy\Ochrana PC\Comodo Firewall\COMODO\COMODO Internet Security\cfp.exe
PRC - [2012.03.07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Programy\Ochrana PC\AVAST Software\Avast\AvastUI.exe
PRC - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Programy\Ochrana PC\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.02.10 06:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.02.10 05:02:27 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012.02.10 05:02:07 | 000,857,408 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2012.02.09 21:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Programy\Ochrana PC\SAS\SASCore.exe
PRC - [2009.04.11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007.04.02 08:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe
========== Modules (No Company Name) ==========
MOD - [2012.03.22 11:01:12 | 001,969,080 | ---- | M] () -- C:\Programy\Mozilla Firefox\mozjs.dll
MOD - [2012.02.09 21:05:16 | 000,360,768 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2011.12.01 00:34:31 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011.03.02 12:40:52 | 000,140,288 | ---- | M] () -- C:\Programy\WinRAR\RarExt.dll
MOD - [2005.05.03 13:38:42 | 000,064,512 | ---- | M] () -- C:\Windows\System32\P17.DLL
========== Win32 Services (SafeList) ==========
SRV - [2012.04.22 23:02:48 | 001,983,232 | ---- | M] (COMODO) [Auto | Running] -- C:\Programy\Ochrana PC\Comodo Firewall\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programy\Ochrana PC\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.02.10 06:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.02.09 21:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.01.04 14:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Programy\Ochrana PC\SAS\SASCore.exe -- (!SASCORE)
SRV - [2008.05.21 13:42:56 | 000,064,000 | ---- | M] (Creative Technology Ltd) [On_Demand | Stopped] -- C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe -- (CTUPnPSv)
SRV - [2008.01.19 00:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.04.02 08:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe -- (CTDevice_Srv)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgvmodem.sys -- (LGVMODEM)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgbtbus.sys -- (lgbusenum)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgbtport.sys -- (LgBttPort)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012.03.11 23:13:29 | 000,082,400 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect)
DRV - [2012.03.11 23:13:28 | 000,038,616 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2012.03.11 23:13:26 | 000,491,816 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2012.03.07 01:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.03.07 01:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.03.07 01:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012.03.07 01:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.03.07 01:01:48 | 000,057,688 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.03.07 01:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.02.10 06:13:00 | 010,816,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011.11.01 11:07:26 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011.11.01 11:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.11.01 11:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.11.01 11:07:24 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2011.11.01 11:07:24 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.11.01 11:07:24 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2011.09.21 11:25:34 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz135_x32.sys -- (cpuz135)
DRV - [2011.07.22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programy\Ochrana PC\SAS\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programy\Ochrana PC\SAS\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011.05.17 19:53:24 | 000,057,312 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hotcore3.sys -- (hotcore3)
DRV - [2011.02.20 10:22:55 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2010.06.23 10:21:32 | 000,259,176 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2010.05.12 13:23:04 | 000,016,896 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\FlashUSB.sys -- (FlashUSB)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.06.13 17:47:12 | 000,048,256 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\jraid.sys -- (JRAID)
DRV - [2007.04.10 23:46:53 | 001,966,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VX1000.sys -- (VX1000)
DRV - [2007.02.05 10:10:34 | 001,122,304 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\P17.sys -- (P17)
DRV - [2005.01.10 12:15:30 | 000,106,496 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTOSS2K.SYS -- (ossrv)
DRV - [2005.01.10 12:15:24 | 000,138,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTSFM2K.SYS -- (ctsfm2k)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\..\SearchScopes,DefaultScope = {00F12E6E-F4D9-4A27-A245-BA75618961F4}
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\..\SearchScopes\{00F12E6E-F4D9-4A27-A245-BA75618961F4}: "URL" = http://www.google.com/search?q={searchT ... f8&oe=utf8
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatche ... tbid=60342
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: elemhidehelper@adblockplus.org:1.1.1
FF - prefs.js..extensions.enabledItems: cs@dictionaries.addons.mozilla.org:1.0.2
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8
FF - prefs.js..extensions.enabledItems: {89506680-e3f4-484c-a2c0-ed711d481eda}:0.9.5.6
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.1
FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.12
FF - prefs.js..extensions.enabledItems: {6e84150a-d526-41f1-a480-a67d3fed910d}:1.4.5.1
FF - prefs.js..extensions.enabledItems: locationbar2@design-noir.de:1.0.6
FF - prefs.js..extensions.enabledItems: noia2_option@kk.noia:3.76
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2c}:0.6.4
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.2
FF - prefs.js..extensions.enabledItems: {EF522540-89F5-46b9-B6FE-1829E2B572C6}:5.0.1
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.5
FF - prefs.js..extensions.enabledItems: {95f24680-9e31-11da-a746-0800200c9a66}:0.1.5.5
FF - prefs.js..extensions.enabledItems: contact@searchfiles.de:1.3
FF - prefs.js..extensions.enabledItems: mgDownloadHelper@yevgenyandrov.net:1.0.2
FF - prefs.js..extensions.enabledItems: {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76
FF - prefs.js..keyword.enabled: false
FF - user.js..browser.search.openintab: false
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programy\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.8: C:\Programy\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programy\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\aost\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\aost\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fe_9.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0 [2012.01.19 00:38:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Programy\Ochrana PC\AVAST Software\Avast\WebRep\FF [2012.04.21 20:39:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Programy\Mozilla Firefox\components [2012.03.22 11:01:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Programy\Mozilla Firefox\plugins [2012.01.17 00:28:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_9.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012.01.19 00:38:13 | 000,000,000 | ---D | M]
[2011.09.21 23:49:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aost\AppData\Roaming\Mozilla\Extensions
[2011.03.05 23:14:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aost\AppData\Roaming\Mozilla\Extensions-BackupByFirefoxPortable
[2011.03.05 23:14:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aost\AppData\Roaming\Mozilla\Extensions-BackupByFirefoxPortable\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.02.20 13:43:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aost\AppData\Roaming\Mozilla\Extensions-BackupByFirefoxPortable\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2012.04.22 15:12:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default\extensions
[2011.12.08 13:02:55 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2012.03.18 16:49:53 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2011.02.20 18:34:21 | 000,000,000 | ---D | M] (PDF Download) -- C:\Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2011.02.20 18:34:20 | 000,000,000 | ---D | M] (ÄŚeskĂ© slovnĂky pro kontrolu pravopisu) -- C:\Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default\extensions\cs@dictionaries.addons.mozilla.org
[2012.04.15 10:36:16 | 000,000,000 | ---D | M] (FlashFirebug) -- C:\Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default\extensions\flashfirebug@o-minds.com
[2011.03.01 09:26:40 | 000,000,000 | ---D | M] (Locationbar²) -- C:\Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default\extensions\locationbar2@design-noir.de
[2012.04.21 20:39:11 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAMY\OCHRANA PC\AVAST SOFTWARE\AVAST\WEBREP\FF
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\{6E84150A-D526-41F1-A480-A67D3FED910D}.XPI
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\{EF522540-89F5-46B9-B6FE-1829E2B572C6}.XPI
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\ARTUR.DUBOVOY@GMAIL.COM.XPI
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\BROWSERPROTECT@BROWSERPROTECT.COM.XPI
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\NOIA4OPTIONS@ARIST2.XPI
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\PRINTPRINTPREVIEW-ANDREWSFIREFOXEXTENSIONS@GMAIL.COM.XPI
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\SMARTERWIKI@WIKIATIC.COM.XPI
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\aost\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\aost\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\aost\AppData\Local\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\aost\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Mixesoft Click&Clean Plug-In (Enabled) = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.8.3.0_0\plugin/npccch32.dll
CHR - plugin: Bitdefender QuickScan (Enabled) = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.8.3.0_0\plugin/npqscan.dll
CHR - plugin: Chrome IE Tab (Enabled) = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\2.11.30.1_0\plugin/blackfishietab.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programy\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Programy\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Winamp Application Detector (Enabled) = C:\Programy\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Picasa (Enabled) = C:\Programy\Google\Picasa3\npPicasa3.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Programy\VideoLAN\VLC\npvlc.dll
CHR - plugin: Google Update (Enabled) = C:\Users\aost\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Click&Clean = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.8.3.0_0\
CHR - Extension: AdBlock = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.25_0\
CHR - Extension: IE Tab = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\2.11.30.1_0\
CHR - Extension: avast! WebRep = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Downloads = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfchnphgogjhineanplmfkofljiagjfb\1_0\
CHR - Extension: SaferChrome = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgpkjjingioekjianemgdobchenebhek\0.2.1_0\
CHR - Extension: FastestChrome - Browse Faster = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\6.1.6_0\
CHR - Extension: Black Op [Aero] = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpgmeklahbkoneancafimbbpbhechch\1.9_0\
O1 HOSTS File: ([2012.02.05 12:44:04 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programy\Ochrana PC\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programy\Ochrana PC\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Programy\Ochrana PC\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Programy\Ochrana PC\Comodo Firewall\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [P17Helper] C:\Windows\System32\P17.DLL ()
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1583777143-300269307-4166726652-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-1583777143-300269307-4166726652-1002..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Programy\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programy\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.248.0.100 212.158.128.2 212.158.128.3
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5CBA99FF-662E-4386-8E41-28E95A1BFEB8}: DhcpNameServer = 10.248.0.100 212.158.128.2 212.158.128.3
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (䥠ƶÄƶ䖓㽐窗ࠀ䶰ƶ䣀ƶરƶ C:\Windows\system32\guard32.dll) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Programy\Ochrana PC\SAS\SASWINLO.DLL) - C:\Programy\Ochrana PC\SAS\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Users\aost\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\aost\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programy\Ochrana PC\SAS\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{678224aa-4402-11e0-b6f6-001a4d59497c}\Shell - "" = AutoRun
O33 - MountPoints2\{678224aa-4402-11e0-b6f6-001a4d59497c}\Shell\AutoRun\command - "" = F:\USBAutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\USBAutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.04.22 23:57:27 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\aost\Desktop\OTL.exe
[2012.04.22 23:03:37 | 000,033,984 | ---- | C] (COMODO) -- C:\Windows\System32\cmdcsr.dll
[2012.04.22 22:59:25 | 000,000,000 | ---D | C] -- C:\rsit
[2012.04.22 22:33:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
[2012.04.21 22:45:00 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.04.21 21:31:34 | 000,000,000 | ---D | C] -- C:\Users\aost\AppData\Roaming\HandBrake
[2012.04.21 21:30:33 | 000,000,000 | ---D | C] -- C:\Users\aost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake
[2012.04.21 21:30:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
[2012.04.21 20:54:42 | 000,000,000 | ---D | C] -- C:\Users\aost\AppData\Roaming\CheckPoint
[2012.04.21 20:46:10 | 000,000,000 | ---D | C] -- C:\Users\aost\AppData\Roaming\SUPERAntiSpyware.com
[2012.04.21 20:45:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012.04.21 20:45:06 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012.04.21 20:39:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012.04.21 20:39:32 | 000,337,880 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012.04.21 20:39:32 | 000,020,696 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012.04.21 20:39:30 | 000,035,672 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2012.04.21 20:39:29 | 000,053,848 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012.04.21 20:39:28 | 000,612,184 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012.04.21 20:39:26 | 000,057,688 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012.04.21 20:39:03 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.04.21 20:39:02 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012.04.21 20:38:47 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
========== Files - Modified Within 7 Days ==========
[2012.04.23 00:08:35 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.04.23 00:02:00 | 000,000,958 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1583777143-300269307-4166726652-1000UA.job
[2012.04.22 23:57:32 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\aost\Desktop\OTL.exe
[2012.04.22 23:12:10 | 000,607,232 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.04.22 23:12:10 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.04.22 23:12:10 | 000,117,912 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.04.22 23:12:10 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.04.22 23:10:57 | 000,000,610 | ---- | M] () -- C:\Users\aost\mm.cfg
[2012.04.22 23:07:50 | 000,004,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.22 23:07:50 | 000,004,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.22 23:07:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.22 22:33:18 | 000,001,973 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2012.04.21 22:35:44 | 000,000,083 | -HS- | M] () -- C:\ProgramData\.zreglib
[2012.04.21 21:30:34 | 000,000,697 | ---- | M] () -- C:\Users\aost\Desktop\Handbrake.lnk
[2012.04.21 21:10:58 | 000,000,578 | ---- | M] () -- C:\Users\aost\AppData\Roaming\AutoGK.ini
[2012.04.21 20:49:56 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.04.21 20:45:08 | 000,001,711 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.04.21 20:43:23 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012.04.21 20:43:23 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012.04.21 20:39:33 | 000,001,863 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.04.20 10:02:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1583777143-300269307-4166726652-1000Core.job
========== Files Created - No Company Name ==========
[2012.04.23 00:08:35 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.04.22 23:10:57 | 000,000,610 | ---- | C] () -- C:\Users\aost\mm.cfg
[2012.04.22 22:33:18 | 000,001,973 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2012.04.21 21:30:34 | 000,000,697 | ---- | C] () -- C:\Users\aost\Desktop\Handbrake.lnk
[2012.04.21 20:45:08 | 000,001,711 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.04.21 20:43:23 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012.04.21 20:43:23 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012.04.21 20:39:33 | 000,001,863 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.04.14 23:38:12 | 000,000,952 | ---- | C] () -- C:\Users\aost\AppData\Local\SRDownloader.nast
[2012.04.14 23:36:55 | 000,000,310 | ---- | C] () -- C:\Users\aost\AppData\Local\SRDownloader.err
[2012.02.26 12:29:53 | 000,000,083 | -HS- | C] () -- C:\ProgramData\.zreglib
[2012.02.26 12:14:35 | 000,000,578 | ---- | C] () -- C:\Users\aost\AppData\Roaming\AutoGK.ini
[2012.02.09 21:05:44 | 000,416,064 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011.12.27 00:22:37 | 000,000,036 | ---- | C] () -- C:\Windows\mafosav.INI
[2011.12.03 23:23:49 | 000,048,681 | ---- | C] () -- C:\Users\aost\AppData\Roaming\mdbu.bin
[2011.04.10 17:24:20 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2011.04.10 17:24:19 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2011.04.10 17:24:19 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2011.04.10 17:24:19 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2011.04.10 17:24:19 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2011.04.10 17:24:19 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2011.04.10 17:24:19 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2011.04.10 17:24:19 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2011.04.10 17:24:19 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2011.04.10 17:24:19 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2011.04.10 17:24:19 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2011.04.10 17:24:19 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2011.04.10 17:24:19 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2011.04.10 17:24:19 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2011.04.10 17:24:19 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2011.04.10 17:24:19 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2011.04.10 17:24:19 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2011.04.10 17:24:19 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2011.04.10 17:24:19 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2011.04.10 17:20:19 | 000,000,026 | ---- | C] () -- C:\Windows\CDEDX7400EXPORT.ini
[2011.03.02 21:41:27 | 001,474,832 | ---- | C] () -- C:\Windows\System32\drivers\sfi.dat
[2011.03.01 21:54:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2011.03.01 21:54:26 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2011.02.22 21:03:19 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2011.02.20 17:01:01 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011.02.20 17:00:19 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011.02.20 17:00:19 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011.02.20 16:01:15 | 000,033,280 | ---- | C] () -- C:\Users\aost\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.20 13:43:33 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.02.20 10:34:33 | 000,005,627 | R--- | C] () -- C:\Windows\System32\Ludap17.ini
[2011.02.20 10:34:33 | 000,000,039 | R--- | C] () -- C:\Windows\System32\ctzapxx.ini
[2011.02.20 10:06:47 | 000,203,328 | R--- | C] () -- C:\Windows\GSetup.exe
[2011.02.20 10:06:47 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011.02.20 01:00:03 | 000,000,680 | ---- | C] () -- C:\Users\aost\AppData\Local\d3d9caps.dat
========== LOP Check ==========
[2011.10.18 22:45:44 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Canneverbe Limited
[2012.04.22 22:29:32 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\CheckPoint
[2011.03.02 22:37:00 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Digiarty
[2012.01.25 23:55:58 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\EPSON
[2012.02.29 19:31:38 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\GHISLER
[2012.04.13 11:03:07 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\gtk-2.0
[2012.04.21 21:31:46 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\HandBrake
[2011.03.01 22:34:36 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\LG Electronics
[2012.01.19 00:46:55 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Nokia
[2011.04.03 00:05:21 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Nokia Ovi Suite
[2012.02.24 18:19:30 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\PC Suite
[2011.04.09 00:10:09 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Rajce
[2011.03.05 23:14:35 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Thunderbird
[2011.07.20 23:04:23 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Ulozto File Manager
[2012.04.22 23:06:09 | 000,032,560 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: ATAPI.SYS >
[2009.04.11 00:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 00:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 00:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.19 00:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 00:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2011.02.20 11:18:22 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2011.02.20 11:18:22 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2011.02.20 11:18:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.04.11 00:27:22 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009.04.11 00:27:22 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.19 00:33:02 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2006.11.02 11:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_dfbd2b4dc4d6121b\autochk.exe
< MD5 for: CDROM.SYS >
[2008.01.18 22:49:52 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.18 22:49:52 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.10 22:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009.04.10 22:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009.04.10 22:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.20 11:17:48 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2011.02.20 11:17:48 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2011.02.20 11:17:47 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2011.02.20 11:35:17 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2011.02.20 11:35:17 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009.04.11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2011.02.20 11:17:48 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 00:33:12 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: HAL.DLL >
[2009.04.11 00:32:48 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll
< MD5 for: SCECLI.DLL >
[2008.01.19 00:36:20 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.11 00:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 00:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: SVCHOST.EXE >
[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008.01.19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
< MD5 for: TCPIP.SYS >
[2009.04.11 00:33:04 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2011.09.20 23:02:55 | 000,913,280 | ---- | M] (Microsoft Corporation) MD5=16731B631F28F63CD9F4CB60940E7DDD -- C:\Windows\System32\drivers\tcpip.sys
[2011.09.20 23:02:55 | 000,913,280 | ---- | M] (Microsoft Corporation) MD5=16731B631F28F63CD9F4CB60940E7DDD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_b58c64c97caa1c43\tcpip.sys
[2011.02.20 11:36:12 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2011.02.20 11:36:08 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2011.06.17 22:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[2011.02.20 11:11:45 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2011.02.20 11:11:44 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2011.02.20 11:36:12 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2011.02.20 11:11:45 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2011.02.20 11:11:45 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2011.02.20 11:16:45 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
[2011.02.20 11:16:46 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
[2008.02.23 04:41:29 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=61B7D6702B0E9F8515A8BE9DB99D624B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20778_none_5fe546ddab8247e0\tcpip.sys
[2010.06.16 17:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2011.02.20 11:36:10 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2011.06.17 22:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[2010.06.16 18:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2008.02.23 06:41:37 | 000,890,936 | ---- | M] (Microsoft Corporation) MD5=6E478D65CE91984E75298C30FAEDCEBB -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22121_none_b3930f8f7f9331f9\tcpip.sys
[2010.06.16 17:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2011.09.20 23:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_b502c618638c7f52\tcpip.sys
[2011.02.20 11:36:09 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2011.02.20 11:11:44 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010.06.16 18:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2010.04.05 19:03:01 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=A6A02EF5B5E40FBD31A1ADC577DA54BB -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys
[2010.04.05 22:00:48 | 000,910,208 | ---- | M] (Microsoft Corporation) MD5=CC9993701AC57F995554C696DDA49C12 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22377_none_b5497d157cdc9c9f\tcpip.sys
[2006.11.02 10:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
[2011.02.20 11:11:44 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2008.01.19 00:43:40 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2011.02.20 11:36:10 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.01.19 00:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.19 00:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 00:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 00:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 00:33:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< >
< %systemroot%*.* /U /s >
[7 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Installer\{FD8E178D-8B4E-42DA-B434-EFF270329B1C}\*.tmp files -> C:\Windows\Installer\{FD8E178D-8B4E-42DA-B434-EFF270329B1C}\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.02.24 21:32:28 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Adobe
[2011.10.18 22:45:44 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Canneverbe Limited
[2012.04.22 22:29:32 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\CheckPoint
[2011.04.26 22:19:07 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Creative
[2011.03.02 22:37:00 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Digiarty
[2011.03.01 00:51:36 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\dvdcss
[2012.01.25 23:55:58 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\EPSON
[2012.02.29 19:31:38 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\GHISLER
[2012.04.13 11:03:07 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\gtk-2.0
[2012.04.21 21:31:46 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\HandBrake
[2011.02.20 01:00:13 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Identities
[2011.02.20 10:15:07 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\InstallShield
[2011.03.01 22:34:36 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\LG Electronics
[2011.02.21 22:59:49 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Macromedia
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Media Center Programs
[2012.02.26 14:30:38 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Media Player Classic
[2012.02.24 19:30:38 | 000,000,000 | --SD | M] -- C:\Users\aost\AppData\Roaming\Microsoft
[2011.09.21 23:49:46 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Mozilla
[2012.01.19 00:46:55 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Nokia
[2011.04.03 00:05:21 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Nokia Ovi Suite
[2012.02.24 18:19:30 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\PC Suite
[2011.04.09 00:10:09 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Rajce
[2011.02.23 00:48:05 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Skype
[2011.02.22 21:03:18 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\skypePM
[2012.04.21 20:46:10 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\SUPERAntiSpyware.com
[2011.03.05 23:14:35 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Thunderbird
[2011.07.20 23:04:23 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Ulozto File Manager
[2011.06.30 23:17:22 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\vlc
[2012.04.21 21:12:26 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Winamp
