Vas pocitac bol zablokovany, policia SR

Zpráva

Skaler.x. · #1 Příspěvek od **Skaler.x.** » 29 pro 2012 12:32

Zdravim, podarilo sa aj mne dostat tuto haved, vir co sa vydava za policiu SR a pyta peniaze...Virus som odstranil pomocou kaspersky rescue disk.Tu ale nastava problem, lebo virus mi tu spravil bordel v zmysle ze, nefunguje zdielanie po sieti, pocitac sice z ineho pc vidim ale ked sa chcem donho dostat vypise ze nenaslo cestu, antivirus mi nejde aktualizovat a ked sa chcem dostat do vlasnosti mojho sietoveho pripojenia zamrzne na chvilu win a nic sa nedeje.Najhorsie ze nemam k dispozici ziaden bod obnovy.Vedeli by ste mi niekto poradit co s tym robit?Vopred diky.

#2 Příspěvek od **Rudy** » 29 pro 2012 12:45

Také zdravím!
Restartujte do nouz. režimu a nejprve dejte log RSIT: http://forum.viry.cz/viewtopic.php?f=13&t=105895 .

Skaler.x. · #3 Příspěvek od **Skaler.x.** » 29 pro 2012 13:23

Prikladam log:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jozifek at 2012-12-29 15:18:41
WIN_XP Service Pack 3
System drive C: has 59 GB (39%) free of 153 GB
Total RAM: 1527 MB (79% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:21:16, on 29. 12. 2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
D:\Download\RSIT.exe
C:\Program Files\trend micro\Jozifek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [DWPersistentQueuedReporting] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE -a
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-21-1993962763-838170752-1801674531-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-1993962763-838170752-1801674531-1004\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-1993962763-838170752-1801674531-1004 Startup: runctf.lnk = C:\WINDOWS\system32\rundll32.exe (User '?')
O4 - Startup: runctf.lnk = C:\WINDOWS\system32\rundll32.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: RailNotification - Invalid registry found
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 6179 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Jozifek\Data aplikací\Mozilla\Firefox\Profiles\mm4b3bix.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "about:home"
prefs.js - "extensions.enabledItems" - "{4BBDD651-70CF-4821-84F8-2B918CF89CA3}:6.3.3.2, {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6, {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6, {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8, {35106bca-6c78-48c7-ac28-56df30b51d2a}:1.3.8, onair_FM@marek.chrenko.net:3.5.1, {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.2, elemhidehelper@adblockplus.org:1.1.1, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, jqs@sun.com:1.0, fbchathistory@firechm.com:1.2, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "true"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.135 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw_1167637.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

C:\Documents and Settings\Jozifek\Data aplikací\Mozilla\Firefox\Profiles\mm4b3bix.default\extensions\
{37E4D8EA-8BDA-4831-8EA1-89053939A250}
{4BBDD651-70CF-4821-84F8-2B918CF89CA3}

C:\Documents and Settings\Jozifek\Data aplikací\Mozilla\Firefox\Profiles\mm4b3bix.default\searchplugins\
askcom.xml
hadaj-video.xml
hellspy.xml
sfd.xml
stahujcz.xml
vyhledvn-vide-ve-slub-youtube.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-24 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-24 155384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"DWPersistentQueuedReporting"=C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [2011-07-27 434080]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-05-04 90112]
"AlcWzrd"=C:\WINDOWS\ALCWZRD.EXE [2005-05-04 2805248]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-04 69632]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-05-25 13895272]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2012-11-08 6756048]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2005-06-08 94208]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2005-06-08 77824]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2005-06-08 114688]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2011-10-07 1387288]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2012-04-18 421888]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2012-11-19 2254768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-04-17 3671872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2010-08-20 33120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Steam\Steam.exe [2011-07-23 1242448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Jozifek^Nabídka Start^Programy^Po spuštění^Logitech . Registrácia výrobku.lnk]
C:\PROGRA~1\COMMON~1\Logishrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]