[2011.06.01 21:36:54 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2011.01.24 13:53:52 | 001,055,232 | ---- | M] (Digiarty Software) -- C:\Users\aost\AppData\Roaming\Digiarty\DAPlayer\DAUpdate.exe
[2012.02.24 19:30:38 | 000,053,248 | R--- | M] (Flexera Software, Inc.) -- C:\Users\aost\AppData\Roaming\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\ARPPRODUCTICON.exe
[2012.02.24 19:30:38 | 000,049,152 | R--- | M] (Flexera Software, Inc.) -- C:\Users\aost\AppData\Roaming\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
[2012.02.24 19:30:38 | 000,073,728 | R--- | M] (Flexera Software, Inc.) -- C:\Users\aost\AppData\Roaming\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\NewShortcut46_74B9CE5DF1F4447F982DCA29A461B529.exe
[2012.02.24 19:30:38 | 000,073,728 | R--- | M] (Flexera Software, Inc.) -- C:\Users\aost\AppData\Roaming\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\NewShortcut47_74B9CE5DF1F4447F982DCA29A461B529.exe
[2012.02.24 19:30:38 | 000,049,152 | R--- | M] (Flexera Software, Inc.) -- C:\Users\aost\AppData\Roaming\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
[2009.06.04 13:51:24 | 001,413,256 | R--- | M] () -- C:\Users\aost\AppData\Roaming\Microsoft\Windows\Templates\F\USBAutoRun.exe
[2009.06.04 13:51:24 | 001,413,256 | R--- | M] () -- C:\Users\aost\AppData\Roaming\Microsoft\Windows\Templates\J\USBAutoRun.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2012.04.20 10:02:00 | 000,000,906 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1583777143-300269307-4166726652-1000Core.job
[2012.04.23 00:02:00 | 000,000,958 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1583777143-300269307-4166726652-1000UA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 12:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.04.22 23:07:50 | 000,004,848 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.22 23:07:50 | 000,004,848 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.21 20:49:56 | 000,002,577 | ---- | M] () -- C:\Windows\system32\config.nt
[2012.04.22 23:12:10 | 000,117,912 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2012.04.22 23:12:10 | 000,103,872 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2012.04.22 23:12:10 | 000,607,232 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2012.04.22 23:12:10 | 000,595,798 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2012.04.22 23:12:10 | 001,418,258 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ehTray.exe" = C:\Windows\ehome\ehTray.exe -- [2008.01.19 00:33:10 | 000,125,952 | ---- | M] (Microsoft Corporation)
"" =
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2011.03.20 09:00:48 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.04.23 00:08:35 | 000,000,512 | ---- | M] () MD5=AAD33C7C181A0EDF4F7D83157CCF6F29 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2012.02.05 20:10:38 | 000,062,238 | ---- | M] () -- \Program Files\GIMP-2.0\share\gimp\2.0\patterns\cracked.pat
< *keygen* /s >
< *loader* /s >
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2011.11.11 13:20:12 | 000,112,128 | ---- | M] () -- \Program Files\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2006.12.15 14:31:20 | 000,114,688 | ---- | M] () -- \Program Files\epson\Creativity Suite\Easy Photo Print\APFLoaderV13.dll
[2004.04.21 17:09:00 | 000,069,632 | ---- | M] () -- \Program Files\epson\Creativity Suite\Easy Photo Print\EpAPFLoader.dll
[2006.02.28 19:02:04 | 000,102,400 | ---- | M] () -- \Program Files\epson\Creativity Suite\Easy Photo Print\EpAPFLoader2006.dll
[2010.02.07 21:40:00 | 000,000,543 | ---- | M] () -- \Program Files\GIMP-2.0\etc\gtk-2.0\gdk-pixbuf.loaders
[2009.12.15 17:58:18 | 000,017,056 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2009.12.15 17:58:20 | 000,018,592 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2009.12.15 17:58:24 | 000,026,272 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2009.12.15 17:58:26 | 000,012,960 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2009.12.15 17:58:28 | 000,017,568 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2009.12.15 17:58:56 | 000,019,616 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2009.12.15 17:59:04 | 000,015,008 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2009.12.15 17:59:06 | 000,019,104 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2009.12.15 17:59:10 | 000,017,056 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2009.12.15 17:59:14 | 000,012,448 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2009.12.15 17:59:16 | 000,016,544 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2009.12.15 17:59:20 | 000,016,544 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2009.12.15 17:59:22 | 000,011,936 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2009.12.15 17:59:24 | 000,013,984 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2009.12.15 17:59:28 | 000,028,320 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2009.05.01 19:42:00 | 000,009,880 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2011.12.16 11:34:00 | 000,002,560 | ---- | M] () -- \Program Files\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2011.10.17 15:10:26 | 000,071,528 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011.11.06 12:09:52 | 000,083,816 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2011.11.24 12:01:02 | 000,001,539 | ---- | M] () -- \Programy\HF Designer\Loader.elf
[2011.11.24 12:00:54 | 000,602,816 | ---- | M] () -- \Programy\HF Designer\Loader.exe
[2012.04.14 23:37:33 | 000,000,310 | ---- | M] () -- \Users\aost\AppData\Local\SRDownloader.err
[2012.04.14 23:44:08 | 000,000,952 | ---- | M] () -- \Users\aost\AppData\Local\SRDownloader.nast
[2012.02.19 17:16:05 | 000,000,621 | ---- | M] () -- \Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default\extensions\flashfirebug@o-minds.com\chrome\content\themes\default\images\UIComponents\UILoader.gif
[2012.02.19 17:16:29 | 000,000,621 | ---- | M] () -- \Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default\extensions\flashfirebug@o-minds.com\chrome\content\themes\default\inspector\UIComponents\UILoader.gif
[2012.02.19 17:15:27 | 000,000,621 | ---- | M] () -- \Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default\extensions\flashfirebug@o-minds.com\chrome\skin\classic\inspector\UIComponents\UILoader.gif
[2011.09.01 13:13:30 | 000,112,128 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-1583777143-300269307-4166726652-1000\CBEC1D2927C7FCE4FB6C1C13FEF36E7A\3.3.86\ta_productapiloader..D321D6CC_DBBE_4AC3_8DBD_DFF82BB39BDC
[2008.01.19 00:34:06 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011.02.21 11:49:30 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50.manifest
[2011.02.21 11:49:30 | 000,026,112 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50_winload.exe.mui_3bc5b827
[2011.02.21 11:49:30 | 000,016,384 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50_winresume.exe.mui_ff8b5358
[2011.02.20 16:09:13 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2011.02.20 16:09:13 | 000,027,648 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winload.exe.mui_3bc5b827
[2011.02.20 16:09:13 | 000,019,968 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winresume.exe.mui_ff8b5358
[2011.02.20 17:14:39 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2011.02.20 17:14:39 | 000,986,600 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winload.exe_75835076
[2011.02.20 17:14:39 | 000,926,184 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winresume.exe_85cd1215
[2011.02.20 16:09:18 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2011.02.20 16:09:18 | 000,021,048 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2_spldr.sys_98bd87a0
[2011.02.20 01:55:29 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_de-de_cb9c6772f81a418b.manifest
[2011.02.20 01:55:06 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50.manifest
[2011.02.20 01:55:42 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_es-es_74589a4fe71f3ef5.manifest
[2011.02.20 01:55:07 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_fr-fr_1710104ed9f15557.manifest
[2011.02.20 01:56:12 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_it-it_01380695b1233ad5.manifest
[2011.02.20 01:56:16 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_ja-jp_a35d85a2a43e4cb0.manifest
[2011.02.20 01:56:36 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_nl-nl_2d992eca70004957.manifest
[2011.02.20 01:55:28 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_de-de_cbf6c366115bebbd.manifest
[2011.02.20 01:55:05 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_en-us_74e7995f0039f782.manifest
[2011.02.20 01:55:42 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_es-es_74b2f6430060e927.manifest
[2011.02.20 01:55:07 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_fr-fr_176a6c41f332ff89.manifest
[2011.02.20 01:56:11 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_it-it_01926288ca64e507.manifest
[2011.02.20 01:56:15 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_ja-jp_a3b7e195bd7ff6e2.manifest
[2011.02.20 01:56:36 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_nl-nl_2df38abd8941f389.manifest
[2008.01.19 05:14:52 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2011.02.20 01:54:55 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.16646_none_591b3d986f9b5725.manifest
[2011.02.20 01:54:55 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.20782_none_5975998b88dd0157.manifest
[2008.01.19 01:00:00 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18000_none_5b26ba326ca6e048.manifest
[2011.02.20 01:54:34 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b.manifest
[2011.02.20 01:54:34 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.22125_none_5b9fb89785d036a7.manifest
[2009.04.11 01:12:44 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2006.11.02 12:13:06 | 000,003,970 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6000.16386_none_68fc663d5430d3de.manifest
[2008.01.19 01:05:22 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2006.11.02 14:34:33 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6000.16386_none_43bd59f592b7be86\dmloader.dll
[2008.01.19 00:34:06 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmloader.dll
[2008.01.19 00:34:06 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmloader.dll
< >
< HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows >
"AppInit_DLLs" = ?zÄz?????z?z?z C:\Windows\system32\guard32.dll
"LoadAppInit_DLLs" = 1
"IconServiceLib" = IconCodecService.dll -- [2006.11.02 14:34:33 | 000,009,728 | ---- | M] (Microsoft Corporation)
"DdeSendTimeout" = 0
"DesktopHeapLogging" = 1
"GDIProcessHandleQuota" = 10000
"ShutdownWarningDialogTimeout" = -1
"USERPostMessageLimit" = 10000
"USERProcessHandleQuota" = 10000
"" = mnmsrvc
"DeviceNotSelectedTimeout" = 15
"Spooler" = yes
"TransmissionRetryTimeout" = 90
"USERNestedWindowLimit" = 50
< C:\Windows\system32\guard32.dll /md5 >
[2012.03.11 23:13:18 | 000,301,224 | ---- | M] (COMODO) MD5=34ABDA6C1C69E54400C670D5CAC6AFA6 -- C:\Windows\system32\guard32.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 5384 bytes -> C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6002.18005_none_b5c807ab2d93d829\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 5384 bytes -> C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6001.18000_none_b3dc8e9f30720cdd\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 5384 bytes -> C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6000.16386_none_b1a5cca33386fc09\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 5384 bytes -> C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 24 bytes -> C:\Windows:18EC77E372425579
< End of report >
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\aost\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,05 Gb Available Physical Memory | 52,51% Memory free
4,24 Gb Paging File | 3,15 Gb Available in Paging File | 74,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 43,95 Gb Total Space | 12,03 Gb Free Space | 27,38% Space Free | Partition Type: NTFS
Drive D: | 188,94 Gb Total Space | 154,75 Gb Free Space | 81,91% Space Free | Partition Type: NTFS
Computer Name: AOST-PC | User Name: aost | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.04.22 23:57:32 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\aost\Desktop\OTL.exe
PRC - [2012.04.22 23:02:48 | 001,983,232 | ---- | M] (COMODO) -- C:\Programy\Ochrana PC\Comodo Firewall\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2012.03.22 11:01:12 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Programy\Mozilla Firefox\firefox.exe
PRC - [2012.03.11 23:13:00 | 006,749,512 | ---- | M] (COMODO) -- C:\Programy\Ochrana PC\Comodo Firewall\COMODO\COMODO Internet Security\cfp.exe
PRC - [2012.03.07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Programy\Ochrana PC\AVAST Software\Avast\AvastUI.exe
PRC - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Programy\Ochrana PC\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.02.10 06:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.02.10 05:02:27 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012.02.10 05:02:07 | 000,857,408 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2012.02.09 21:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Programy\Ochrana PC\SAS\SASCore.exe
PRC - [2009.04.11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007.04.02 08:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe
========== Modules (No Company Name) ==========
MOD - [2012.03.22 11:01:12 | 001,969,080 | ---- | M] () -- C:\Programy\Mozilla Firefox\mozjs.dll
MOD - [2012.02.09 21:05:16 | 000,360,768 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2011.12.01 00:34:31 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011.03.02 12:40:52 | 000,140,288 | ---- | M] () -- C:\Programy\WinRAR\RarExt.dll
MOD - [2005.05.03 13:38:42 | 000,064,512 | ---- | M] () -- C:\Windows\System32\P17.DLL
========== Win32 Services (SafeList) ==========
SRV - [2012.04.22 23:02:48 | 001,983,232 | ---- | M] (COMODO) [Auto | Running] -- C:\Programy\Ochrana PC\Comodo Firewall\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programy\Ochrana PC\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.02.10 06:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.02.09 21:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.01.04 14:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Programy\Ochrana PC\SAS\SASCore.exe -- (!SASCORE)
SRV - [2008.05.21 13:42:56 | 000,064,000 | ---- | M] (Creative Technology Ltd) [On_Demand | Stopped] -- C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe -- (CTUPnPSv)
SRV - [2008.01.19 00:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.04.02 08:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe -- (CTDevice_Srv)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgvmodem.sys -- (LGVMODEM)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgbtbus.sys -- (lgbusenum)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgbtport.sys -- (LgBttPort)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012.03.11 23:13:29 | 000,082,400 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect)
DRV - [2012.03.11 23:13:28 | 000,038,616 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2012.03.11 23:13:26 | 000,491,816 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2012.03.07 01:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.03.07 01:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.03.07 01:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012.03.07 01:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.03.07 01:01:48 | 000,057,688 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.03.07 01:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.02.10 06:13:00 | 010,816,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011.11.01 11:07:26 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011.11.01 11:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.11.01 11:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.11.01 11:07:24 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2011.11.01 11:07:24 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.11.01 11:07:24 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2011.09.21 11:25:34 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz135_x32.sys -- (cpuz135)
DRV - [2011.07.22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programy\Ochrana PC\SAS\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programy\Ochrana PC\SAS\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011.05.17 19:53:24 | 000,057,312 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hotcore3.sys -- (hotcore3)
DRV - [2011.02.20 10:22:55 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2010.06.23 10:21:32 | 000,259,176 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2010.05.12 13:23:04 | 000,016,896 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\FlashUSB.sys -- (FlashUSB)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.06.13 17:47:12 | 000,048,256 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\jraid.sys -- (JRAID)
DRV - [2007.04.10 23:46:53 | 001,966,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VX1000.sys -- (VX1000)
DRV - [2007.02.05 10:10:34 | 001,122,304 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\P17.sys -- (P17)
DRV - [2005.01.10 12:15:30 | 000,106,496 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTOSS2K.SYS -- (ossrv)
DRV - [2005.01.10 12:15:24 | 000,138,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTSFM2K.SYS -- (ctsfm2k)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\..\SearchScopes,DefaultScope = {00F12E6E-F4D9-4A27-A245-BA75618961F4}
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\..\SearchScopes\{00F12E6E-F4D9-4A27-A245-BA75618961F4}: "URL" = http://www.google.com/search?q={searchT ... f8&oe=utf8
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatche ... tbid=60342
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: elemhidehelper@adblockplus.org:1.1.1
FF - prefs.js..extensions.enabledItems: cs@dictionaries.addons.mozilla.org:1.0.2
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8
FF - prefs.js..extensions.enabledItems: {89506680-e3f4-484c-a2c0-ed711d481eda}:0.9.5.6
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.1
FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.12
FF - prefs.js..extensions.enabledItems: {6e84150a-d526-41f1-a480-a67d3fed910d}:1.4.5.1
FF - prefs.js..extensions.enabledItems: locationbar2@design-noir.de:1.0.6
FF - prefs.js..extensions.enabledItems: noia2_option@kk.noia:3.76
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2c}:0.6.4
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.2
FF - prefs.js..extensions.enabledItems: {EF522540-89F5-46b9-B6FE-1829E2B572C6}:5.0.1
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.5
FF - prefs.js..extensions.enabledItems: {95f24680-9e31-11da-a746-0800200c9a66}:0.1.5.5
FF - prefs.js..extensions.enabledItems: contact@searchfiles.de:1.3
FF - prefs.js..extensions.enabledItems: mgDownloadHelper@yevgenyandrov.net:1.0.2
FF - prefs.js..extensions.enabledItems: {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76
FF - prefs.js..keyword.enabled: false
FF - user.js..browser.search.openintab: false
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programy\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.8: C:\Programy\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programy\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\aost\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\aost\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fe_9.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0 [2012.01.19 00:38:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Programy\Ochrana PC\AVAST Software\Avast\WebRep\FF [2012.04.21 20:39:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Programy\Mozilla Firefox\components [2012.03.22 11:01:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Programy\Mozilla Firefox\plugins [2012.01.17 00:28:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_9.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012.01.19 00:38:13 | 000,000,000 | ---D | M]
[2011.09.21 23:49:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aost\AppData\Roaming\Mozilla\Extensions
[2011.03.05 23:14:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aost\AppData\Roaming\Mozilla\Extensions-BackupByFirefoxPortable
[2011.03.05 23:14:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aost\AppData\Roaming\Mozilla\Extensions-BackupByFirefoxPortable\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.02.20 13:43:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aost\AppData\Roaming\Mozilla\Extensions-BackupByFirefoxPortable\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2012.04.22 15:12:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default\extensions
[2011.12.08 13:02:55 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2012.03.18 16:49:53 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2011.02.20 18:34:21 | 000,000,000 | ---D | M] (PDF Download) -- C:\Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2011.02.20 18:34:20 | 000,000,000 | ---D | M] (ÄŚeskĂ© slovnĂky pro kontrolu pravopisu) -- C:\Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default\extensions\cs@dictionaries.addons.mozilla.org
[2012.04.15 10:36:16 | 000,000,000 | ---D | M] (FlashFirebug) -- C:\Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default\extensions\flashfirebug@o-minds.com
[2011.03.01 09:26:40 | 000,000,000 | ---D | M] (Locationbar²) -- C:\Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default\extensions\locationbar2@design-noir.de
[2012.04.21 20:39:11 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAMY\OCHRANA PC\AVAST SOFTWARE\AVAST\WEBREP\FF
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\{6E84150A-D526-41F1-A480-A67D3FED910D}.XPI
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\{EF522540-89F5-46B9-B6FE-1829E2B572C6}.XPI
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\ARTUR.DUBOVOY@GMAIL.COM.XPI
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\BROWSERPROTECT@BROWSERPROTECT.COM.XPI
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\NOIA4OPTIONS@ARIST2.XPI
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\PRINTPRINTPREVIEW-ANDREWSFIREFOXEXTENSIONS@GMAIL.COM.XPI
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\SMARTERWIKI@WIKIATIC.COM.XPI
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\aost\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\aost\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\aost\AppData\Local\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\aost\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Mixesoft Click&Clean Plug-In (Enabled) = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.8.3.0_0\plugin/npccch32.dll
CHR - plugin: Bitdefender QuickScan (Enabled) = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.8.3.0_0\plugin/npqscan.dll
CHR - plugin: Chrome IE Tab (Enabled) = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\2.11.30.1_0\plugin/blackfishietab.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programy\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Programy\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Winamp Application Detector (Enabled) = C:\Programy\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Picasa (Enabled) = C:\Programy\Google\Picasa3\npPicasa3.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Programy\VideoLAN\VLC\npvlc.dll
CHR - plugin: Google Update (Enabled) = C:\Users\aost\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Click&Clean = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.8.3.0_0\
CHR - Extension: AdBlock = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.25_0\
CHR - Extension: IE Tab = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\2.11.30.1_0\
CHR - Extension: avast! WebRep = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Downloads = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfchnphgogjhineanplmfkofljiagjfb\1_0\
CHR - Extension: SaferChrome = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgpkjjingioekjianemgdobchenebhek\0.2.1_0\
CHR - Extension: FastestChrome - Browse Faster = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\6.1.6_0\
CHR - Extension: Black Op [Aero] = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpgmeklahbkoneancafimbbpbhechch\1.9_0\
O1 HOSTS File: ([2012.02.05 12:44:04 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programy\Ochrana PC\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programy\Ochrana PC\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Programy\Ochrana PC\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Programy\Ochrana PC\Comodo Firewall\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [P17Helper] C:\Windows\System32\P17.DLL ()
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1583777143-300269307-4166726652-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-1583777143-300269307-4166726652-1002..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Programy\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programy\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.248.0.100 212.158.128.2 212.158.128.3
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5CBA99FF-662E-4386-8E41-28E95A1BFEB8}: DhcpNameServer = 10.248.0.100 212.158.128.2 212.158.128.3
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (䥠ƶÄƶ䖓㽐窗ࠀ䶰ƶ䣀ƶરƶ C:\Windows\system32\guard32.dll) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Programy\Ochrana PC\SAS\SASWINLO.DLL) - C:\Programy\Ochrana PC\SAS\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Users\aost\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\aost\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programy\Ochrana PC\SAS\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{678224aa-4402-11e0-b6f6-001a4d59497c}\Shell - "" = AutoRun
O33 - MountPoints2\{678224aa-4402-11e0-b6f6-001a4d59497c}\Shell\AutoRun\command - "" = F:\USBAutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\USBAutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.04.22 23:57:27 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\aost\Desktop\OTL.exe
[2012.04.22 23:03:37 | 000,033,984 | ---- | C] (COMODO) -- C:\Windows\System32\cmdcsr.dll
[2012.04.22 22:59:25 | 000,000,000 | ---D | C] -- C:\rsit
[2012.04.22 22:33:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
[2012.04.21 22:45:00 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.04.21 21:31:34 | 000,000,000 | ---D | C] -- C:\Users\aost\AppData\Roaming\HandBrake
[2012.04.21 21:30:33 | 000,000,000 | ---D | C] -- C:\Users\aost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake
[2012.04.21 21:30:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
[2012.04.21 20:54:42 | 000,000,000 | ---D | C] -- C:\Users\aost\AppData\Roaming\CheckPoint
[2012.04.21 20:46:10 | 000,000,000 | ---D | C] -- C:\Users\aost\AppData\Roaming\SUPERAntiSpyware.com
[2012.04.21 20:45:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012.04.21 20:45:06 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012.04.21 20:39:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012.04.21 20:39:32 | 000,337,880 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012.04.21 20:39:32 | 000,020,696 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012.04.21 20:39:30 | 000,035,672 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2012.04.21 20:39:29 | 000,053,848 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012.04.21 20:39:28 | 000,612,184 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012.04.21 20:39:26 | 000,057,688 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012.04.21 20:39:03 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.04.21 20:39:02 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012.04.21 20:38:47 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
========== Files - Modified Within 7 Days ==========
[2012.04.23 00:08:35 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.04.23 00:02:00 | 000,000,958 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1583777143-300269307-4166726652-1000UA.job
[2012.04.22 23:57:32 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\aost\Desktop\OTL.exe
[2012.04.22 23:12:10 | 000,607,232 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.04.22 23:12:10 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.04.22 23:12:10 | 000,117,912 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.04.22 23:12:10 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.04.22 23:10:57 | 000,000,610 | ---- | M] () -- C:\Users\aost\mm.cfg
[2012.04.22 23:07:50 | 000,004,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.22 23:07:50 | 000,004,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.22 23:07:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.22 22:33:18 | 000,001,973 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2012.04.21 22:35:44 | 000,000,083 | -HS- | M] () -- C:\ProgramData\.zreglib
[2012.04.21 21:30:34 | 000,000,697 | ---- | M] () -- C:\Users\aost\Desktop\Handbrake.lnk
[2012.04.21 21:10:58 | 000,000,578 | ---- | M] () -- C:\Users\aost\AppData\Roaming\AutoGK.ini
[2012.04.21 20:49:56 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.04.21 20:45:08 | 000,001,711 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.04.21 20:43:23 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012.04.21 20:43:23 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012.04.21 20:39:33 | 000,001,863 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.04.20 10:02:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1583777143-300269307-4166726652-1000Core.job
========== Files Created - No Company Name ==========
[2012.04.23 00:08:35 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.04.22 23:10:57 | 000,000,610 | ---- | C] () -- C:\Users\aost\mm.cfg
[2012.04.22 22:33:18 | 000,001,973 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2012.04.21 21:30:34 | 000,000,697 | ---- | C] () -- C:\Users\aost\Desktop\Handbrake.lnk
[2012.04.21 20:45:08 | 000,001,711 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.04.21 20:43:23 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012.04.21 20:43:23 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012.04.21 20:39:33 | 000,001,863 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.04.14 23:38:12 | 000,000,952 | ---- | C] () -- C:\Users\aost\AppData\Local\SRDownloader.nast
[2012.04.14 23:36:55 | 000,000,310 | ---- | C] () -- C:\Users\aost\AppData\Local\SRDownloader.err
[2012.02.26 12:29:53 | 000,000,083 | -HS- | C] () -- C:\ProgramData\.zreglib
[2012.02.26 12:14:35 | 000,000,578 | ---- | C] () -- C:\Users\aost\AppData\Roaming\AutoGK.ini
[2012.02.09 21:05:44 | 000,416,064 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011.12.27 00:22:37 | 000,000,036 | ---- | C] () -- C:\Windows\mafosav.INI
[2011.12.03 23:23:49 | 000,048,681 | ---- | C] () -- C:\Users\aost\AppData\Roaming\mdbu.bin
[2011.04.10 17:24:20 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2011.04.10 17:24:19 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2011.04.10 17:24:19 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2011.04.10 17:24:19 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2011.04.10 17:24:19 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2011.04.10 17:24:19 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2011.04.10 17:24:19 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2011.04.10 17:24:19 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2011.04.10 17:24:19 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2011.04.10 17:24:19 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2011.04.10 17:24:19 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2011.04.10 17:24:19 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2011.04.10 17:24:19 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2011.04.10 17:24:19 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2011.04.10 17:24:19 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2011.04.10 17:24:19 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2011.04.10 17:24:19 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2011.04.10 17:24:19 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2011.04.10 17:24:19 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2011.04.10 17:20:19 | 000,000,026 | ---- | C] () -- C:\Windows\CDEDX7400EXPORT.ini
[2011.03.02 21:41:27 | 001,474,832 | ---- | C] () -- C:\Windows\System32\drivers\sfi.dat
[2011.03.01 21:54:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2011.03.01 21:54:26 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2011.02.22 21:03:19 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2011.02.20 17:01:01 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011.02.20 17:00:19 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011.02.20 17:00:19 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011.02.20 16:01:15 | 000,033,280 | ---- | C] () -- C:\Users\aost\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.20 13:43:33 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.02.20 10:34:33 | 000,005,627 | R--- | C] () -- C:\Windows\System32\Ludap17.ini
[2011.02.20 10:34:33 | 000,000,039 | R--- | C] () -- C:\Windows\System32\ctzapxx.ini
[2011.02.20 10:06:47 | 000,203,328 | R--- | C] () -- C:\Windows\GSetup.exe
[2011.02.20 10:06:47 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011.02.20 01:00:03 | 000,000,680 | ---- | C] () -- C:\Users\aost\AppData\Local\d3d9caps.dat
========== LOP Check ==========
[2011.10.18 22:45:44 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Canneverbe Limited
[2012.04.22 22:29:32 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\CheckPoint
[2011.03.02 22:37:00 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Digiarty
[2012.01.25 23:55:58 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\EPSON
[2012.02.29 19:31:38 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\GHISLER
[2012.04.13 11:03:07 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\gtk-2.0
[2012.04.21 21:31:46 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\HandBrake
[2011.03.01 22:34:36 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\LG Electronics
[2012.01.19 00:46:55 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Nokia
[2011.04.03 00:05:21 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Nokia Ovi Suite
[2012.02.24 18:19:30 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\PC Suite
[2011.04.09 00:10:09 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Rajce
[2011.03.05 23:14:35 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Thunderbird
[2011.07.20 23:04:23 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Ulozto File Manager
[2012.04.22 23:06:09 | 000,032,560 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: ATAPI.SYS >
[2009.04.11 00:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 00:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 00:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.19 00:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 00:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2011.02.20 11:18:22 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2011.02.20 11:18:22 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2011.02.20 11:18:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.04.11 00:27:22 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009.04.11 00:27:22 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.19 00:33:02 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2006.11.02 11:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_dfbd2b4dc4d6121b\autochk.exe
< MD5 for: CDROM.SYS >
[2008.01.18 22:49:52 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.18 22:49:52 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.10 22:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009.04.10 22:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009.04.10 22:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.20 11:17:48 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2011.02.20 11:17:48 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2011.02.20 11:17:47 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2011.02.20 11:35:17 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2011.02.20 11:35:17 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009.04.11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2011.02.20 11:17:48 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 00:33:12 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: HAL.DLL >
[2009.04.11 00:32:48 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll
< MD5 for: SCECLI.DLL >
[2008.01.19 00:36:20 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.11 00:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 00:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: SVCHOST.EXE >
[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008.01.19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
< MD5 for: TCPIP.SYS >
[2009.04.11 00:33:04 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2011.09.20 23:02:55 | 000,913,280 | ---- | M] (Microsoft Corporation) MD5=16731B631F28F63CD9F4CB60940E7DDD -- C:\Windows\System32\drivers\tcpip.sys
[2011.09.20 23:02:55 | 000,913,280 | ---- | M] (Microsoft Corporation) MD5=16731B631F28F63CD9F4CB60940E7DDD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_b58c64c97caa1c43\tcpip.sys
[2011.02.20 11:36:12 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2011.02.20 11:36:08 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2011.06.17 22:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[2011.02.20 11:11:45 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2011.02.20 11:11:44 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2011.02.20 11:36:12 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2011.02.20 11:11:45 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2011.02.20 11:11:45 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2011.02.20 11:16:45 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
[2011.02.20 11:16:46 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
[2008.02.23 04:41:29 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=61B7D6702B0E9F8515A8BE9DB99D624B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20778_none_5fe546ddab8247e0\tcpip.sys
[2010.06.16 17:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2011.02.20 11:36:10 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2011.06.17 22:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[2010.06.16 18:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2008.02.23 06:41:37 | 000,890,936 | ---- | M] (Microsoft Corporation) MD5=6E478D65CE91984E75298C30FAEDCEBB -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22121_none_b3930f8f7f9331f9\tcpip.sys
[2010.06.16 17:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2011.09.20 23:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_b502c618638c7f52\tcpip.sys
[2011.02.20 11:36:09 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2011.02.20 11:11:44 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010.06.16 18:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2010.04.05 19:03:01 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=A6A02EF5B5E40FBD31A1ADC577DA54BB -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys
[2010.04.05 22:00:48 | 000,910,208 | ---- | M] (Microsoft Corporation) MD5=CC9993701AC57F995554C696DDA49C12 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22377_none_b5497d157cdc9c9f\tcpip.sys
[2006.11.02 10:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
[2011.02.20 11:11:44 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2008.01.19 00:43:40 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2011.02.20 11:36:10 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.01.19 00:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.19 00:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 00:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 00:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 00:33:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< >
< %systemroot%*.* /U /s >
[7 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Installer\{FD8E178D-8B4E-42DA-B434-EFF270329B1C}\*.tmp files -> C:\Windows\Installer\{FD8E178D-8B4E-42DA-B434-EFF270329B1C}\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.02.24 21:32:28 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Adobe
[2011.10.18 22:45:44 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Canneverbe Limited
[2012.04.22 22:29:32 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\CheckPoint
[2011.04.26 22:19:07 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Creative
[2011.03.02 22:37:00 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Digiarty
[2011.03.01 00:51:36 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\dvdcss
[2012.01.25 23:55:58 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\EPSON
[2012.02.29 19:31:38 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\GHISLER
[2012.04.13 11:03:07 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\gtk-2.0
[2012.04.21 21:31:46 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\HandBrake
[2011.02.20 01:00:13 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Identities
[2011.02.20 10:15:07 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\InstallShield
[2011.03.01 22:34:36 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\LG Electronics
[2011.02.21 22:59:49 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Macromedia
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Media Center Programs
[2012.02.26 14:30:38 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Media Player Classic
[2012.02.24 19:30:38 | 000,000,000 | --SD | M] -- C:\Users\aost\AppData\Roaming\Microsoft
[2011.09.21 23:49:46 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Mozilla
[2012.01.19 00:46:55 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Nokia
[2011.04.03 00:05:21 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Nokia Ovi Suite
[2012.02.24 18:19:30 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\PC Suite
[2011.04.09 00:10:09 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Rajce
[2011.02.23 00:48:05 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Skype
[2011.02.22 21:03:18 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\skypePM
[2012.04.21 20:46:10 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\SUPERAntiSpyware.com
[2011.03.05 23:14:35 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Thunderbird
[2011.07.20 23:04:23 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Ulozto File Manager
[2011.06.30 23:17:22 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\vlc
[2012.04.21 21:12:26 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Winamp
[2011.06.01 21:36:54 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2011.01.24 13:53:52 | 001,055,232 | ---- | M] (Digiarty Software) -- C:\Users\aost\AppData\Roaming\Digiarty\DAPlayer\DAUpdate.exe
[2012.02.24 19:30:38 | 000,053,248 | R--- | M] (Flexera Software, Inc.) -- C:\Users\aost\AppData\Roaming\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\ARPPRODUCTICON.exe
[2012.02.24 19:30:38 | 000,049,152 | R--- | M] (Flexera Software, Inc.) -- C:\Users\aost\AppData\Roaming\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
[2012.02.24 19:30:38 | 000,073,728 | R--- | M] (Flexera Software, Inc.) -- C:\Users\aost\AppData\Roaming\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\NewShortcut46_74B9CE5DF1F4447F982DCA29A461B529.exe
[2012.02.24 19:30:38 | 000,073,728 | R--- | M] (Flexera Software, Inc.) -- C:\Users\aost\AppData\Roaming\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\NewShortcut47_74B9CE5DF1F4447F982DCA29A461B529.exe
[2012.02.24 19:30:38 | 000,049,152 | R--- | M] (Flexera Software, Inc.) -- C:\Users\aost\AppData\Roaming\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
[2009.06.04 13:51:24 | 001,413,256 | R--- | M] () -- C:\Users\aost\AppData\Roaming\Microsoft\Windows\Templates\F\USBAutoRun.exe
[2009.06.04 13:51:24 | 001,413,256 | R--- | M] () -- C:\Users\aost\AppData\Roaming\Microsoft\Windows\Templates\J\USBAutoRun.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2012.04.20 10:02:00 | 000,000,906 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1583777143-300269307-4166726652-1000Core.job
[2012.04.23 00:02:00 | 000,000,958 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1583777143-300269307-4166726652-1000UA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 12:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.04.22 23:07:50 | 000,004,848 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.22 23:07:50 | 000,004,848 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.21 20:49:56 | 000,002,577 | ---- | M] () -- C:\Windows\system32\config.nt
[2012.04.22 23:12:10 | 000,117,912 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2012.04.22 23:12:10 | 000,103,872 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2012.04.22 23:12:10 | 000,607,232 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2012.04.22 23:12:10 | 000,595,798 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2012.04.22 23:12:10 | 001,418,258 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ehTray.exe" = C:\Windows\ehome\ehTray.exe -- [2008.01.19 00:33:10 | 000,125,952 | ---- | M] (Microsoft Corporation)
"" =
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2011.03.20 09:00:48 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.04.23 00:08:35 | 000,000,512 | ---- | M] () MD5=AAD33C7C181A0EDF4F7D83157CCF6F29 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2012.02.05 20:10:38 | 000,062,238 | ---- | M] () -- \Program Files\GIMP-2.0\share\gimp\2.0\patterns\cracked.pat
< *keygen* /s >
< *loader* /s >
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2011.11.11 13:20:12 | 000,112,128 | ---- | M] () -- \Program Files\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2006.12.15 14:31:20 | 000,114,688 | ---- | M] () -- \Program Files\epson\Creativity Suite\Easy Photo Print\APFLoaderV13.dll
[2004.04.21 17:09:00 | 000,069,632 | ---- | M] () -- \Program Files\epson\Creativity Suite\Easy Photo Print\EpAPFLoader.dll
[2006.02.28 19:02:04 | 000,102,400 | ---- | M] () -- \Program Files\epson\Creativity Suite\Easy Photo Print\EpAPFLoader2006.dll
[2010.02.07 21:40:00 | 000,000,543 | ---- | M] () -- \Program Files\GIMP-2.0\etc\gtk-2.0\gdk-pixbuf.loaders
[2009.12.15 17:58:18 | 000,017,056 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2009.12.15 17:58:20 | 000,018,592 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2009.12.15 17:58:24 | 000,026,272 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2009.12.15 17:58:26 | 000,012,960 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2009.12.15 17:58:28 | 000,017,568 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2009.12.15 17:58:56 | 000,019,616 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2009.12.15 17:59:04 | 000,015,008 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2009.12.15 17:59:06 | 000,019,104 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2009.12.15 17:59:10 | 000,017,056 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2009.12.15 17:59:14 | 000,012,448 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2009.12.15 17:59:16 | 000,016,544 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2009.12.15 17:59:20 | 000,016,544 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2009.12.15 17:59:22 | 000,011,936 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2009.12.15 17:59:24 | 000,013,984 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2009.12.15 17:59:28 | 000,028,320 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2009.05.01 19:42:00 | 000,009,880 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2011.12.16 11:34:00 | 000,002,560 | ---- | M] () -- \Program Files\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2011.10.17 15:10:26 | 000,071,528 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011.11.06 12:09:52 | 000,083,816 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2011.11.24 12:01:02 | 000,001,539 | ---- | M] () -- \Programy\HF Designer\Loader.elf
[2011.11.24 12:00:54 | 000,602,816 | ---- | M] () -- \Programy\HF Designer\Loader.exe
[2012.04.14 23:37:33 | 000,000,310 | ---- | M] () -- \Users\aost\AppData\Local\SRDownloader.err
[2012.04.14 23:44:08 | 000,000,952 | ---- | M] () -- \Users\aost\AppData\Local\SRDownloader.nast
[2012.02.19 17:16:05 | 000,000,621 | ---- | M] () -- \Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default\extensions\flashfirebug@o-minds.com\chrome\content\themes\default\images\UIComponents\UILoader.gif
[2012.02.19 17:16:29 | 000,000,621 | ---- | M] () -- \Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default\extensions\flashfirebug@o-minds.com\chrome\content\themes\default\inspector\UIComponents\UILoader.gif
[2012.02.19 17:15:27 | 000,000,621 | ---- | M] () -- \Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default\extensions\flashfirebug@o-minds.com\chrome\skin\classic\inspector\UIComponents\UILoader.gif
[2011.09.01 13:13:30 | 000,112,128 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-1583777143-300269307-4166726652-1000\CBEC1D2927C7FCE4FB6C1C13FEF36E7A\3.3.86\ta_productapiloader..D321D6CC_DBBE_4AC3_8DBD_DFF82BB39BDC
[2008.01.19 00:34:06 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011.02.21 11:49:30 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50.manifest
[2011.02.21 11:49:30 | 000,026,112 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50_winload.exe.mui_3bc5b827
[2011.02.21 11:49:30 | 000,016,384 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50_winresume.exe.mui_ff8b5358
[2011.02.20 16:09:13 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2011.02.20 16:09:13 | 000,027,648 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winload.exe.mui_3bc5b827
[2011.02.20 16:09:13 | 000,019,968 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winresume.exe.mui_ff8b5358
[2011.02.20 17:14:39 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2011.02.20 17:14:39 | 000,986,600 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winload.exe_75835076
[2011.02.20 17:14:39 | 000,926,184 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winresume.exe_85cd1215
[2011.02.20 16:09:18 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2011.02.20 16:09:18 | 000,021,048 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2_spldr.sys_98bd87a0
[2011.02.20 01:55:29 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_de-de_cb9c6772f81a418b.manifest
[2011.02.20 01:55:06 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50.manifest
[2011.02.20 01:55:42 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_es-es_74589a4fe71f3ef5.manifest
[2011.02.20 01:55:07 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_fr-fr_1710104ed9f15557.manifest
[2011.02.20 01:56:12 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_it-it_01380695b1233ad5.manifest
[2011.02.20 01:56:16 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_ja-jp_a35d85a2a43e4cb0.manifest
[2011.02.20 01:56:36 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_nl-nl_2d992eca70004957.manifest
[2011.02.20 01:55:28 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_de-de_cbf6c366115bebbd.manifest
[2011.02.20 01:55:05 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_en-us_74e7995f0039f782.manifest
[2011.02.20 01:55:42 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_es-es_74b2f6430060e927.manifest
[2011.02.20 01:55:07 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_fr-fr_176a6c41f332ff89.manifest
[2011.02.20 01:56:11 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_it-it_01926288ca64e507.manifest
[2011.02.20 01:56:15 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_ja-jp_a3b7e195bd7ff6e2.manifest
[2011.02.20 01:56:36 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_nl-nl_2df38abd8941f389.manifest
[2008.01.19 05:14:52 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2011.02.20 01:54:55 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.16646_none_591b3d986f9b5725.manifest
[2011.02.20 01:54:55 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.20782_none_5975998b88dd0157.manifest
[2008.01.19 01:00:00 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18000_none_5b26ba326ca6e048.manifest
[2011.02.20 01:54:34 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b.manifest
[2011.02.20 01:54:34 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.22125_none_5b9fb89785d036a7.manifest
[2009.04.11 01:12:44 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2006.11.02 12:13:06 | 000,003,970 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6000.16386_none_68fc663d5430d3de.manifest
[2008.01.19 01:05:22 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2006.11.02 14:34:33 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6000.16386_none_43bd59f592b7be86\dmloader.dll
[2008.01.19 00:34:06 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmloader.dll
[2008.01.19 00:34:06 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmloader.dll
< >
< HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows >
"AppInit_DLLs" = ?zÄz?????z?z?z C:\Windows\system32\guard32.dll
"LoadAppInit_DLLs" = 1
"IconServiceLib" = IconCodecService.dll -- [2006.11.02 14:34:33 | 000,009,728 | ---- | M] (Microsoft Corporation)
"DdeSendTimeout" = 0
"DesktopHeapLogging" = 1
"GDIProcessHandleQuota" = 10000
"ShutdownWarningDialogTimeout" = -1
"USERPostMessageLimit" = 10000
"USERProcessHandleQuota" = 10000
"" = mnmsrvc
"DeviceNotSelectedTimeout" = 15
"Spooler" = yes
"TransmissionRetryTimeout" = 90
"USERNestedWindowLimit" = 50
< C:\Windows\system32\guard32.dll /md5 >
[2012.03.11 23:13:18 | 000,301,224 | ---- | M] (COMODO) MD5=34ABDA6C1C69E54400C670D5CAC6AFA6 -- C:\Windows\system32\guard32.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 5384 bytes -> C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6002.18005_none_b5c807ab2d93d829\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 5384 bytes -> C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6001.18000_none_b3dc8e9f30720cdd\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 5384 bytes -> C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6000.16386_none_b1a5cca33386fc09\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 5384 bytes -> C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 24 bytes -> C:\Windows:18EC77E372425579
< End of report >
Re: Prosím o kontrolu logu
OTL Extras logfile created on: 23.4.2012 0:07:07 - Run 1
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\aost\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,05 Gb Available Physical Memory | 52,51% Memory free
4,24 Gb Paging File | 3,15 Gb Available in Paging File | 74,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 43,95 Gb Total Space | 12,03 Gb Free Space | 27,38% Space Free | Partition Type: NTFS
Drive D: | 188,94 Gb Total Space | 154,75 Gb Free Space | 81,91% Space Free | Partition Type: NTFS
Computer Name: AOST-PC | User Name: aost | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1583777143-300269307-4166726652-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programy\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Programy\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programy\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programy\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programy\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Programy\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Programy\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Programy\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1583777143-300269307-4166726652-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{684ED4ED-3304-4233-AD24-49187FDD8B7C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7B553FB5-EF92-4DFE-A7ED-4BADB0E8CDCD}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{7C033A79-E492-44FA-BFF1-A70B00EDEE60}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{ABE893A2-538A-4ECF-B8AD-3DFFBFCB1DA0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C0A152A8-A7E7-4095-8AF1-713EBA328A8D}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{D116D34C-9B89-427B-A50C-5B1B36C92998}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{D51D0870-D24D-4B7B-B986-8FB8D4246C63}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D5C764E7-2376-44A5-8048-6D55FFC92023}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4E61B3FF-6027-4CFA-856D-822AF1F55828}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{54327EE9-17FA-4577-B7A5-1D26FB7754AA}" = dir=in | app=c:\programy\skype\plugin manager\skypepm.exe |
"{FFF4EF5B-D9C3-4F40-8F17-E230CD0FA7DC}" = dir=in | app=c:\programy\skype\phone\skype.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1B1DDAD2-C704-49F8-8FC2-18DAAD9A87C5}" = Sound Blaster Audigy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2EB81825-E9EE-44F4-8F51-1240C3898DC6}" = EPSON File Manager
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Configurer
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D78F2A2-C893-4ABD-B5FE-AD7011837755}" = EPSON Easy Photo Print
"{41313863-5170-4D7E-AD60-3CDF4DEBA81F}" = Nokia PC Suite
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4442AB48-DEC4-4B39-B067-1F75BF8017E7}" = Creative Centrale
"{47E5588F-C3A0-11DE-9857-005056C00008}" = Paragon Partition Manager™ 11 Free
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver
"{4EAE665D-957A-4D04-9679-3AD582008877}" = NVIDIA PhysX
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8190420D-F4BA-4744-8940-A466F81AF89C}_is1" = Ulož.to File Manager verze 1.4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86604C06-DA30-425E-AECE-47304FE81C45}" = Creative Software Update
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{889D48DA-457F-4C8B-9095-6458F2793B12}" = Nokia Software Updater
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-00B2-0405-0000-0000000FF1CE}" = Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}" = Nokia Suite
"{93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}" = Camera RAW Plug-In for EPSON Creativity Suite
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Czech
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 295.73
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.0209
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{FD8E178D-8B4E-42DA-B434-EFF270329B1C}" = COMODO Internet Security
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9)
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"AviSynth" = AviSynth 2.5
"CCleaner" = CCleaner
"CloneDVD2" = CloneDVD2
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.59
"Creative Centrale" = Creative Centrale
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Defraggler" = Defraggler
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Printer and Utilities" = Software tiskárny EPSON
"EPSON Scanner" = EPSON Scan
"HandBrake" = HandBrake 0.9.6
"HappyFoto-Designer_is1" = HF Designer 2.7
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Mozilla Firefox 11.0 (x86 cs)" = Mozilla Firefox 11.0 (x86 cs)
"Nokia PC Suite" = Nokia PC Suite
"Nokia Suite" = Nokia Suite
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Picasa 3" = Picasa 3
"rajče.net_is1" = rajče verze 59 sestavení 230
"Recuva" = Recuva
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 1.1.8
"VobSub" = VobSub v2.23 (Remove Only)
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.12
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"ZENMXUG" = Creative ZEN MX Documentation
"ZoneAlarm LTD Toolbar" = ZoneAlarm LTD Toolbar
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1583777143-300269307-4166726652-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Detector Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 9.3.2012 10:21:47 | Computer Name = aost-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 9.3.2012 10:21:47 | Computer Name = aost-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 3.4.2012 17:35:13 | Computer Name = aost-PC | Source = Application Hang | ID = 1002
Description = Program WINWORD.EXE verze 12.0.6612.1000 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení
problémů. ID procesu: be4 Čas zahájení: 01cd11e18e7f17a0 Čas ukončení: 0
Error - 7.4.2012 2:48:39 | Computer Name = aost-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace ufm.exe, verze 1.0.0.7, časové razítko 0x2a425e19,
chybující modul ufm.exe, verze 1.0.0.7, časové razítko 0x2a425e19, kód výjimky
0xc0000005, posun chyby 0x000066f1, ID procesu 0xe84, čas spuštění aplikace 0x01cd148785781be1.
Error - 14.4.2012 17:44:09 | Computer Name = aost-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace SRDownloader.exe, verze 2.1.8.9, časové razítko
0x4f3fb8bc, chybující modul SRDownloader.exe, verze 2.1.8.9, časové razítko 0x4f3fb8bc,
kód výjimky 0xc0000005, posun chyby 0x0000584e, ID procesu 0xc24, čas spuštění aplikace
0x01cd1a869afab346.
Error - 21.4.2012 14:34:10 | Computer Name = aost-PC | Source = Perflib | ID = 1010
Description =
Error - 21.4.2012 15:32:02 | Computer Name = aost-PC | Source = .NET Runtime | ID = 1026
Description =
Error - 22.4.2012 16:23:01 | Computer Name = aost-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description =
Error - 22.4.2012 16:23:31 | Computer Name = aost-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description =
Error - 22.4.2012 16:23:31 | Computer Name = aost-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description =
[ OSession Events ]
Error - 23.2.2012 5:16:49 | Computer Name = aost-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 311 seconds with 240 seconds of active time. This session ended with a crash.
Error - 23.2.2012 5:17:23 | Computer Name = aost-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 24 seconds with 0 seconds of active time. This session ended with a crash.
Error - 23.2.2012 5:18:37 | Computer Name = aost-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 52 seconds with 0 seconds of active time. This session ended with a crash.
Error - 23.2.2012 5:19:16 | Computer Name = aost-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 19 seconds with 0 seconds of active time. This session ended with a crash.
Error - 23.2.2012 5:26:40 | Computer Name = aost-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 371 seconds with 120 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 22.4.2012 16:26:16 | Computer Name = aost-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 22.4.2012 16:26:32 | Computer Name = aost-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 22.4.2012 16:36:53 | Computer Name = aost-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 22.4.2012 16:37:07 | Computer Name = aost-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 22.4.2012 16:54:08 | Computer Name = aost-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 22.4.2012 16:54:15 | Computer Name = aost-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 22.4.2012 16:56:39 | Computer Name = aost-PC | Source = BROWSER | ID = 8032
Description =
Error - 22.4.2012 17:08:39 | Computer Name = aost-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 22.4.2012 17:08:44 | Computer Name = aost-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 22.4.2012 17:11:09 | Computer Name = aost-PC | Source = BROWSER | ID = 8032
Description =
< End of report >
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\aost\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,05 Gb Available Physical Memory | 52,51% Memory free
4,24 Gb Paging File | 3,15 Gb Available in Paging File | 74,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 43,95 Gb Total Space | 12,03 Gb Free Space | 27,38% Space Free | Partition Type: NTFS
Drive D: | 188,94 Gb Total Space | 154,75 Gb Free Space | 81,91% Space Free | Partition Type: NTFS
Computer Name: AOST-PC | User Name: aost | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1583777143-300269307-4166726652-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programy\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Programy\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programy\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programy\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programy\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Programy\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Programy\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Programy\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1583777143-300269307-4166726652-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{684ED4ED-3304-4233-AD24-49187FDD8B7C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7B553FB5-EF92-4DFE-A7ED-4BADB0E8CDCD}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{7C033A79-E492-44FA-BFF1-A70B00EDEE60}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{ABE893A2-538A-4ECF-B8AD-3DFFBFCB1DA0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C0A152A8-A7E7-4095-8AF1-713EBA328A8D}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{D116D34C-9B89-427B-A50C-5B1B36C92998}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{D51D0870-D24D-4B7B-B986-8FB8D4246C63}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D5C764E7-2376-44A5-8048-6D55FFC92023}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4E61B3FF-6027-4CFA-856D-822AF1F55828}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{54327EE9-17FA-4577-B7A5-1D26FB7754AA}" = dir=in | app=c:\programy\skype\plugin manager\skypepm.exe |
"{FFF4EF5B-D9C3-4F40-8F17-E230CD0FA7DC}" = dir=in | app=c:\programy\skype\phone\skype.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1B1DDAD2-C704-49F8-8FC2-18DAAD9A87C5}" = Sound Blaster Audigy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2EB81825-E9EE-44F4-8F51-1240C3898DC6}" = EPSON File Manager
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Configurer
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D78F2A2-C893-4ABD-B5FE-AD7011837755}" = EPSON Easy Photo Print
"{41313863-5170-4D7E-AD60-3CDF4DEBA81F}" = Nokia PC Suite
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4442AB48-DEC4-4B39-B067-1F75BF8017E7}" = Creative Centrale
"{47E5588F-C3A0-11DE-9857-005056C00008}" = Paragon Partition Manager™ 11 Free
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver
"{4EAE665D-957A-4D04-9679-3AD582008877}" = NVIDIA PhysX
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8190420D-F4BA-4744-8940-A466F81AF89C}_is1" = Ulož.to File Manager verze 1.4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86604C06-DA30-425E-AECE-47304FE81C45}" = Creative Software Update
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{889D48DA-457F-4C8B-9095-6458F2793B12}" = Nokia Software Updater
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-00B2-0405-0000-0000000FF1CE}" = Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}" = Nokia Suite
"{93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}" = Camera RAW Plug-In for EPSON Creativity Suite
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Czech
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 295.73
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.0209
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{FD8E178D-8B4E-42DA-B434-EFF270329B1C}" = COMODO Internet Security
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9)
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"AviSynth" = AviSynth 2.5
"CCleaner" = CCleaner
"CloneDVD2" = CloneDVD2
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.59
"Creative Centrale" = Creative Centrale
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Defraggler" = Defraggler
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Printer and Utilities" = Software tiskárny EPSON
"EPSON Scanner" = EPSON Scan
"HandBrake" = HandBrake 0.9.6
"HappyFoto-Designer_is1" = HF Designer 2.7
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Mozilla Firefox 11.0 (x86 cs)" = Mozilla Firefox 11.0 (x86 cs)
"Nokia PC Suite" = Nokia PC Suite
"Nokia Suite" = Nokia Suite
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Picasa 3" = Picasa 3
"rajče.net_is1" = rajče verze 59 sestavení 230
"Recuva" = Recuva
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 1.1.8
"VobSub" = VobSub v2.23 (Remove Only)
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.12
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"ZENMXUG" = Creative ZEN MX Documentation
"ZoneAlarm LTD Toolbar" = ZoneAlarm LTD Toolbar
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1583777143-300269307-4166726652-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Detector Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 9.3.2012 10:21:47 | Computer Name = aost-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 9.3.2012 10:21:47 | Computer Name = aost-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 3.4.2012 17:35:13 | Computer Name = aost-PC | Source = Application Hang | ID = 1002
Description = Program WINWORD.EXE verze 12.0.6612.1000 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení
problémů. ID procesu: be4 Čas zahájení: 01cd11e18e7f17a0 Čas ukončení: 0
Error - 7.4.2012 2:48:39 | Computer Name = aost-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace ufm.exe, verze 1.0.0.7, časové razítko 0x2a425e19,
chybující modul ufm.exe, verze 1.0.0.7, časové razítko 0x2a425e19, kód výjimky
0xc0000005, posun chyby 0x000066f1, ID procesu 0xe84, čas spuštění aplikace 0x01cd148785781be1.
Error - 14.4.2012 17:44:09 | Computer Name = aost-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace SRDownloader.exe, verze 2.1.8.9, časové razítko
0x4f3fb8bc, chybující modul SRDownloader.exe, verze 2.1.8.9, časové razítko 0x4f3fb8bc,
kód výjimky 0xc0000005, posun chyby 0x0000584e, ID procesu 0xc24, čas spuštění aplikace
0x01cd1a869afab346.
Error - 21.4.2012 14:34:10 | Computer Name = aost-PC | Source = Perflib | ID = 1010
Description =
Error - 21.4.2012 15:32:02 | Computer Name = aost-PC | Source = .NET Runtime | ID = 1026
Description =
Error - 22.4.2012 16:23:01 | Computer Name = aost-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description =
Error - 22.4.2012 16:23:31 | Computer Name = aost-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description =
Error - 22.4.2012 16:23:31 | Computer Name = aost-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description =
[ OSession Events ]
Error - 23.2.2012 5:16:49 | Computer Name = aost-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 311 seconds with 240 seconds of active time. This session ended with a crash.
Error - 23.2.2012 5:17:23 | Computer Name = aost-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 24 seconds with 0 seconds of active time. This session ended with a crash.
Error - 23.2.2012 5:18:37 | Computer Name = aost-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 52 seconds with 0 seconds of active time. This session ended with a crash.
Error - 23.2.2012 5:19:16 | Computer Name = aost-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 19 seconds with 0 seconds of active time. This session ended with a crash.
Error - 23.2.2012 5:26:40 | Computer Name = aost-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 371 seconds with 120 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 22.4.2012 16:26:16 | Computer Name = aost-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 22.4.2012 16:26:32 | Computer Name = aost-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 22.4.2012 16:36:53 | Computer Name = aost-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 22.4.2012 16:37:07 | Computer Name = aost-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 22.4.2012 16:54:08 | Computer Name = aost-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 22.4.2012 16:54:15 | Computer Name = aost-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 22.4.2012 16:56:39 | Computer Name = aost-PC | Source = BROWSER | ID = 8032
Description =
Error - 22.4.2012 17:08:39 | Computer Name = aost-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 22.4.2012 17:08:44 | Computer Name = aost-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 22.4.2012 17:11:09 | Computer Name = aost-PC | Source = BROWSER | ID = 8032
Description =
< End of report >
-
Danstahr
- Přítel fóra
- Příspěvky: 1069
- Registrován: 28 říj 2006 20:23
- Bydliště: Londýn
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Projděte si doplňky ve Firefoxu a v Chromu a nechte aktivní jen ty, které opravdu používáte. Spusťte znovu OTL, do okna dole vložte následující skript a klikněte na tlačítko Opravit. Bude následovat restart PC a poté se otevře log, ten sem prosím vložte.Kód: Vybrat vše
:Commands
[EmptyTemp]
[ResetHosts]
[EmptyFlash]
:Reg
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"="C:\Windows\system32\guard32.dll"
[HKEY_USERS\S-1-5-21-1583777143-300269307-4166726652-1002\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"=-
:OTL
@Alternate Data Stream - 5384 bytes -> C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6002.18005_none_b5c807ab2d93d829\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 5384 bytes -> C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6001.18000_none_b3dc8e9f30720cdd\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 5384 bytes -> C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6000.16386_none_b1a5cca33386fc09\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 5384 bytes -> C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 24 bytes -> C:\Windows:18EC77E372425579
[2012.04.20 10:02:00 | 000,000,906 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1583777143-300269307-4166726652-1000Core.job
[2012.04.23 00:02:00 | 000,000,958 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1583777143-300269307-4166726652-1000UA.job
[7 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Installer\{FD8E178D-8B4E-42DA-B434-EFF270329B1C}\*.tmp files -> C:\Windows\Installer\{FD8E178D-8B4E-42DA-B434-EFF270329B1C}\*.tmp -> ]
[2012.04.22 23:12:10 | 000,607,232 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.04.22 23:12:10 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.04.22 23:12:10 | 000,117,912 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.04.22 23:12:10 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
O13 - gopher Prefix: missing
O4 - HKU\S-1-5-21-1583777143-300269307-4166726652-1000..\Run: [] File not found
O3 - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.Koupím trochu času, cenu respektuji.
Re: Prosím o kontrolu logu
Dobrý večer,
přidávám nový log z OTL. Rozšíření v obou prohlížečích promažu
Prozatím děkuji.
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: aost
->Temp folder emptied: 89637610 bytes
->Temporary Internet Files folder emptied: 390470 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 49115311 bytes
->Google Chrome cache emptied: 6790498 bytes
->Flash cache emptied: 858 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: UpdatusUser
->Temp folder emptied: 898936 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 405932 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 140,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYFLASH]
User: All Users
User: aost
->Flash cache emptied: 0 bytes
User: Default
User: Default User
User: Public
User: UpdatusUser
Total Flash Files Cleaned = 0,00 mb
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows\\"AppInit_DLLs"|"C:\Windows\system32\guard32.dll" /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1583777143-300269307-4166726652-1002\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsWelcomeCenter deleted successfully.
========== OTL ==========
ADS C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6002.18005_none_b5c807ab2d93d829\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh deleted successfully.
Unable to delete ADS C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6001.18000_none_b3dc8e9f30720cdd\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh .
Unable to delete ADS C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6000.16386_none_b1a5cca33386fc09\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh .
Unable to delete ADS C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh .
ADS C:\Windows:18EC77E372425579 deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1583777143-300269307-4166726652-1000Core.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1583777143-300269307-4166726652-1000UA.job moved successfully.
C:\Windows\Installer\MSI3BBD.tmp deleted successfully.
C:\Windows\Installer\MSI3E9B.tmp deleted successfully.
C:\Windows\Installer\MSIACE8.tmp deleted successfully.
C:\Windows\Installer\MSIB0B0.tmp deleted successfully.
C:\Windows\Installer\MSIB1F9.tmp deleted successfully.
C:\Windows\Installer\MSIB39F.tmp deleted successfully.
C:\Windows\Installer\MSIF40.tmp deleted successfully.
C:\Windows\Installer\{FD8E178D-8B4E-42DA-B434-EFF270329B1C}\upd81.tmp deleted successfully.
C:\Windows\System32\perfh005.dat moved successfully.
C:\Windows\System32\perfh009.dat moved successfully.
C:\Windows\System32\perfc005.dat moved successfully.
C:\Windows\System32\perfc009.dat moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1583777143-300269307-4166726652-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1583777143-300269307-4166726652-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
Registry value HKEY_USERS\S-1-5-21-1583777143-300269307-4166726652-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}\ not found.
OTL by OldTimer - Version 3.2.40.0 log created on 04232012_210711
Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
přidávám nový log z OTL. Rozšíření v obou prohlížečích promažu
Prozatím děkuji.
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: aost
->Temp folder emptied: 89637610 bytes
->Temporary Internet Files folder emptied: 390470 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 49115311 bytes
->Google Chrome cache emptied: 6790498 bytes
->Flash cache emptied: 858 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: UpdatusUser
->Temp folder emptied: 898936 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 405932 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 140,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYFLASH]
User: All Users
User: aost
->Flash cache emptied: 0 bytes
User: Default
User: Default User
User: Public
User: UpdatusUser
Total Flash Files Cleaned = 0,00 mb
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows\\"AppInit_DLLs"|"C:\Windows\system32\guard32.dll" /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1583777143-300269307-4166726652-1002\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsWelcomeCenter deleted successfully.
========== OTL ==========
ADS C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6002.18005_none_b5c807ab2d93d829\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh deleted successfully.
Unable to delete ADS C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6001.18000_none_b3dc8e9f30720cdd\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh .
Unable to delete ADS C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6000.16386_none_b1a5cca33386fc09\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh .
Unable to delete ADS C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh .
ADS C:\Windows:18EC77E372425579 deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1583777143-300269307-4166726652-1000Core.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1583777143-300269307-4166726652-1000UA.job moved successfully.
C:\Windows\Installer\MSI3BBD.tmp deleted successfully.
C:\Windows\Installer\MSI3E9B.tmp deleted successfully.
C:\Windows\Installer\MSIACE8.tmp deleted successfully.
C:\Windows\Installer\MSIB0B0.tmp deleted successfully.
C:\Windows\Installer\MSIB1F9.tmp deleted successfully.
C:\Windows\Installer\MSIB39F.tmp deleted successfully.
C:\Windows\Installer\MSIF40.tmp deleted successfully.
C:\Windows\Installer\{FD8E178D-8B4E-42DA-B434-EFF270329B1C}\upd81.tmp deleted successfully.
C:\Windows\System32\perfh005.dat moved successfully.
C:\Windows\System32\perfh009.dat moved successfully.
C:\Windows\System32\perfc005.dat moved successfully.
C:\Windows\System32\perfc009.dat moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1583777143-300269307-4166726652-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1583777143-300269307-4166726652-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
Registry value HKEY_USERS\S-1-5-21-1583777143-300269307-4166726652-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}\ not found.
OTL by OldTimer - Version 3.2.40.0 log created on 04232012_210711
Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
-
Danstahr
- Přítel fóra
- Příspěvky: 1069
- Registrován: 28 říj 2006 20:23
- Bydliště: Londýn
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Dobrý den, omlouvám se za poněkud pozdní reakci.
Dejte prosím nový log z OTL podle návodu zde : http://forum.viry.cz/viewtopic.php?p=1107947#p1107947 (extras už se neotevře).
Dejte prosím nový log z OTL podle návodu zde : http://forum.viry.cz/viewtopic.php?p=1107947#p1107947 (extras už se neotevře).Koupím trochu času, cenu respektuji.
Re: Prosím o kontrolu logu
Dobrý den,
nic se neděje Nový log zde dám hned, jak se dostanu domů.
Zatím děkuji
nic se neděje
Nový log zde dám hned, jak se dostanu domů.Zatím děkuji
Re: Prosím o kontrolu logu
Dobrý večer,
posílám nový log z OTL:
OTL logfile created on: 24.4.2012 18:58:11 - Run 2
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\aost\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 0,97 Gb Available Physical Memory | 48,64% Memory free
4,24 Gb Paging File | 3,03 Gb Available in Paging File | 71,46% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 43,95 Gb Total Space | 14,66 Gb Free Space | 33,36% Space Free | Partition Type: NTFS
Drive D: | 188,94 Gb Total Space | 154,75 Gb Free Space | 81,91% Space Free | Partition Type: NTFS
Computer Name: AOST-PC | User Name: aost | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.04.22 23:57:32 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\aost\Desktop\OTL.exe
PRC - [2012.04.22 23:02:48 | 001,983,232 | ---- | M] (COMODO) -- C:\Programy\Ochrana PC\Comodo Firewall\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2012.03.26 11:25:02 | 001,162,296 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PcSync2.exe
PRC - [2012.03.26 11:24:58 | 001,516,600 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2012.03.22 11:01:12 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Programy\Mozilla Firefox\firefox.exe
PRC - [2012.03.11 23:13:00 | 006,749,512 | ---- | M] (COMODO) -- C:\Programy\Ochrana PC\Comodo Firewall\COMODO\COMODO Internet Security\cfp.exe
PRC - [2012.03.07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Programy\Ochrana PC\AVAST Software\Avast\AvastUI.exe
PRC - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Programy\Ochrana PC\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.02.10 06:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.02.10 05:02:27 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012.02.10 05:02:07 | 000,857,408 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2012.02.09 21:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.01.04 14:32:36 | 000,718,888 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2012.01.04 14:32:18 | 000,173,096 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2012.01.04 14:32:10 | 000,126,504 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Programy\Ochrana PC\SAS\SASCore.exe
PRC - [2009.04.11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.05.22 15:05:06 | 000,474,624 | ---- | M] (Nokia Corporation) -- C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
PRC - [2007.04.02 08:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe
========== Modules (No Company Name) ==========
MOD - [2012.03.26 11:25:32 | 000,345,656 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtXml4.dll
MOD - [2012.03.26 11:25:32 | 000,282,168 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtSvg4.dll
MOD - [2012.03.26 11:25:26 | 008,197,176 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtGUI4.dll
MOD - [2012.03.26 11:25:26 | 002,302,008 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtCore4.dll
MOD - [2012.03.26 11:25:24 | 000,027,704 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
MOD - [2012.03.26 11:25:22 | 000,202,296 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
MOD - [2012.03.26 11:25:20 | 000,042,552 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\iconengines\qsvgicon4.dll
MOD - [2012.03.26 11:25:18 | 000,173,624 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\codecs\qjpcodecs4.dll
MOD - [2012.03.22 11:01:12 | 001,969,080 | ---- | M] () -- C:\Programy\Mozilla Firefox\mozjs.dll
MOD - [2012.02.09 21:05:16 | 000,360,768 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2011.12.01 00:34:31 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011.03.02 12:40:52 | 000,140,288 | ---- | M] () -- C:\Programy\WinRAR\RarExt.dll
MOD - [2005.05.03 13:38:42 | 000,064,512 | ---- | M] () -- C:\Windows\System32\P17.DLL
========== Win32 Services (SafeList) ==========
SRV - [2012.04.22 23:02:48 | 001,983,232 | ---- | M] (COMODO) [Auto | Running] -- C:\Programy\Ochrana PC\Comodo Firewall\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programy\Ochrana PC\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.02.10 06:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.02.09 21:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.01.04 14:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Programy\Ochrana PC\SAS\SASCore.exe -- (!SASCORE)
SRV - [2008.05.21 13:42:56 | 000,064,000 | ---- | M] (Creative Technology Ltd) [On_Demand | Stopped] -- C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe -- (CTUPnPSv)
SRV - [2008.01.19 00:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.04.02 08:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe -- (CTDevice_Srv)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgvmodem.sys -- (LGVMODEM)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgbtbus.sys -- (lgbusenum)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgbtport.sys -- (LgBttPort)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012.03.11 23:13:29 | 000,082,400 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect)
DRV - [2012.03.11 23:13:28 | 000,038,616 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2012.03.11 23:13:26 | 000,491,816 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2012.03.07 01:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.03.07 01:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.03.07 01:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012.03.07 01:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.03.07 01:01:48 | 000,057,688 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.03.07 01:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.02.10 06:13:00 | 010,816,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011.11.01 11:07:26 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011.11.01 11:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.11.01 11:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.11.01 11:07:24 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2011.11.01 11:07:24 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.11.01 11:07:24 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2011.09.21 11:25:34 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz135_x32.sys -- (cpuz135)
DRV - [2011.07.22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programy\Ochrana PC\SAS\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programy\Ochrana PC\SAS\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011.05.17 19:53:24 | 000,057,312 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hotcore3.sys -- (hotcore3)
DRV - [2011.02.20 10:22:55 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2010.06.23 10:21:32 | 000,259,176 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2010.05.12 13:23:04 | 000,016,896 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\FlashUSB.sys -- (FlashUSB)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.06.13 17:47:12 | 000,048,256 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\jraid.sys -- (JRAID)
DRV - [2007.04.10 23:46:53 | 001,966,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VX1000.sys -- (VX1000)
DRV - [2007.02.05 10:10:34 | 001,122,304 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\P17.sys -- (P17)
DRV - [2005.01.10 12:15:30 | 000,106,496 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTOSS2K.SYS -- (ossrv)
DRV - [2005.01.10 12:15:24 | 000,138,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTSFM2K.SYS -- (ctsfm2k)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\..\SearchScopes,DefaultScope = {00F12E6E-F4D9-4A27-A245-BA75618961F4}
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\..\SearchScopes\{00F12E6E-F4D9-4A27-A245-BA75618961F4}: "URL" = http://www.google.com/search?q={searchT ... f8&oe=utf8
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatche ... tbid=60342
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: elemhidehelper@adblockplus.org:1.1.1
FF - prefs.js..extensions.enabledItems: cs@dictionaries.addons.mozilla.org:1.0.2
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8
FF - prefs.js..extensions.enabledItems: {89506680-e3f4-484c-a2c0-ed711d481eda}:0.9.5.6
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.1
FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.12
FF - prefs.js..extensions.enabledItems: {6e84150a-d526-41f1-a480-a67d3fed910d}:1.4.5.1
FF - prefs.js..extensions.enabledItems: locationbar2@design-noir.de:1.0.6
FF - prefs.js..extensions.enabledItems: noia2_option@kk.noia:3.76
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2c}:0.6.4
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.2
FF - prefs.js..extensions.enabledItems: {EF522540-89F5-46b9-B6FE-1829E2B572C6}:5.0.1
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.5
FF - prefs.js..extensions.enabledItems: {95f24680-9e31-11da-a746-0800200c9a66}:0.1.5.5
FF - prefs.js..extensions.enabledItems: contact@searchfiles.de:1.3
FF - prefs.js..extensions.enabledItems: mgDownloadHelper@yevgenyandrov.net:1.0.2
FF - prefs.js..extensions.enabledItems: {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76
FF - prefs.js..keyword.enabled: false
FF - user.js..browser.search.openintab: false
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programy\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.8: C:\Programy\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programy\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\aost\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\aost\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fe_9.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0 [2012.01.19 00:38:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Programy\Ochrana PC\AVAST Software\Avast\WebRep\FF [2012.04.21 20:39:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2012.04.23 22:18:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Programy\Mozilla Firefox\components [2012.03.22 11:01:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Programy\Mozilla Firefox\plugins [2012.01.17 00:28:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_9.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012.01.19 00:38:13 | 000,000,000 | ---D | M]
[2011.09.21 23:49:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aost\AppData\Roaming\Mozilla\Extensions
[2011.03.05 23:14:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aost\AppData\Roaming\Mozilla\Extensions-BackupByFirefoxPortable
[2011.03.05 23:14:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aost\AppData\Roaming\Mozilla\Extensions-BackupByFirefoxPortable\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.02.20 13:43:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aost\AppData\Roaming\Mozilla\Extensions-BackupByFirefoxPortable\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2012.04.23 21:31:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default\extensions
[2011.12.08 13:02:55 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2012.03.18 16:49:53 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2011.02.20 18:34:21 | 000,000,000 | ---D | M] (PDF Download) -- C:\Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2011.02.20 18:34:20 | 000,000,000 | ---D | M] (ÄŚeskĂ© slovnĂky pro kontrolu pravopisu) -- C:\Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default\extensions\cs@dictionaries.addons.mozilla.org
[2012.04.21 20:39:11 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAMY\OCHRANA PC\AVAST SOFTWARE\AVAST\WEBREP\FF
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\{6E84150A-D526-41F1-A480-A67D3FED910D}.XPI
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\{EF522540-89F5-46B9-B6FE-1829E2B572C6}.XPI
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\ARTUR.DUBOVOY@GMAIL.COM.XPI
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\BROWSERPROTECT@BROWSERPROTECT.COM.XPI
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\NOIA4OPTIONS@ARIST2.XPI
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\PRINTPRINTPREVIEW-ANDREWSFIREFOXEXTENSIONS@GMAIL.COM.XPI
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\aost\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\aost\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\aost\AppData\Local\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\aost\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Mixesoft Click&Clean Plug-In (Enabled) = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.8.3.0_0\plugin/npccch32.dll
CHR - plugin: Bitdefender QuickScan (Enabled) = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.8.3.0_0\plugin/npqscan.dll
CHR - plugin: Chrome IE Tab (Enabled) = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\2.11.30.1_0\plugin/blackfishietab.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programy\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Programy\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Winamp Application Detector (Enabled) = C:\Programy\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Picasa (Enabled) = C:\Programy\Google\Picasa3\npPicasa3.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Programy\VideoLAN\VLC\npvlc.dll
CHR - plugin: Google Update (Enabled) = C:\Users\aost\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Click&Clean = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.8.3.0_0\
CHR - Extension: AdBlock = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.25_0\
CHR - Extension: IE Tab = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\2.11.30.1_0\
CHR - Extension: avast! WebRep = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Downloads = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfchnphgogjhineanplmfkofljiagjfb\1_0\
CHR - Extension: SaferChrome = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgpkjjingioekjianemgdobchenebhek\0.2.1_0\
CHR - Extension: Black Op [Aero] = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpgmeklahbkoneancafimbbpbhechch\1.9_0\
O1 HOSTS File: ([2012.04.23 21:07:35 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programy\Ochrana PC\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programy\Ochrana PC\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Programy\Ochrana PC\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Programy\Ochrana PC\Comodo Firewall\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [P17Helper] C:\Windows\System32\P17.DLL ()
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Programy\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programy\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.248.0.100 212.158.128.2 212.158.128.3
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5CBA99FF-662E-4386-8E41-28E95A1BFEB8}: DhcpNameServer = 10.248.0.100 212.158.128.2 212.158.128.3
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Programy\Ochrana PC\SAS\SASWINLO.DLL) - C:\Programy\Ochrana PC\SAS\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Users\aost\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\aost\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programy\Ochrana PC\SAS\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{678224aa-4402-11e0-b6f6-001a4d59497c}\Shell - "" = AutoRun
O33 - MountPoints2\{678224aa-4402-11e0-b6f6-001a4d59497c}\Shell\AutoRun\command - "" = F:\USBAutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\USBAutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.04.23 22:18:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia PC Suite
[2012.04.23 22:18:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PCSuite
[2012.04.23 21:07:11 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.04.22 23:57:27 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\aost\Desktop\OTL.exe
[2012.04.22 23:03:37 | 000,033,984 | ---- | C] (COMODO) -- C:\Windows\System32\cmdcsr.dll
[2012.04.22 22:59:25 | 000,000,000 | ---D | C] -- C:\rsit
[2012.04.22 22:33:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
[2012.04.21 22:45:00 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.04.21 21:31:34 | 000,000,000 | ---D | C] -- C:\Users\aost\AppData\Roaming\HandBrake
[2012.04.21 21:30:33 | 000,000,000 | ---D | C] -- C:\Users\aost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake
[2012.04.21 21:30:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
[2012.04.21 20:54:42 | 000,000,000 | ---D | C] -- C:\Users\aost\AppData\Roaming\CheckPoint
[2012.04.21 20:46:10 | 000,000,000 | ---D | C] -- C:\Users\aost\AppData\Roaming\SUPERAntiSpyware.com
[2012.04.21 20:45:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012.04.21 20:45:06 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012.04.21 20:39:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012.04.21 20:39:32 | 000,337,880 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012.04.21 20:39:32 | 000,020,696 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012.04.21 20:39:30 | 000,035,672 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2012.04.21 20:39:29 | 000,053,848 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012.04.21 20:39:28 | 000,612,184 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012.04.21 20:39:26 | 000,057,688 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012.04.21 20:39:03 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.04.21 20:39:02 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012.04.21 20:38:47 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2012.04.24 18:59:42 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.04.24 18:28:03 | 000,004,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.24 18:28:03 | 000,004,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.24 10:28:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.23 22:18:47 | 000,001,903 | ---- | M] () -- C:\Users\Public\Desktop\Nokia PC Suite.lnk
[2012.04.23 21:07:35 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2012.04.22 23:57:32 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\aost\Desktop\OTL.exe
[2012.04.22 22:33:18 | 000,001,973 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2012.04.21 22:35:44 | 000,000,083 | -HS- | M] () -- C:\ProgramData\.zreglib
[2012.04.21 21:30:34 | 000,000,697 | ---- | M] () -- C:\Users\aost\Desktop\Handbrake.lnk
[2012.04.21 21:10:58 | 000,000,578 | ---- | M] () -- C:\Users\aost\AppData\Roaming\AutoGK.ini
[2012.04.21 20:49:56 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.04.21 20:45:08 | 000,001,711 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.04.21 20:43:23 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012.04.21 20:43:23 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012.04.21 20:39:33 | 000,001,863 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.04.23 22:18:47 | 000,001,903 | ---- | C] () -- C:\Users\Public\Desktop\Nokia PC Suite.lnk
[2012.04.23 00:08:35 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.04.22 22:33:18 | 000,001,973 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2012.04.21 21:30:34 | 000,000,697 | ---- | C] () -- C:\Users\aost\Desktop\Handbrake.lnk
[2012.04.21 20:45:08 | 000,001,711 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.04.21 20:43:23 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012.04.21 20:43:23 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012.04.21 20:39:33 | 000,001,863 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.04.14 23:38:12 | 000,000,952 | ---- | C] () -- C:\Users\aost\AppData\Local\SRDownloader.nast
[2012.04.14 23:36:55 | 000,000,310 | ---- | C] () -- C:\Users\aost\AppData\Local\SRDownloader.err
[2012.02.26 12:29:53 | 000,000,083 | -HS- | C] () -- C:\ProgramData\.zreglib
[2012.02.26 12:14:35 | 000,000,578 | ---- | C] () -- C:\Users\aost\AppData\Roaming\AutoGK.ini
[2012.02.09 21:05:44 | 000,416,064 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011.12.27 00:22:37 | 000,000,036 | ---- | C] () -- C:\Windows\mafosav.INI
[2011.12.03 23:23:49 | 000,048,681 | ---- | C] () -- C:\Users\aost\AppData\Roaming\mdbu.bin
[2011.04.10 17:24:20 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2011.04.10 17:24:19 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2011.04.10 17:24:19 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2011.04.10 17:24:19 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2011.04.10 17:24:19 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2011.04.10 17:24:19 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2011.04.10 17:24:19 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2011.04.10 17:24:19 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2011.04.10 17:24:19 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2011.04.10 17:24:19 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2011.04.10 17:24:19 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2011.04.10 17:24:19 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2011.04.10 17:24:19 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2011.04.10 17:24:19 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2011.04.10 17:24:19 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2011.04.10 17:24:19 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2011.04.10 17:24:19 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2011.04.10 17:24:19 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2011.04.10 17:24:19 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2011.04.10 17:20:19 | 000,000,026 | ---- | C] () -- C:\Windows\CDEDX7400EXPORT.ini
[2011.03.02 21:41:27 | 001,474,832 | ---- | C] () -- C:\Windows\System32\drivers\sfi.dat
[2011.03.01 21:54:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2011.03.01 21:54:26 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2011.02.22 21:03:19 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2011.02.20 17:01:01 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011.02.20 17:00:19 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011.02.20 17:00:19 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011.02.20 16:01:15 | 000,033,280 | ---- | C] () -- C:\Users\aost\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.20 13:43:33 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.02.20 10:34:33 | 000,005,627 | R--- | C] () -- C:\Windows\System32\Ludap17.ini
[2011.02.20 10:34:33 | 000,000,039 | R--- | C] () -- C:\Windows\System32\ctzapxx.ini
[2011.02.20 10:06:47 | 000,203,328 | R--- | C] () -- C:\Windows\GSetup.exe
[2011.02.20 10:06:47 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011.02.20 01:00:03 | 000,000,680 | ---- | C] () -- C:\Users\aost\AppData\Local\d3d9caps.dat
========== LOP Check ==========
[2011.10.18 22:45:44 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Canneverbe Limited
[2012.04.22 22:29:32 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\CheckPoint
[2011.03.02 22:37:00 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Digiarty
[2012.01.25 23:55:58 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\EPSON
[2012.02.29 19:31:38 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\GHISLER
[2012.04.13 11:03:07 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\gtk-2.0
[2012.04.21 21:31:46 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\HandBrake
[2011.03.01 22:34:36 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\LG Electronics
[2012.04.24 10:29:32 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Nokia
[2011.04.03 00:05:21 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Nokia Ovi Suite
[2012.02.24 18:19:30 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\PC Suite
[2011.04.09 00:10:09 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Rajce
[2011.03.05 23:14:35 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Thunderbird
[2011.07.20 23:04:23 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Ulozto File Manager
[2012.04.23 23:31:18 | 000,032,560 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: ATAPI.SYS >
[2009.04.11 00:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 00:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 00:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.19 00:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 00:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2011.02.20 11:18:22 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2011.02.20 11:18:22 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2011.02.20 11:18:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.04.11 00:27:22 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009.04.11 00:27:22 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.19 00:33:02 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2006.11.02 11:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_dfbd2b4dc4d6121b\autochk.exe
< MD5 for: CDROM.SYS >
[2008.01.18 22:49:52 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.18 22:49:52 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.10 22:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009.04.10 22:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009.04.10 22:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.20 11:17:48 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2011.02.20 11:17:48 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2011.02.20 11:17:47 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2011.02.20 11:35:17 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2011.02.20 11:35:17 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009.04.11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2011.02.20 11:17:48 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 00:33:12 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: HAL.DLL >
[2009.04.11 00:32:48 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll
< MD5 for: SCECLI.DLL >
[2008.01.19 00:36:20 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.11 00:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 00:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: SVCHOST.EXE >
[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008.01.19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
< MD5 for: TCPIP.SYS >
[2009.04.11 00:33:04 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2011.09.20 23:02:55 | 000,913,280 | ---- | M] (Microsoft Corporation) MD5=16731B631F28F63CD9F4CB60940E7DDD -- C:\Windows\System32\drivers\tcpip.sys
[2011.09.20 23:02:55 | 000,913,280 | ---- | M] (Microsoft Corporation) MD5=16731B631F28F63CD9F4CB60940E7DDD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_b58c64c97caa1c43\tcpip.sys
[2011.02.20 11:36:12 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2011.02.20 11:36:08 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2011.06.17 22:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[2011.02.20 11:11:45 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2011.02.20 11:11:44 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2011.02.20 11:36:12 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2011.02.20 11:11:45 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2011.02.20 11:11:45 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2011.02.20 11:16:45 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
[2011.02.20 11:16:46 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
[2008.02.23 04:41:29 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=61B7D6702B0E9F8515A8BE9DB99D624B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20778_none_5fe546ddab8247e0\tcpip.sys
[2010.06.16 17:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2011.02.20 11:36:10 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2011.06.17 22:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[2010.06.16 18:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2008.02.23 06:41:37 | 000,890,936 | ---- | M] (Microsoft Corporation) MD5=6E478D65CE91984E75298C30FAEDCEBB -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22121_none_b3930f8f7f9331f9\tcpip.sys
[2010.06.16 17:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2011.09.20 23:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_b502c618638c7f52\tcpip.sys
[2011.02.20 11:36:09 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2011.02.20 11:11:44 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010.06.16 18:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2010.04.05 19:03:01 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=A6A02EF5B5E40FBD31A1ADC577DA54BB -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys
[2010.04.05 22:00:48 | 000,910,208 | ---- | M] (Microsoft Corporation) MD5=CC9993701AC57F995554C696DDA49C12 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22377_none_b5497d157cdc9c9f\tcpip.sys
[2006.11.02 10:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
[2011.02.20 11:11:44 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2008.01.19 00:43:40 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2011.02.20 11:36:10 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.01.19 00:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.19 00:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 00:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 00:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 00:33:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< >
< %systemroot%*.* /U /s >
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.02.24 21:32:28 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Adobe
[2011.10.18 22:45:44 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Canneverbe Limited
[2012.04.22 22:29:32 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\CheckPoint
[2011.04.26 22:19:07 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Creative
[2011.03.02 22:37:00 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Digiarty
[2011.03.01 00:51:36 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\dvdcss
[2012.01.25 23:55:58 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\EPSON
[2012.02.29 19:31:38 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\GHISLER
[2012.04.13 11:03:07 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\gtk-2.0
[2012.04.21 21:31:46 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\HandBrake
[2011.02.20 01:00:13 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Identities
[2011.02.20 10:15:07 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\InstallShield
[2011.03.01 22:34:36 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\LG Electronics
[2011.02.21 22:59:49 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Macromedia
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Media Center Programs
[2012.02.26 14:30:38 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Media Player Classic
[2012.02.24 19:30:38 | 000,000,000 | --SD | M] -- C:\Users\aost\AppData\Roaming\Microsoft
[2011.09.21 23:49:46 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Mozilla
[2012.04.24 10:29:32 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Nokia
[2011.04.03 00:05:21 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Nokia Ovi Suite
[2012.02.24 18:19:30 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\PC Suite
[2011.04.09 00:10:09 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Rajce
[2011.02.23 00:48:05 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Skype
[2011.02.22 21:03:18 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\skypePM
[2012.04.21 20:46:10 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\SUPERAntiSpyware.com
[2011.03.05 23:14:35 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Thunderbird
[2011.07.20 23:04:23 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Ulozto File Manager
[2011.06.30 23:17:22 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\vlc
[2012.04.21 21:12:26 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Winamp
[2011.06.01 21:36:54 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2011.01.24 13:53:52 | 001,055,232 | ---- | M] (Digiarty Software) -- C:\Users\aost\AppData\Roaming\Digiarty\DAPlayer\DAUpdate.exe
[2012.02.24 19:30:38 | 000,053,248 | R--- | M] (Flexera Software, Inc.) -- C:\Users\aost\AppData\Roaming\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\ARPPRODUCTICON.exe
[2012.02.24 19:30:38 | 000,049,152 | R--- | M] (Flexera Software, Inc.) -- C:\Users\aost\AppData\Roaming\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
[2012.02.24 19:30:38 | 000,073,728 | R--- | M] (Flexera Software, Inc.) -- C:\Users\aost\AppData\Roaming\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\NewShortcut46_74B9CE5DF1F4447F982DCA29A461B529.exe
[2012.02.24 19:30:38 | 000,073,728 | R--- | M] (Flexera Software, Inc.) -- C:\Users\aost\AppData\Roaming\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\NewShortcut47_74B9CE5DF1F4447F982DCA29A461B529.exe
[2012.02.24 19:30:38 | 000,049,152 | R--- | M] (Flexera Software, Inc.) -- C:\Users\aost\AppData\Roaming\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
[2009.06.04 13:51:24 | 001,413,256 | R--- | M] () -- C:\Users\aost\AppData\Roaming\Microsoft\Windows\Templates\F\USBAutoRun.exe
[2009.06.04 13:51:24 | 001,413,256 | R--- | M] () -- C:\Users\aost\AppData\Roaming\Microsoft\Windows\Templates\J\USBAutoRun.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 12:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.04.24 18:28:03 | 000,004,848 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.24 18:28:03 | 000,004,848 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.21 20:49:56 | 000,002,577 | ---- | M] () -- C:\Windows\system32\config.nt
[2012.04.23 08:27:43 | 001,418,258 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ehTray.exe" = C:\Windows\ehome\ehTray.exe -- [2008.01.19 00:33:10 | 000,125,952 | ---- | M] (Microsoft Corporation)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2011.03.20 09:00:48 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.04.24 18:59:42 | 000,000,512 | ---- | M] () MD5=AAD33C7C181A0EDF4F7D83157CCF6F29 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2012.02.05 20:10:38 | 000,062,238 | ---- | M] () -- \Program Files\GIMP-2.0\share\gimp\2.0\patterns\cracked.pat
< *keygen* /s >
< *loader* /s >
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2011.11.11 13:20:12 | 000,112,128 | ---- | M] () -- \Program Files\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2006.12.15 14:31:20 | 000,114,688 | ---- | M] () -- \Program Files\epson\Creativity Suite\Easy Photo Print\APFLoaderV13.dll
[2004.04.21 17:09:00 | 000,069,632 | ---- | M] () -- \Program Files\epson\Creativity Suite\Easy Photo Print\EpAPFLoader.dll
[2006.02.28 19:02:04 | 000,102,400 | ---- | M] () -- \Program Files\epson\Creativity Suite\Easy Photo Print\EpAPFLoader2006.dll
[2010.02.07 21:40:00 | 000,000,543 | ---- | M] () -- \Program Files\GIMP-2.0\etc\gtk-2.0\gdk-pixbuf.loaders
[2009.12.15 17:58:18 | 000,017,056 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2009.12.15 17:58:20 | 000,018,592 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2009.12.15 17:58:24 | 000,026,272 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2009.12.15 17:58:26 | 000,012,960 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2009.12.15 17:58:28 | 000,017,568 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2009.12.15 17:58:56 | 000,019,616 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2009.12.15 17:59:04 | 000,015,008 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2009.12.15 17:59:06 | 000,019,104 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2009.12.15 17:59:10 | 000,017,056 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2009.12.15 17:59:14 | 000,012,448 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2009.12.15 17:59:16 | 000,016,544 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2009.12.15 17:59:20 | 000,016,544 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2009.12.15 17:59:22 | 000,011,936 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2009.12.15 17:59:24 | 000,013,984 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2009.12.15 17:59:28 | 000,028,320 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2009.05.01 19:42:00 | 000,009,880 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2012.03.26 10:53:30 | 000,002,560 | ---- | M] () -- \Program Files\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2011.10.17 15:10:26 | 000,071,528 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011.11.06 12:09:52 | 000,083,816 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2011.11.24 12:01:02 | 000,001,539 | ---- | M] () -- \Programy\HF Designer\Loader.elf
[2011.11.24 12:00:54 | 000,602,816 | ---- | M] () -- \Programy\HF Designer\Loader.exe
[2012.04.14 23:37:33 | 000,000,310 | ---- | M] () -- \Users\aost\AppData\Local\SRDownloader.err
[2012.04.14 23:44:08 | 000,000,952 | ---- | M] () -- \Users\aost\AppData\Local\SRDownloader.nast
[2011.09.01 13:13:30 | 000,112,128 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-1583777143-300269307-4166726652-1000\CBEC1D2927C7FCE4FB6C1C13FEF36E7A\3.3.86\ta_productapiloader..D321D6CC_DBBE_4AC3_8DBD_DFF82BB39BDC
[2008.01.19 00:34:06 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[1 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2011.02.21 11:49:30 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50.manifest
[2011.02.21 11:49:30 | 000,026,112 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50_winload.exe.mui_3bc5b827
[2011.02.21 11:49:30 | 000,016,384 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50_winresume.exe.mui_ff8b5358
[2011.02.20 16:09:13 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2011.02.20 16:09:13 | 000,027,648 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winload.exe.mui_3bc5b827
[2011.02.20 16:09:13 | 000,019,968 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winresume.exe.mui_ff8b5358
[2011.02.20 17:14:39 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2011.02.20 17:14:39 | 000,986,600 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winload.exe_75835076
[2011.02.20 17:14:39 | 000,926,184 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winresume.exe_85cd1215
[2011.02.20 16:09:18 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2011.02.20 16:09:18 | 000,021,048 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2_spldr.sys_98bd87a0
[2011.02.20 01:55:29 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_de-de_cb9c6772f81a418b.manifest
[2011.02.20 01:55:06 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50.manifest
[2011.02.20 01:55:42 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_es-es_74589a4fe71f3ef5.manifest
[2011.02.20 01:55:07 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_fr-fr_1710104ed9f15557.manifest
[2011.02.20 01:56:12 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_it-it_01380695b1233ad5.manifest
[2011.02.20 01:56:16 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_ja-jp_a35d85a2a43e4cb0.manifest
[2011.02.20 01:56:36 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_nl-nl_2d992eca70004957.manifest
[2011.02.20 01:55:28 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_de-de_cbf6c366115bebbd.manifest
[2011.02.20 01:55:05 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_en-us_74e7995f0039f782.manifest
[2011.02.20 01:55:42 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_es-es_74b2f6430060e927.manifest
[2011.02.20 01:55:07 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_fr-fr_176a6c41f332ff89.manifest
[2011.02.20 01:56:11 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_it-it_01926288ca64e507.manifest
[2011.02.20 01:56:15 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_ja-jp_a3b7e195bd7ff6e2.manifest
[2011.02.20 01:56:36 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_nl-nl_2df38abd8941f389.manifest
[2008.01.19 05:14:52 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2011.02.20 01:54:55 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.16646_none_591b3d986f9b5725.manifest
[2011.02.20 01:54:55 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.20782_none_5975998b88dd0157.manifest
[2008.01.19 01:00:00 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18000_none_5b26ba326ca6e048.manifest
[2011.02.20 01:54:34 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b.manifest
[2011.02.20 01:54:34 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.22125_none_5b9fb89785d036a7.manifest
[2009.04.11 01:12:44 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2006.11.02 12:13:06 | 000,003,970 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6000.16386_none_68fc663d5430d3de.manifest
[2008.01.19 01:05:22 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2006.11.02 14:34:33 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6000.16386_none_43bd59f592b7be86\dmloader.dll
[2008.01.19 00:34:06 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmloader.dll
[2008.01.19 00:34:06 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmloader.dll
< >
< HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows >
"AppInit_DLLs" = C:\Windows\system32\guard32.dll -- [2012.03.11 23:13:18 | 000,301,224 | ---- | M] (COMODO)
"LoadAppInit_DLLs" = 1
"IconServiceLib" = IconCodecService.dll -- [2006.11.02 14:34:33 | 000,009,728 | ---- | M] (Microsoft Corporation)
"DdeSendTimeout" = 0
"DesktopHeapLogging" = 1
"GDIProcessHandleQuota" = 10000
"ShutdownWarningDialogTimeout" = -1
"USERPostMessageLimit" = 10000
"USERProcessHandleQuota" = 10000
"" = mnmsrvc
"DeviceNotSelectedTimeout" = 15
"Spooler" = yes
"TransmissionRetryTimeout" = 90
"USERNestedWindowLimit" = 50
< C:\Windows\system32\guard32.dll /md5 >
[2012.03.11 23:13:18 | 000,301,224 | ---- | M] (COMODO) MD5=34ABDA6C1C69E54400C670D5CAC6AFA6 -- C:\Windows\system32\guard32.dll
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< End of report >
posílám nový log z OTL:
OTL logfile created on: 24.4.2012 18:58:11 - Run 2
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\aost\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 0,97 Gb Available Physical Memory | 48,64% Memory free
4,24 Gb Paging File | 3,03 Gb Available in Paging File | 71,46% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 43,95 Gb Total Space | 14,66 Gb Free Space | 33,36% Space Free | Partition Type: NTFS
Drive D: | 188,94 Gb Total Space | 154,75 Gb Free Space | 81,91% Space Free | Partition Type: NTFS
Computer Name: AOST-PC | User Name: aost | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.04.22 23:57:32 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\aost\Desktop\OTL.exe
PRC - [2012.04.22 23:02:48 | 001,983,232 | ---- | M] (COMODO) -- C:\Programy\Ochrana PC\Comodo Firewall\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2012.03.26 11:25:02 | 001,162,296 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PcSync2.exe
PRC - [2012.03.26 11:24:58 | 001,516,600 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2012.03.22 11:01:12 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Programy\Mozilla Firefox\firefox.exe
PRC - [2012.03.11 23:13:00 | 006,749,512 | ---- | M] (COMODO) -- C:\Programy\Ochrana PC\Comodo Firewall\COMODO\COMODO Internet Security\cfp.exe
PRC - [2012.03.07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Programy\Ochrana PC\AVAST Software\Avast\AvastUI.exe
PRC - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Programy\Ochrana PC\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.02.10 06:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.02.10 05:02:27 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012.02.10 05:02:07 | 000,857,408 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2012.02.09 21:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.01.04 14:32:36 | 000,718,888 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2012.01.04 14:32:18 | 000,173,096 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2012.01.04 14:32:10 | 000,126,504 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Programy\Ochrana PC\SAS\SASCore.exe
PRC - [2009.04.11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.05.22 15:05:06 | 000,474,624 | ---- | M] (Nokia Corporation) -- C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
PRC - [2007.04.02 08:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe
========== Modules (No Company Name) ==========
MOD - [2012.03.26 11:25:32 | 000,345,656 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtXml4.dll
MOD - [2012.03.26 11:25:32 | 000,282,168 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtSvg4.dll
MOD - [2012.03.26 11:25:26 | 008,197,176 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtGUI4.dll
MOD - [2012.03.26 11:25:26 | 002,302,008 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtCore4.dll
MOD - [2012.03.26 11:25:24 | 000,027,704 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
MOD - [2012.03.26 11:25:22 | 000,202,296 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
MOD - [2012.03.26 11:25:20 | 000,042,552 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\iconengines\qsvgicon4.dll
MOD - [2012.03.26 11:25:18 | 000,173,624 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\codecs\qjpcodecs4.dll
MOD - [2012.03.22 11:01:12 | 001,969,080 | ---- | M] () -- C:\Programy\Mozilla Firefox\mozjs.dll
MOD - [2012.02.09 21:05:16 | 000,360,768 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2011.12.01 00:34:31 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011.03.02 12:40:52 | 000,140,288 | ---- | M] () -- C:\Programy\WinRAR\RarExt.dll
MOD - [2005.05.03 13:38:42 | 000,064,512 | ---- | M] () -- C:\Windows\System32\P17.DLL
========== Win32 Services (SafeList) ==========
SRV - [2012.04.22 23:02:48 | 001,983,232 | ---- | M] (COMODO) [Auto | Running] -- C:\Programy\Ochrana PC\Comodo Firewall\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programy\Ochrana PC\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.02.10 06:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.02.09 21:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.01.04 14:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Programy\Ochrana PC\SAS\SASCore.exe -- (!SASCORE)
SRV - [2008.05.21 13:42:56 | 000,064,000 | ---- | M] (Creative Technology Ltd) [On_Demand | Stopped] -- C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe -- (CTUPnPSv)
SRV - [2008.01.19 00:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.04.02 08:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe -- (CTDevice_Srv)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgvmodem.sys -- (LGVMODEM)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgbtbus.sys -- (lgbusenum)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgbtport.sys -- (LgBttPort)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012.03.11 23:13:29 | 000,082,400 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect)
DRV - [2012.03.11 23:13:28 | 000,038,616 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2012.03.11 23:13:26 | 000,491,816 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2012.03.07 01:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.03.07 01:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.03.07 01:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012.03.07 01:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.03.07 01:01:48 | 000,057,688 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.03.07 01:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.02.10 06:13:00 | 010,816,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011.11.01 11:07:26 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011.11.01 11:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.11.01 11:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.11.01 11:07:24 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2011.11.01 11:07:24 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.11.01 11:07:24 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2011.09.21 11:25:34 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz135_x32.sys -- (cpuz135)
DRV - [2011.07.22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programy\Ochrana PC\SAS\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programy\Ochrana PC\SAS\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011.05.17 19:53:24 | 000,057,312 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hotcore3.sys -- (hotcore3)
DRV - [2011.02.20 10:22:55 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2010.06.23 10:21:32 | 000,259,176 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2010.05.12 13:23:04 | 000,016,896 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\FlashUSB.sys -- (FlashUSB)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.06.13 17:47:12 | 000,048,256 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\jraid.sys -- (JRAID)
DRV - [2007.04.10 23:46:53 | 001,966,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VX1000.sys -- (VX1000)
DRV - [2007.02.05 10:10:34 | 001,122,304 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\P17.sys -- (P17)
DRV - [2005.01.10 12:15:30 | 000,106,496 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTOSS2K.SYS -- (ossrv)
DRV - [2005.01.10 12:15:24 | 000,138,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTSFM2K.SYS -- (ctsfm2k)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\..\SearchScopes,DefaultScope = {00F12E6E-F4D9-4A27-A245-BA75618961F4}
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\..\SearchScopes\{00F12E6E-F4D9-4A27-A245-BA75618961F4}: "URL" = http://www.google.com/search?q={searchT ... f8&oe=utf8
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatche ... tbid=60342
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1583777143-300269307-4166726652-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: elemhidehelper@adblockplus.org:1.1.1
FF - prefs.js..extensions.enabledItems: cs@dictionaries.addons.mozilla.org:1.0.2
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8
FF - prefs.js..extensions.enabledItems: {89506680-e3f4-484c-a2c0-ed711d481eda}:0.9.5.6
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.1
FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.12
FF - prefs.js..extensions.enabledItems: {6e84150a-d526-41f1-a480-a67d3fed910d}:1.4.5.1
FF - prefs.js..extensions.enabledItems: locationbar2@design-noir.de:1.0.6
FF - prefs.js..extensions.enabledItems: noia2_option@kk.noia:3.76
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2c}:0.6.4
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.2
FF - prefs.js..extensions.enabledItems: {EF522540-89F5-46b9-B6FE-1829E2B572C6}:5.0.1
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.5
FF - prefs.js..extensions.enabledItems: {95f24680-9e31-11da-a746-0800200c9a66}:0.1.5.5
FF - prefs.js..extensions.enabledItems: contact@searchfiles.de:1.3
FF - prefs.js..extensions.enabledItems: mgDownloadHelper@yevgenyandrov.net:1.0.2
FF - prefs.js..extensions.enabledItems: {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76
FF - prefs.js..keyword.enabled: false
FF - user.js..browser.search.openintab: false
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programy\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.8: C:\Programy\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programy\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\aost\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\aost\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fe_9.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0 [2012.01.19 00:38:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Programy\Ochrana PC\AVAST Software\Avast\WebRep\FF [2012.04.21 20:39:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2012.04.23 22:18:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Programy\Mozilla Firefox\components [2012.03.22 11:01:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Programy\Mozilla Firefox\plugins [2012.01.17 00:28:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_9.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012.01.19 00:38:13 | 000,000,000 | ---D | M]
[2011.09.21 23:49:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aost\AppData\Roaming\Mozilla\Extensions
[2011.03.05 23:14:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aost\AppData\Roaming\Mozilla\Extensions-BackupByFirefoxPortable
[2011.03.05 23:14:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aost\AppData\Roaming\Mozilla\Extensions-BackupByFirefoxPortable\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.02.20 13:43:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aost\AppData\Roaming\Mozilla\Extensions-BackupByFirefoxPortable\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2012.04.23 21:31:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default\extensions
[2011.12.08 13:02:55 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2012.03.18 16:49:53 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2011.02.20 18:34:21 | 000,000,000 | ---D | M] (PDF Download) -- C:\Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2011.02.20 18:34:20 | 000,000,000 | ---D | M] (ÄŚeskĂ© slovnĂky pro kontrolu pravopisu) -- C:\Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default\extensions\cs@dictionaries.addons.mozilla.org
[2012.04.21 20:39:11 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAMY\OCHRANA PC\AVAST SOFTWARE\AVAST\WEBREP\FF
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\{6E84150A-D526-41F1-A480-A67D3FED910D}.XPI
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\{EF522540-89F5-46B9-B6FE-1829E2B572C6}.XPI
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\ARTUR.DUBOVOY@GMAIL.COM.XPI
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\BROWSERPROTECT@BROWSERPROTECT.COM.XPI
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\NOIA4OPTIONS@ARIST2.XPI
() (No name found) -- C:\USERS\AOST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8EI174U.DEFAULT\EXTENSIONS\PRINTPRINTPREVIEW-ANDREWSFIREFOXEXTENSIONS@GMAIL.COM.XPI
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\aost\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\aost\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\aost\AppData\Local\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\aost\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Mixesoft Click&Clean Plug-In (Enabled) = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.8.3.0_0\plugin/npccch32.dll
CHR - plugin: Bitdefender QuickScan (Enabled) = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.8.3.0_0\plugin/npqscan.dll
CHR - plugin: Chrome IE Tab (Enabled) = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\2.11.30.1_0\plugin/blackfishietab.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programy\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Programy\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Winamp Application Detector (Enabled) = C:\Programy\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Picasa (Enabled) = C:\Programy\Google\Picasa3\npPicasa3.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Programy\VideoLAN\VLC\npvlc.dll
CHR - plugin: Google Update (Enabled) = C:\Users\aost\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Click&Clean = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.8.3.0_0\
CHR - Extension: AdBlock = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.25_0\
CHR - Extension: IE Tab = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\2.11.30.1_0\
CHR - Extension: avast! WebRep = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Downloads = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfchnphgogjhineanplmfkofljiagjfb\1_0\
CHR - Extension: SaferChrome = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgpkjjingioekjianemgdobchenebhek\0.2.1_0\
CHR - Extension: Black Op [Aero] = C:\Users\aost\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpgmeklahbkoneancafimbbpbhechch\1.9_0\
O1 HOSTS File: ([2012.04.23 21:07:35 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programy\Ochrana PC\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programy\Ochrana PC\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Programy\Ochrana PC\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Programy\Ochrana PC\Comodo Firewall\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [P17Helper] C:\Windows\System32\P17.DLL ()
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Programy\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programy\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.248.0.100 212.158.128.2 212.158.128.3
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5CBA99FF-662E-4386-8E41-28E95A1BFEB8}: DhcpNameServer = 10.248.0.100 212.158.128.2 212.158.128.3
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Programy\Ochrana PC\SAS\SASWINLO.DLL) - C:\Programy\Ochrana PC\SAS\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Users\aost\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\aost\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programy\Ochrana PC\SAS\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{678224aa-4402-11e0-b6f6-001a4d59497c}\Shell - "" = AutoRun
O33 - MountPoints2\{678224aa-4402-11e0-b6f6-001a4d59497c}\Shell\AutoRun\command - "" = F:\USBAutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\USBAutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.04.23 22:18:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia PC Suite
[2012.04.23 22:18:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PCSuite
[2012.04.23 21:07:11 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.04.22 23:57:27 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\aost\Desktop\OTL.exe
[2012.04.22 23:03:37 | 000,033,984 | ---- | C] (COMODO) -- C:\Windows\System32\cmdcsr.dll
[2012.04.22 22:59:25 | 000,000,000 | ---D | C] -- C:\rsit
[2012.04.22 22:33:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
[2012.04.21 22:45:00 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.04.21 21:31:34 | 000,000,000 | ---D | C] -- C:\Users\aost\AppData\Roaming\HandBrake
[2012.04.21 21:30:33 | 000,000,000 | ---D | C] -- C:\Users\aost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake
[2012.04.21 21:30:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
[2012.04.21 20:54:42 | 000,000,000 | ---D | C] -- C:\Users\aost\AppData\Roaming\CheckPoint
[2012.04.21 20:46:10 | 000,000,000 | ---D | C] -- C:\Users\aost\AppData\Roaming\SUPERAntiSpyware.com
[2012.04.21 20:45:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012.04.21 20:45:06 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012.04.21 20:39:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012.04.21 20:39:32 | 000,337,880 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012.04.21 20:39:32 | 000,020,696 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012.04.21 20:39:30 | 000,035,672 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2012.04.21 20:39:29 | 000,053,848 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012.04.21 20:39:28 | 000,612,184 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012.04.21 20:39:26 | 000,057,688 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012.04.21 20:39:03 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.04.21 20:39:02 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012.04.21 20:38:47 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2012.04.24 18:59:42 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.04.24 18:28:03 | 000,004,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.24 18:28:03 | 000,004,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.24 10:28:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.23 22:18:47 | 000,001,903 | ---- | M] () -- C:\Users\Public\Desktop\Nokia PC Suite.lnk
[2012.04.23 21:07:35 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2012.04.22 23:57:32 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\aost\Desktop\OTL.exe
[2012.04.22 22:33:18 | 000,001,973 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2012.04.21 22:35:44 | 000,000,083 | -HS- | M] () -- C:\ProgramData\.zreglib
[2012.04.21 21:30:34 | 000,000,697 | ---- | M] () -- C:\Users\aost\Desktop\Handbrake.lnk
[2012.04.21 21:10:58 | 000,000,578 | ---- | M] () -- C:\Users\aost\AppData\Roaming\AutoGK.ini
[2012.04.21 20:49:56 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.04.21 20:45:08 | 000,001,711 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.04.21 20:43:23 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012.04.21 20:43:23 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012.04.21 20:39:33 | 000,001,863 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.04.23 22:18:47 | 000,001,903 | ---- | C] () -- C:\Users\Public\Desktop\Nokia PC Suite.lnk
[2012.04.23 00:08:35 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.04.22 22:33:18 | 000,001,973 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2012.04.21 21:30:34 | 000,000,697 | ---- | C] () -- C:\Users\aost\Desktop\Handbrake.lnk
[2012.04.21 20:45:08 | 000,001,711 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.04.21 20:43:23 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012.04.21 20:43:23 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012.04.21 20:39:33 | 000,001,863 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.04.14 23:38:12 | 000,000,952 | ---- | C] () -- C:\Users\aost\AppData\Local\SRDownloader.nast
[2012.04.14 23:36:55 | 000,000,310 | ---- | C] () -- C:\Users\aost\AppData\Local\SRDownloader.err
[2012.02.26 12:29:53 | 000,000,083 | -HS- | C] () -- C:\ProgramData\.zreglib
[2012.02.26 12:14:35 | 000,000,578 | ---- | C] () -- C:\Users\aost\AppData\Roaming\AutoGK.ini
[2012.02.09 21:05:44 | 000,416,064 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011.12.27 00:22:37 | 000,000,036 | ---- | C] () -- C:\Windows\mafosav.INI
[2011.12.03 23:23:49 | 000,048,681 | ---- | C] () -- C:\Users\aost\AppData\Roaming\mdbu.bin
[2011.04.10 17:24:20 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2011.04.10 17:24:19 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2011.04.10 17:24:19 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2011.04.10 17:24:19 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2011.04.10 17:24:19 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2011.04.10 17:24:19 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2011.04.10 17:24:19 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2011.04.10 17:24:19 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2011.04.10 17:24:19 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2011.04.10 17:24:19 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2011.04.10 17:24:19 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2011.04.10 17:24:19 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2011.04.10 17:24:19 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2011.04.10 17:24:19 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2011.04.10 17:24:19 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2011.04.10 17:24:19 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2011.04.10 17:24:19 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2011.04.10 17:24:19 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2011.04.10 17:24:19 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2011.04.10 17:20:19 | 000,000,026 | ---- | C] () -- C:\Windows\CDEDX7400EXPORT.ini
[2011.03.02 21:41:27 | 001,474,832 | ---- | C] () -- C:\Windows\System32\drivers\sfi.dat
[2011.03.01 21:54:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2011.03.01 21:54:26 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2011.02.22 21:03:19 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2011.02.20 17:01:01 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011.02.20 17:00:19 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011.02.20 17:00:19 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011.02.20 16:01:15 | 000,033,280 | ---- | C] () -- C:\Users\aost\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.20 13:43:33 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.02.20 10:34:33 | 000,005,627 | R--- | C] () -- C:\Windows\System32\Ludap17.ini
[2011.02.20 10:34:33 | 000,000,039 | R--- | C] () -- C:\Windows\System32\ctzapxx.ini
[2011.02.20 10:06:47 | 000,203,328 | R--- | C] () -- C:\Windows\GSetup.exe
[2011.02.20 10:06:47 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011.02.20 01:00:03 | 000,000,680 | ---- | C] () -- C:\Users\aost\AppData\Local\d3d9caps.dat
========== LOP Check ==========
[2011.10.18 22:45:44 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Canneverbe Limited
[2012.04.22 22:29:32 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\CheckPoint
[2011.03.02 22:37:00 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Digiarty
[2012.01.25 23:55:58 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\EPSON
[2012.02.29 19:31:38 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\GHISLER
[2012.04.13 11:03:07 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\gtk-2.0
[2012.04.21 21:31:46 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\HandBrake
[2011.03.01 22:34:36 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\LG Electronics
[2012.04.24 10:29:32 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Nokia
[2011.04.03 00:05:21 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Nokia Ovi Suite
[2012.02.24 18:19:30 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\PC Suite
[2011.04.09 00:10:09 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Rajce
[2011.03.05 23:14:35 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Thunderbird
[2011.07.20 23:04:23 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Ulozto File Manager
[2012.04.23 23:31:18 | 000,032,560 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: ATAPI.SYS >
[2009.04.11 00:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 00:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 00:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.19 00:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 00:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2011.02.20 11:18:22 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2011.02.20 11:18:22 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2011.02.20 11:18:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.04.11 00:27:22 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009.04.11 00:27:22 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.19 00:33:02 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2006.11.02 11:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_dfbd2b4dc4d6121b\autochk.exe
< MD5 for: CDROM.SYS >
[2008.01.18 22:49:52 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.18 22:49:52 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.10 22:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009.04.10 22:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009.04.10 22:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.20 11:17:48 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2011.02.20 11:17:48 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2011.02.20 11:17:47 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2011.02.20 11:35:17 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2011.02.20 11:35:17 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009.04.11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2011.02.20 11:17:48 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 00:33:12 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: HAL.DLL >
[2009.04.11 00:32:48 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll
< MD5 for: SCECLI.DLL >
[2008.01.19 00:36:20 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.11 00:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 00:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: SVCHOST.EXE >
[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008.01.19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
< MD5 for: TCPIP.SYS >
[2009.04.11 00:33:04 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2011.09.20 23:02:55 | 000,913,280 | ---- | M] (Microsoft Corporation) MD5=16731B631F28F63CD9F4CB60940E7DDD -- C:\Windows\System32\drivers\tcpip.sys
[2011.09.20 23:02:55 | 000,913,280 | ---- | M] (Microsoft Corporation) MD5=16731B631F28F63CD9F4CB60940E7DDD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_b58c64c97caa1c43\tcpip.sys
[2011.02.20 11:36:12 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2011.02.20 11:36:08 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2011.06.17 22:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[2011.02.20 11:11:45 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2011.02.20 11:11:44 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2011.02.20 11:36:12 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2011.02.20 11:11:45 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2011.02.20 11:11:45 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2011.02.20 11:16:45 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
[2011.02.20 11:16:46 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
[2008.02.23 04:41:29 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=61B7D6702B0E9F8515A8BE9DB99D624B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20778_none_5fe546ddab8247e0\tcpip.sys
[2010.06.16 17:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2011.02.20 11:36:10 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2011.06.17 22:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[2010.06.16 18:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2008.02.23 06:41:37 | 000,890,936 | ---- | M] (Microsoft Corporation) MD5=6E478D65CE91984E75298C30FAEDCEBB -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22121_none_b3930f8f7f9331f9\tcpip.sys
[2010.06.16 17:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2011.09.20 23:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_b502c618638c7f52\tcpip.sys
[2011.02.20 11:36:09 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2011.02.20 11:11:44 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010.06.16 18:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2010.04.05 19:03:01 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=A6A02EF5B5E40FBD31A1ADC577DA54BB -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys
[2010.04.05 22:00:48 | 000,910,208 | ---- | M] (Microsoft Corporation) MD5=CC9993701AC57F995554C696DDA49C12 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22377_none_b5497d157cdc9c9f\tcpip.sys
[2006.11.02 10:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
[2011.02.20 11:11:44 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2008.01.19 00:43:40 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2011.02.20 11:36:10 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.01.19 00:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.19 00:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 00:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 00:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 00:33:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< >
< %systemroot%*.* /U /s >
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.02.24 21:32:28 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Adobe
[2011.10.18 22:45:44 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Canneverbe Limited
[2012.04.22 22:29:32 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\CheckPoint
[2011.04.26 22:19:07 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Creative
[2011.03.02 22:37:00 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Digiarty
[2011.03.01 00:51:36 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\dvdcss
[2012.01.25 23:55:58 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\EPSON
[2012.02.29 19:31:38 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\GHISLER
[2012.04.13 11:03:07 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\gtk-2.0
[2012.04.21 21:31:46 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\HandBrake
[2011.02.20 01:00:13 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Identities
[2011.02.20 10:15:07 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\InstallShield
[2011.03.01 22:34:36 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\LG Electronics
[2011.02.21 22:59:49 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Macromedia
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Media Center Programs
[2012.02.26 14:30:38 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Media Player Classic
[2012.02.24 19:30:38 | 000,000,000 | --SD | M] -- C:\Users\aost\AppData\Roaming\Microsoft
[2011.09.21 23:49:46 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Mozilla
[2012.04.24 10:29:32 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Nokia
[2011.04.03 00:05:21 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Nokia Ovi Suite
[2012.02.24 18:19:30 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\PC Suite
[2011.04.09 00:10:09 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Rajce
[2011.02.23 00:48:05 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Skype
[2011.02.22 21:03:18 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\skypePM
[2012.04.21 20:46:10 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\SUPERAntiSpyware.com
[2011.03.05 23:14:35 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Thunderbird
[2011.07.20 23:04:23 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Ulozto File Manager
[2011.06.30 23:17:22 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\vlc
[2012.04.21 21:12:26 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\Winamp
[2011.06.01 21:36:54 | 000,000,000 | ---D | M] -- C:\Users\aost\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2011.01.24 13:53:52 | 001,055,232 | ---- | M] (Digiarty Software) -- C:\Users\aost\AppData\Roaming\Digiarty\DAPlayer\DAUpdate.exe
[2012.02.24 19:30:38 | 000,053,248 | R--- | M] (Flexera Software, Inc.) -- C:\Users\aost\AppData\Roaming\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\ARPPRODUCTICON.exe
[2012.02.24 19:30:38 | 000,049,152 | R--- | M] (Flexera Software, Inc.) -- C:\Users\aost\AppData\Roaming\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
[2012.02.24 19:30:38 | 000,073,728 | R--- | M] (Flexera Software, Inc.) -- C:\Users\aost\AppData\Roaming\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\NewShortcut46_74B9CE5DF1F4447F982DCA29A461B529.exe
[2012.02.24 19:30:38 | 000,073,728 | R--- | M] (Flexera Software, Inc.) -- C:\Users\aost\AppData\Roaming\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\NewShortcut47_74B9CE5DF1F4447F982DCA29A461B529.exe
[2012.02.24 19:30:38 | 000,049,152 | R--- | M] (Flexera Software, Inc.) -- C:\Users\aost\AppData\Roaming\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
[2009.06.04 13:51:24 | 001,413,256 | R--- | M] () -- C:\Users\aost\AppData\Roaming\Microsoft\Windows\Templates\F\USBAutoRun.exe
[2009.06.04 13:51:24 | 001,413,256 | R--- | M] () -- C:\Users\aost\AppData\Roaming\Microsoft\Windows\Templates\J\USBAutoRun.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 12:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.04.24 18:28:03 | 000,004,848 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.24 18:28:03 | 000,004,848 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.21 20:49:56 | 000,002,577 | ---- | M] () -- C:\Windows\system32\config.nt
[2012.04.23 08:27:43 | 001,418,258 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ehTray.exe" = C:\Windows\ehome\ehTray.exe -- [2008.01.19 00:33:10 | 000,125,952 | ---- | M] (Microsoft Corporation)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2011.03.20 09:00:48 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.04.24 18:59:42 | 000,000,512 | ---- | M] () MD5=AAD33C7C181A0EDF4F7D83157CCF6F29 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2012.02.05 20:10:38 | 000,062,238 | ---- | M] () -- \Program Files\GIMP-2.0\share\gimp\2.0\patterns\cracked.pat
< *keygen* /s >
< *loader* /s >
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2011.11.11 13:20:12 | 000,112,128 | ---- | M] () -- \Program Files\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2006.12.15 14:31:20 | 000,114,688 | ---- | M] () -- \Program Files\epson\Creativity Suite\Easy Photo Print\APFLoaderV13.dll
[2004.04.21 17:09:00 | 000,069,632 | ---- | M] () -- \Program Files\epson\Creativity Suite\Easy Photo Print\EpAPFLoader.dll
[2006.02.28 19:02:04 | 000,102,400 | ---- | M] () -- \Program Files\epson\Creativity Suite\Easy Photo Print\EpAPFLoader2006.dll
[2010.02.07 21:40:00 | 000,000,543 | ---- | M] () -- \Program Files\GIMP-2.0\etc\gtk-2.0\gdk-pixbuf.loaders
[2009.12.15 17:58:18 | 000,017,056 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2009.12.15 17:58:20 | 000,018,592 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2009.12.15 17:58:24 | 000,026,272 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2009.12.15 17:58:26 | 000,012,960 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2009.12.15 17:58:28 | 000,017,568 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2009.12.15 17:58:56 | 000,019,616 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2009.12.15 17:59:04 | 000,015,008 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2009.12.15 17:59:06 | 000,019,104 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2009.12.15 17:59:10 | 000,017,056 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2009.12.15 17:59:14 | 000,012,448 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2009.12.15 17:59:16 | 000,016,544 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2009.12.15 17:59:20 | 000,016,544 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2009.12.15 17:59:22 | 000,011,936 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2009.12.15 17:59:24 | 000,013,984 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2009.12.15 17:59:28 | 000,028,320 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2009.05.01 19:42:00 | 000,009,880 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2012.03.26 10:53:30 | 000,002,560 | ---- | M] () -- \Program Files\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2011.10.17 15:10:26 | 000,071,528 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011.11.06 12:09:52 | 000,083,816 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2011.11.24 12:01:02 | 000,001,539 | ---- | M] () -- \Programy\HF Designer\Loader.elf
[2011.11.24 12:00:54 | 000,602,816 | ---- | M] () -- \Programy\HF Designer\Loader.exe
[2012.04.14 23:37:33 | 000,000,310 | ---- | M] () -- \Users\aost\AppData\Local\SRDownloader.err
[2012.04.14 23:44:08 | 000,000,952 | ---- | M] () -- \Users\aost\AppData\Local\SRDownloader.nast
[2011.09.01 13:13:30 | 000,112,128 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-1583777143-300269307-4166726652-1000\CBEC1D2927C7FCE4FB6C1C13FEF36E7A\3.3.86\ta_productapiloader..D321D6CC_DBBE_4AC3_8DBD_DFF82BB39BDC
[2008.01.19 00:34:06 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[1 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2011.02.21 11:49:30 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50.manifest
[2011.02.21 11:49:30 | 000,026,112 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50_winload.exe.mui_3bc5b827
[2011.02.21 11:49:30 | 000,016,384 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50_winresume.exe.mui_ff8b5358
[2011.02.20 16:09:13 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2011.02.20 16:09:13 | 000,027,648 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winload.exe.mui_3bc5b827
[2011.02.20 16:09:13 | 000,019,968 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winresume.exe.mui_ff8b5358
[2011.02.20 17:14:39 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2011.02.20 17:14:39 | 000,986,600 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winload.exe_75835076
[2011.02.20 17:14:39 | 000,926,184 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winresume.exe_85cd1215
[2011.02.20 16:09:18 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2011.02.20 16:09:18 | 000,021,048 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2_spldr.sys_98bd87a0
[2011.02.20 01:55:29 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_de-de_cb9c6772f81a418b.manifest
[2011.02.20 01:55:06 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50.manifest
[2011.02.20 01:55:42 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_es-es_74589a4fe71f3ef5.manifest
[2011.02.20 01:55:07 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_fr-fr_1710104ed9f15557.manifest
[2011.02.20 01:56:12 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_it-it_01380695b1233ad5.manifest
[2011.02.20 01:56:16 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_ja-jp_a35d85a2a43e4cb0.manifest
[2011.02.20 01:56:36 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_nl-nl_2d992eca70004957.manifest
[2011.02.20 01:55:28 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_de-de_cbf6c366115bebbd.manifest
[2011.02.20 01:55:05 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_en-us_74e7995f0039f782.manifest
[2011.02.20 01:55:42 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_es-es_74b2f6430060e927.manifest
[2011.02.20 01:55:07 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_fr-fr_176a6c41f332ff89.manifest
[2011.02.20 01:56:11 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_it-it_01926288ca64e507.manifest
[2011.02.20 01:56:15 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_ja-jp_a3b7e195bd7ff6e2.manifest
[2011.02.20 01:56:36 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_nl-nl_2df38abd8941f389.manifest
[2008.01.19 05:14:52 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2011.02.20 01:54:55 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.16646_none_591b3d986f9b5725.manifest
[2011.02.20 01:54:55 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.20782_none_5975998b88dd0157.manifest
[2008.01.19 01:00:00 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18000_none_5b26ba326ca6e048.manifest
[2011.02.20 01:54:34 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b.manifest
[2011.02.20 01:54:34 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.22125_none_5b9fb89785d036a7.manifest
[2009.04.11 01:12:44 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2006.11.02 12:13:06 | 000,003,970 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6000.16386_none_68fc663d5430d3de.manifest
[2008.01.19 01:05:22 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2006.11.02 14:34:33 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6000.16386_none_43bd59f592b7be86\dmloader.dll
[2008.01.19 00:34:06 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmloader.dll
[2008.01.19 00:34:06 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmloader.dll
< >
< HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows >
"AppInit_DLLs" = C:\Windows\system32\guard32.dll -- [2012.03.11 23:13:18 | 000,301,224 | ---- | M] (COMODO)
"LoadAppInit_DLLs" = 1
"IconServiceLib" = IconCodecService.dll -- [2006.11.02 14:34:33 | 000,009,728 | ---- | M] (Microsoft Corporation)
"DdeSendTimeout" = 0
"DesktopHeapLogging" = 1
"GDIProcessHandleQuota" = 10000
"ShutdownWarningDialogTimeout" = -1
"USERPostMessageLimit" = 10000
"USERProcessHandleQuota" = 10000
"" = mnmsrvc
"DeviceNotSelectedTimeout" = 15
"Spooler" = yes
"TransmissionRetryTimeout" = 90
"USERNestedWindowLimit" = 50
< C:\Windows\system32\guard32.dll /md5 >
[2012.03.11 23:13:18 | 000,301,224 | ---- | M] (COMODO) MD5=34ABDA6C1C69E54400C670D5CAC6AFA6 -- C:\Windows\system32\guard32.dll
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< End of report >
-
Danstahr
- Přítel fóra
- Příspěvky: 1069
- Registrován: 28 říj 2006 20:23
- Bydliště: Londýn
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Spusťte znovu OTL, do okna dole vložte následující skript a klikněte na tlačítko Opravit. Bude následovat restart PC a poté se otevře log, ten sem prosím vložte.Kód: Vybrat vše
:Commands
[EmptyTemp]
:OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgvmodem.sys -- (LGVMODEM)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgbtbus.sys -- (lgbusenum)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgbtport.sys -- (LgBttPort)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)Koupím trochu času, cenu respektuji.
Re: Prosím o kontrolu logu
Provedeno a zde je nový log RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by aost at 2012-04-24 20:43:26
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 15 GB (33%) free of 45 GB
Total RAM: 2046 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:43:29, on 24.4.2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Programy\Ochrana PC\AVAST Software\Avast\AvastUI.exe
C:\Programy\Ochrana PC\Comodo Firewall\COMODO\COMODO Internet Security\cfp.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Programy\Mozilla Firefox\firefox.exe
C:\Programy\Total Commander\TOTALCMD.EXE
C:\Programy\Ochrana PC\RSIT\RSIT.exe
C:\Program Files\trend micro\aost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programy\Ochrana PC\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programy\Ochrana PC\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [avast] "C:\Programy\Ochrana PC\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Programy\Ochrana PC\Comodo Firewall\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1583777143-300269307-4166726652-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Programy\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programy\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Programy\Ochrana PC\SAS\SASWINLO.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Programy\Ochrana PC\SAS\SASCORE.EXE
O23 - Service: avast! Antivirus - AVAST Software - C:\Programy\Ochrana PC\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Programy\Ochrana PC\Comodo Firewall\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Creative Centrale Media Server (CTUPnPSv) - Creative Technology Ltd - C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
--
End of file - 4483 bytes
=========Mozilla firefox=========
ProfilePath - C:\Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3, elemhidehelper@adblockplus.org:1.1.1, cs@dictionaries.addons.mozilla.org:1.0.2, {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8, {89506680-e3f4-484c-a2c0-ed711d481eda}:0.9.5.6, {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.1, {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.12, {6e84150a-d526-41f1-a480-a67d3fed910d}:1.4.5.1, locationbar2@design-noir.de:1.0.6, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, noia2_option@kk.noia:3.76, {35106bca-6c78-48c7-ac28-56df30b51d2c}:0.6.4, {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.2, {EF522540-89F5-46b9-B6FE-1829E2B572C6}:5.0.1, {dc572301-7619-498c-a57d-39143191b318}:0.3.8.5, {95f24680-9e31-11da-a746-0800200c9a66}:0.1.5.5, contact@searchfiles.de:1.3, mgDownloadHelper@yevgenyandrov.net:1.0.2, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15, {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76"
prefs.js - "keyword.enabled" - false
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"fe_9.0@nokia.com"=C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0
"wrc@avast.com"=C:\Programy\Ochrana PC\AVAST Software\Avast\WebRep\FF
"bkmrksync@nokia.com"=C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm LTD Toolbar Api
"Path"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Programy\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=1.1.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Programy\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Programy\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Programy\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{AB2CE124-6272-4b12-94A9-7303C7397BD1}
C:\Programy\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Programy\Mozilla Firefox\plugins\
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
npwachk.dll
C:\Programy\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default\extensions\
cs@dictionaries.addons.mozilla.org
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
{1018e4d6-728f-4b20-ad56-37578a4de76b}
{37E4D8EA-8BDA-4831-8EA1-89053939A250}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Programy\Ochrana PC\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-28 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Programy\Ochrana PC\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"P17Helper"=Rundll32 P17.dll,P17Helper []
"avast"=C:\Programy\Ochrana PC\AVAST Software\Avast\avastUI.exe [2012-03-07 4241512]
"COMODO Internet Security"=C:\Programy\Ochrana PC\Comodo Firewall\COMODO\COMODO Internet Security\cfp.exe [2012-03-11 6749512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\aost\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-12 136176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent]
C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe [2011-12-14 190768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\guard32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Programy\Ochrana PC\SAS\SASWINLO.DLL [2011-05-04 551296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Programy\Ochrana PC\SAS\SASSEH.DLL [2011-07-19 113024]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\avas_service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\avss_service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tpavdrw_service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tpmgma_service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"vidc.XVID"=xvidvfw.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-04-23 22:18:46 ----D---- C:\Program Files\Common Files\PCSuite
2012-04-23 21:07:11 ----D---- C:\_OTL
2012-04-22 23:03:37 ----A---- C:\Windows\system32\cmdcsr.dll
2012-04-22 22:59:25 ----D---- C:\rsit
2012-04-21 22:45:00 ----D---- C:\Windows\Minidump
2012-04-21 21:31:34 ----D---- C:\Users\aost\AppData\Roaming\HandBrake
2012-04-21 20:54:42 ----D---- C:\Users\aost\AppData\Roaming\CheckPoint
2012-04-21 20:46:10 ----D---- C:\Users\aost\AppData\Roaming\SUPERAntiSpyware.com
2012-04-21 20:45:06 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2012-04-21 20:43:23 ----RASH---- C:\MSDOS.SYS
2012-04-21 20:43:23 ----RASH---- C:\IO.SYS
2012-04-21 20:39:32 ----A---- C:\Windows\system32\drivers\aswSP.sys
2012-04-21 20:39:32 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2012-04-21 20:39:30 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2012-04-21 20:39:29 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2012-04-21 20:39:28 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2012-04-21 20:39:26 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2012-04-21 20:39:03 ----A---- C:\Windows\avastSS.scr
2012-04-21 20:39:02 ----A---- C:\Windows\system32\aswBoot.exe
2012-04-21 20:38:47 ----D---- C:\ProgramData\AVAST Software
2012-04-13 10:52:40 ----D---- C:\Program Files\GIMP-2.0
2012-04-11 21:51:10 ----A---- C:\Windows\system32\mshtmled.dll
2012-04-11 21:51:09 ----A---- C:\Windows\system32\wininet.dll
2012-04-11 21:51:09 ----A---- C:\Windows\system32\url.dll
2012-04-11 21:51:09 ----A---- C:\Windows\system32\jscript9.dll
2012-04-11 21:51:09 ----A---- C:\Windows\system32\jscript.dll
2012-04-11 21:51:09 ----A---- C:\Windows\system32\iertutil.dll
2012-04-11 21:51:08 ----A---- C:\Windows\system32\urlmon.dll
2012-04-11 21:51:08 ----A---- C:\Windows\system32\jsproxy.dll
2012-04-11 21:51:08 ----A---- C:\Windows\system32\ieui.dll
2012-04-11 21:51:07 ----A---- C:\Windows\system32\mshtml.dll
2012-04-11 21:51:07 ----A---- C:\Windows\system32\ieframe.dll
2012-04-11 21:51:02 ----A---- C:\Windows\system32\wmi.dll
2012-04-11 21:51:02 ----A---- C:\Windows\system32\wintrust.dll
2012-04-11 21:51:02 ----A---- C:\Windows\system32\imagehlp.dll
2012-04-11 21:51:02 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2012-04-11 21:50:55 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-04-11 21:50:55 ----A---- C:\Windows\system32\ntkrnlpa.exe
======List of files/folders modified in the last 1 month======
2012-04-24 20:43:29 ----D---- C:\Program Files\trend micro
2012-04-24 20:41:43 ----D---- C:\Windows\Prefetch
2012-04-24 20:40:14 ----D---- C:\Windows\Temp
2012-04-24 20:39:21 ----D---- C:\ProgramData\NVIDIA
2012-04-24 20:37:18 ----D---- C:\Windows\System32
2012-04-24 18:59:38 ----SHD---- C:\System Volume Information
2012-04-24 10:32:48 ----D---- C:\Windows\inf
2012-04-24 10:29:32 ----D---- C:\Users\aost\AppData\Roaming\Nokia
2012-04-24 10:28:52 ----AD---- C:\Windows
2012-04-23 23:31:22 ----D---- C:\Windows\system32\catroot
2012-04-23 22:18:55 ----SHD---- C:\Windows\Installer
2012-04-23 22:18:53 ----SHD---- C:\Config.Msi
2012-04-23 22:18:46 ----D---- C:\Program Files\Common Files
2012-04-23 22:18:44 ----D---- C:\Program Files\Nokia
2012-04-23 22:18:44 ----D---- C:\Program Files\Common Files\Nokia
2012-04-23 22:16:45 ----D---- C:\ProgramData\Installations
2012-04-23 21:07:35 ----D---- C:\Windows\Tasks
2012-04-23 21:07:35 ----D---- C:\Windows\system32\drivers\etc
2012-04-23 08:27:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-04-22 22:40:35 ----D---- C:\ProgramData\Comodo
2012-04-22 22:33:48 ----D---- C:\Windows\system32\drivers
2012-04-22 22:31:22 ----HD---- C:\ProgramData
2012-04-22 22:28:31 ----D---- C:\Windows\SoftwareDistribution
2012-04-22 22:25:32 ----RD---- C:\Program Files
2012-04-21 22:45:53 ----D---- C:\Windows\system32\catroot2
2012-04-21 21:30:32 ----D---- C:\Programy
2012-04-21 21:12:26 ----D---- C:\Users\aost\AppData\Roaming\Winamp
2012-04-21 21:10:58 ----A---- C:\Users\aost\AppData\Roaming\AutoGK.ini
2012-04-21 20:54:51 ----D---- C:\Windows\winsxs
2012-04-21 20:39:03 ----D---- C:\Program Files\Windows Sidebar
2012-04-21 20:34:24 ----D---- C:\Program Files\Common Files\TrustPort
2012-04-19 21:21:27 ----D---- C:\Program Files\XviD
2012-04-14 22:37:48 ----D---- C:\Windows\Debug
2012-04-13 11:03:07 ----D---- C:\Users\aost\AppData\Roaming\gtk-2.0
2012-04-12 18:19:33 ----D---- C:\ProgramData\Microsoft Help
2012-04-11 22:04:25 ----RSD---- C:\Windows\assembly
2012-04-11 22:04:25 ----D---- C:\Windows\Microsoft.NET
2012-04-11 21:53:23 ----D---- C:\Windows\system32\migration
2012-04-11 21:53:23 ----D---- C:\Program Files\Internet Explorer
2012-04-11 21:40:43 ----A---- C:\Windows\system32\mrt.exe
2012-03-29 21:11:13 ----D---- C:\ProgramData\NokiaInstallerCache
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hotcore3;hc3ServiceName; C:\Windows\system32\DRIVERS\hotcore3.sys [2011-05-17 57312]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2007-06-13 48256]
R1 AswRdr;aswRdr; C:\Windows\system32\drivers\AswRdr.sys [2012-03-07 35672]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-03-07 612184]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-03-07 337880]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-03-07 53848]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2012-03-11 491816]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2012-03-11 38616]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-17 31088]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2012-03-11 82400]
R1 SASDIFSV;SASDIFSV; \??\C:\Programy\Ochrana PC\SAS\SASDIFSV.SYS [2011-07-22 12880]
R1 SASKUTIL;SASKUTIL; \??\C:\Programy\Ochrana PC\SAS\SASKUTIL.SYS [2011-07-12 67664]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-03-07 20696]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-03-07 57688]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x32.sys [2011-09-21 21992]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\DRIVERS\ctsfm2k.sys [2005-01-10 138752]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2012-02-10 10816832]
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\DRIVERS\ctoss2k.sys [2005-01-10 106496]
R3 P17;SB Live! 24-bit; C:\Windows\system32\drivers\P17.sys [2007-02-05 1122304]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2010-06-23 259176]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 FlashUSB;FlashUSB; C:\Windows\system32\DRIVERS\FlashUSB.sys [2010-05-12 16896]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2011-02-20 15600]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-11-01 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-11-01 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2011-11-01 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2011-11-01 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-11-01 8192]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-10 73216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-18 35328]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-10 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-11-01 8192]
S3 VX1000;VX-1000; C:\Windows\system32\DRIVERS\VX1000.sys [2007-04-10 1966312]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Programy\Ochrana PC\SAS\SASCORE.EXE [2011-08-12 116608]
R2 avast! Antivirus;avast! Antivirus; C:\Programy\Ochrana PC\AVAST Software\Avast\AvastSvc.exe [2012-03-07 44768]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Programy\Ochrana PC\Comodo Firewall\COMODO\COMODO Internet Security\cmdagent.exe [2012-04-22 1983232]
R2 CTDevice_Srv;CT Device Query service; C:\Program Files\Creative\Shared Files\CTDevSrv.exe [2007-04-02 61440]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-02-10 645440]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-02-10 2348352]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-09 382272]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 CTUPnPSv;Creative Centrale Media Server; C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-01-04 718888]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
-----------------EOF-----------------
Logfile of random's system information tool 1.09 (written by random/random)
Run by aost at 2012-04-24 20:43:26
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 15 GB (33%) free of 45 GB
Total RAM: 2046 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:43:29, on 24.4.2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Programy\Ochrana PC\AVAST Software\Avast\AvastUI.exe
C:\Programy\Ochrana PC\Comodo Firewall\COMODO\COMODO Internet Security\cfp.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Programy\Mozilla Firefox\firefox.exe
C:\Programy\Total Commander\TOTALCMD.EXE
C:\Programy\Ochrana PC\RSIT\RSIT.exe
C:\Program Files\trend micro\aost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programy\Ochrana PC\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programy\Ochrana PC\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [avast] "C:\Programy\Ochrana PC\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Programy\Ochrana PC\Comodo Firewall\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1583777143-300269307-4166726652-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Programy\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programy\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Programy\Ochrana PC\SAS\SASWINLO.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Programy\Ochrana PC\SAS\SASCORE.EXE
O23 - Service: avast! Antivirus - AVAST Software - C:\Programy\Ochrana PC\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Programy\Ochrana PC\Comodo Firewall\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Creative Centrale Media Server (CTUPnPSv) - Creative Technology Ltd - C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
--
End of file - 4483 bytes
=========Mozilla firefox=========
ProfilePath - C:\Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3, elemhidehelper@adblockplus.org:1.1.1, cs@dictionaries.addons.mozilla.org:1.0.2, {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8, {89506680-e3f4-484c-a2c0-ed711d481eda}:0.9.5.6, {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.1, {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.12, {6e84150a-d526-41f1-a480-a67d3fed910d}:1.4.5.1, locationbar2@design-noir.de:1.0.6, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, noia2_option@kk.noia:3.76, {35106bca-6c78-48c7-ac28-56df30b51d2c}:0.6.4, {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.2, {EF522540-89F5-46b9-B6FE-1829E2B572C6}:5.0.1, {dc572301-7619-498c-a57d-39143191b318}:0.3.8.5, {95f24680-9e31-11da-a746-0800200c9a66}:0.1.5.5, contact@searchfiles.de:1.3, mgDownloadHelper@yevgenyandrov.net:1.0.2, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15, {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76"
prefs.js - "keyword.enabled" - false
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"fe_9.0@nokia.com"=C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0
"wrc@avast.com"=C:\Programy\Ochrana PC\AVAST Software\Avast\WebRep\FF
"bkmrksync@nokia.com"=C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm LTD Toolbar Api
"Path"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Programy\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=1.1.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Programy\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Programy\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Programy\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{AB2CE124-6272-4b12-94A9-7303C7397BD1}
C:\Programy\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Programy\Mozilla Firefox\plugins\
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
npwachk.dll
C:\Programy\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\aost\AppData\Roaming\Mozilla\Firefox\Profiles\b8ei174u.default\extensions\
cs@dictionaries.addons.mozilla.org
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
{1018e4d6-728f-4b20-ad56-37578a4de76b}
{37E4D8EA-8BDA-4831-8EA1-89053939A250}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Programy\Ochrana PC\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-28 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Programy\Ochrana PC\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"P17Helper"=Rundll32 P17.dll,P17Helper []
"avast"=C:\Programy\Ochrana PC\AVAST Software\Avast\avastUI.exe [2012-03-07 4241512]
"COMODO Internet Security"=C:\Programy\Ochrana PC\Comodo Firewall\COMODO\COMODO Internet Security\cfp.exe [2012-03-11 6749512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\aost\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-12 136176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent]
C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe [2011-12-14 190768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\guard32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Programy\Ochrana PC\SAS\SASWINLO.DLL [2011-05-04 551296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Programy\Ochrana PC\SAS\SASSEH.DLL [2011-07-19 113024]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\avas_service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\avss_service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tpavdrw_service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tpmgma_service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"vidc.XVID"=xvidvfw.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-04-23 22:18:46 ----D---- C:\Program Files\Common Files\PCSuite
2012-04-23 21:07:11 ----D---- C:\_OTL
2012-04-22 23:03:37 ----A---- C:\Windows\system32\cmdcsr.dll
2012-04-22 22:59:25 ----D---- C:\rsit
2012-04-21 22:45:00 ----D---- C:\Windows\Minidump
2012-04-21 21:31:34 ----D---- C:\Users\aost\AppData\Roaming\HandBrake
2012-04-21 20:54:42 ----D---- C:\Users\aost\AppData\Roaming\CheckPoint
2012-04-21 20:46:10 ----D---- C:\Users\aost\AppData\Roaming\SUPERAntiSpyware.com
2012-04-21 20:45:06 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2012-04-21 20:43:23 ----RASH---- C:\MSDOS.SYS
2012-04-21 20:43:23 ----RASH---- C:\IO.SYS
2012-04-21 20:39:32 ----A---- C:\Windows\system32\drivers\aswSP.sys
2012-04-21 20:39:32 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2012-04-21 20:39:30 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2012-04-21 20:39:29 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2012-04-21 20:39:28 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2012-04-21 20:39:26 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2012-04-21 20:39:03 ----A---- C:\Windows\avastSS.scr
2012-04-21 20:39:02 ----A---- C:\Windows\system32\aswBoot.exe
2012-04-21 20:38:47 ----D---- C:\ProgramData\AVAST Software
2012-04-13 10:52:40 ----D---- C:\Program Files\GIMP-2.0
2012-04-11 21:51:10 ----A---- C:\Windows\system32\mshtmled.dll
2012-04-11 21:51:09 ----A---- C:\Windows\system32\wininet.dll
2012-04-11 21:51:09 ----A---- C:\Windows\system32\url.dll
2012-04-11 21:51:09 ----A---- C:\Windows\system32\jscript9.dll
2012-04-11 21:51:09 ----A---- C:\Windows\system32\jscript.dll
2012-04-11 21:51:09 ----A---- C:\Windows\system32\iertutil.dll
2012-04-11 21:51:08 ----A---- C:\Windows\system32\urlmon.dll
2012-04-11 21:51:08 ----A---- C:\Windows\system32\jsproxy.dll
2012-04-11 21:51:08 ----A---- C:\Windows\system32\ieui.dll
2012-04-11 21:51:07 ----A---- C:\Windows\system32\mshtml.dll
2012-04-11 21:51:07 ----A---- C:\Windows\system32\ieframe.dll
2012-04-11 21:51:02 ----A---- C:\Windows\system32\wmi.dll
2012-04-11 21:51:02 ----A---- C:\Windows\system32\wintrust.dll
2012-04-11 21:51:02 ----A---- C:\Windows\system32\imagehlp.dll
2012-04-11 21:51:02 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2012-04-11 21:50:55 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-04-11 21:50:55 ----A---- C:\Windows\system32\ntkrnlpa.exe
======List of files/folders modified in the last 1 month======
2012-04-24 20:43:29 ----D---- C:\Program Files\trend micro
2012-04-24 20:41:43 ----D---- C:\Windows\Prefetch
2012-04-24 20:40:14 ----D---- C:\Windows\Temp
2012-04-24 20:39:21 ----D---- C:\ProgramData\NVIDIA
2012-04-24 20:37:18 ----D---- C:\Windows\System32
2012-04-24 18:59:38 ----SHD---- C:\System Volume Information
2012-04-24 10:32:48 ----D---- C:\Windows\inf
2012-04-24 10:29:32 ----D---- C:\Users\aost\AppData\Roaming\Nokia
2012-04-24 10:28:52 ----AD---- C:\Windows
2012-04-23 23:31:22 ----D---- C:\Windows\system32\catroot
2012-04-23 22:18:55 ----SHD---- C:\Windows\Installer
2012-04-23 22:18:53 ----SHD---- C:\Config.Msi
2012-04-23 22:18:46 ----D---- C:\Program Files\Common Files
2012-04-23 22:18:44 ----D---- C:\Program Files\Nokia
2012-04-23 22:18:44 ----D---- C:\Program Files\Common Files\Nokia
2012-04-23 22:16:45 ----D---- C:\ProgramData\Installations
2012-04-23 21:07:35 ----D---- C:\Windows\Tasks
2012-04-23 21:07:35 ----D---- C:\Windows\system32\drivers\etc
2012-04-23 08:27:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-04-22 22:40:35 ----D---- C:\ProgramData\Comodo
2012-04-22 22:33:48 ----D---- C:\Windows\system32\drivers
2012-04-22 22:31:22 ----HD---- C:\ProgramData
2012-04-22 22:28:31 ----D---- C:\Windows\SoftwareDistribution
2012-04-22 22:25:32 ----RD---- C:\Program Files
2012-04-21 22:45:53 ----D---- C:\Windows\system32\catroot2
2012-04-21 21:30:32 ----D---- C:\Programy
2012-04-21 21:12:26 ----D---- C:\Users\aost\AppData\Roaming\Winamp
2012-04-21 21:10:58 ----A---- C:\Users\aost\AppData\Roaming\AutoGK.ini
2012-04-21 20:54:51 ----D---- C:\Windows\winsxs
2012-04-21 20:39:03 ----D---- C:\Program Files\Windows Sidebar
2012-04-21 20:34:24 ----D---- C:\Program Files\Common Files\TrustPort
2012-04-19 21:21:27 ----D---- C:\Program Files\XviD
2012-04-14 22:37:48 ----D---- C:\Windows\Debug
2012-04-13 11:03:07 ----D---- C:\Users\aost\AppData\Roaming\gtk-2.0
2012-04-12 18:19:33 ----D---- C:\ProgramData\Microsoft Help
2012-04-11 22:04:25 ----RSD---- C:\Windows\assembly
2012-04-11 22:04:25 ----D---- C:\Windows\Microsoft.NET
2012-04-11 21:53:23 ----D---- C:\Windows\system32\migration
2012-04-11 21:53:23 ----D---- C:\Program Files\Internet Explorer
2012-04-11 21:40:43 ----A---- C:\Windows\system32\mrt.exe
2012-03-29 21:11:13 ----D---- C:\ProgramData\NokiaInstallerCache
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hotcore3;hc3ServiceName; C:\Windows\system32\DRIVERS\hotcore3.sys [2011-05-17 57312]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2007-06-13 48256]
R1 AswRdr;aswRdr; C:\Windows\system32\drivers\AswRdr.sys [2012-03-07 35672]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-03-07 612184]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-03-07 337880]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-03-07 53848]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2012-03-11 491816]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2012-03-11 38616]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-17 31088]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2012-03-11 82400]
R1 SASDIFSV;SASDIFSV; \??\C:\Programy\Ochrana PC\SAS\SASDIFSV.SYS [2011-07-22 12880]
R1 SASKUTIL;SASKUTIL; \??\C:\Programy\Ochrana PC\SAS\SASKUTIL.SYS [2011-07-12 67664]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-03-07 20696]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-03-07 57688]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x32.sys [2011-09-21 21992]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\DRIVERS\ctsfm2k.sys [2005-01-10 138752]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2012-02-10 10816832]
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\DRIVERS\ctoss2k.sys [2005-01-10 106496]
R3 P17;SB Live! 24-bit; C:\Windows\system32\drivers\P17.sys [2007-02-05 1122304]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2010-06-23 259176]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 FlashUSB;FlashUSB; C:\Windows\system32\DRIVERS\FlashUSB.sys [2010-05-12 16896]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2011-02-20 15600]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-11-01 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-11-01 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2011-11-01 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2011-11-01 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-11-01 8192]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-10 73216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-18 35328]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-10 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-11-01 8192]
S3 VX1000;VX-1000; C:\Windows\system32\DRIVERS\VX1000.sys [2007-04-10 1966312]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Programy\Ochrana PC\SAS\SASCORE.EXE [2011-08-12 116608]
R2 avast! Antivirus;avast! Antivirus; C:\Programy\Ochrana PC\AVAST Software\Avast\AvastSvc.exe [2012-03-07 44768]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Programy\Ochrana PC\Comodo Firewall\COMODO\COMODO Internet Security\cmdagent.exe [2012-04-22 1983232]
R2 CTDevice_Srv;CT Device Query service; C:\Program Files\Creative\Shared Files\CTDevSrv.exe [2007-04-02 61440]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-02-10 645440]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-02-10 2348352]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-09 382272]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 CTUPnPSv;Creative Centrale Media Server; C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-01-04 718888]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
-----------------EOF-----------------
-
Danstahr
- Přítel fóra
- Příspěvky: 1069
- Registrován: 28 říj 2006 20:23
- Bydliště: Londýn
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Tak ještě uklidíme a máme hotovo. Antivir některou z utilit může chybně označit za infikovanou, pokud se tak stane, hlášku ignorujte, popř. AV dočasně vypněte.
Stáhněte T-Cleaner. Potvrzování se provádí stisknutím A.
Stáhněte OTC, Spusťte jej a stiskněte CleanUp! Bude následovat restart.
Stáhněte TFC, spusťte jej a dejte Start.
Stáhněte CCleaner, nainstalujte a spusťte.
Stáhněte T-Cleaner. Potvrzování se provádí stisknutím A. Stáhněte OTC, Spusťte jej a stiskněte CleanUp! Bude následovat restart. Stáhněte TFC, spusťte jej a dejte Start. Stáhněte CCleaner, nainstalujte a spusťte.
- Na záložce Čistič stiskněte tlačítko Spustit Cleaner
- Po provedení přepněte na záložku Registry, stiskněte Hledej problémy a poté Opravit vybrané problémy. Opakujte, dokud nebude po hledání problémů seznam prázdný.
Koupím trochu času, cenu respektuji.
Re: Prosím o kontrolu logu
Vše provedeno a děkuji moc za pomoc!
Přispějete na provoz fóra?