C:\Documents and Settings\Jozifek\Nabídka Start\Programy\Po spuštění
runctf.lnk - C:\WINDOWS\system32\rundll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\WINDOWS\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-06-08 131072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2011-06-17 66328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RailNotification]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2011-01-25 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2011-01-25 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2011-01-25 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SolutoService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Documents and Settings\Jozifek\Plocha\Half-Life 2\hl2.exe"="C:\Documents and Settings\Jozifek\Plocha\Half-Life 2\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Warcraft III\gproxy.exe"="C:\Program Files\Warcraft III\gproxy.exe:*:Enabled:gproxy"
"C:\Program Files\Warcraft III\war3.exe"="C:\Program Files\Warcraft III\war3.exe:*:Enabled:Warcraft III"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe"="C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe:*:Enabled:speed2"
"D:\Download\solutoinstaller.exe"="D:\Download\solutoinstaller.exe:*:Enabled:SolutoInstaller"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"VIDC.FMVC"=fmcodec.dll

======List of files/folders created in the last 1 month======

2012-12-29 13:17:08 ----A---- C:\WINDOWS\ntbtlog.txt
2012-12-29 12:47:31 ----D---- C:\Program Files\trend micro
2012-12-29 12:46:12 ----D---- C:\rsit
2012-12-28 23:02:02 ----A---- C:\WINDOWS\system32\drivers\79696916.sys
2012-12-28 22:56:12 ----A---- C:\WINDOWS\system32\drivers\utexnjq4.sys
2012-12-28 18:17:20 ----A---- C:\AdwCleaner[S1].txt
2012-12-28 18:16:53 ----A---- C:\AdwCleaner[R1].txt
2012-12-28 17:35:27 ----AD---- C:\Kaspersky Rescue Disk 10.0
2012-12-28 15:39:49 ----SHD---- C:\WINDOWS\CSC
2012-12-28 15:13:07 ----A---- C:\Documents and Settings\All Users\Data aplikací\dsgsdgdsgdsgw.js
2012-12-23 16:07:40 ----A---- C:\WINDOWS\system32\mediarcpt.dll
2012-12-23 16:07:32 ----D---- C:\Program Files\Recepty doma
2012-12-18 15:57:25 ----D---- C:\Program Files\Team17
2012-12-17 13:57:20 ----D---- C:\Documents and Settings\Jozifek\Data aplikací\Quake3
2012-12-17 13:49:39 ----D---- C:\Program Files\ioQuake3&TA
2012-12-17 07:56:20 ----D---- C:\Program Files\Outlook Attachment Sniffer
2012-12-17 07:31:10 ----D---- C:\Documents and Settings\Jozifek\Data aplikací\Atari
2012-12-17 07:20:49 ----A---- C:\WINDOWS\system32\CmdLineExt03.dll
2012-12-13 16:59:55 ----A---- C:\WINDOWS\system32\FlashPlayerInstaller.exe
2012-12-01 20:16:56 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2012-12-29 15:16:06 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-12-29 15:13:00 ----D---- C:\WINDOWS\Temp
2012-12-29 14:49:39 ----D---- C:\Program Files\Warcraft III
2012-12-29 13:37:22 ----D---- C:\WINDOWS\system32\CatRoot2
2012-12-29 13:17:08 ----D---- C:\WINDOWS
2012-12-29 12:47:59 ----D---- C:\WINDOWS\Prefetch
2012-12-29 12:47:31 ----RD---- C:\Program Files
2012-12-28 23:02:10 ----HD---- C:\WINDOWS\inf
2012-12-28 23:02:10 ----D---- C:\WINDOWS\system32\drivers
2012-12-28 22:58:52 ----SHD---- C:\System Volume Information
2012-12-24 11:52:10 ----D---- C:\WINDOWS\system32
2012-12-24 11:52:08 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-12-23 12:20:48 ----D---- C:\Documents and Settings\Jozifek\Data aplikací\DAEMON Tools Lite
2012-12-23 12:16:41 ----D---- C:\WINDOWS\Debug
2012-12-23 12:14:58 ----HD---- C:\Program Files\InstallShield Installation Information
2012-12-23 11:42:08 ----SHD---- C:\WINDOWS\Installer
2012-12-22 02:12:54 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-12-22 02:12:48 ----HD---- C:\WINDOWS\$hf_mig$
2012-12-17 19:28:37 ----D---- C:\Documents and Settings\Jozifek\Data aplikací\U3
2012-12-16 13:31:02 ----A---- C:\WINDOWS\system32\atmfd.dll
2012-12-16 11:27:34 ----D---- C:\Program Files\3DO
2012-12-13 17:00:00 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-12-12 21:21:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-12-12 21:20:05 ----D---- C:\Program Files\Internet Explorer
2012-12-12 21:19:54 ----D---- C:\WINDOWS\ie8updates
2012-12-12 21:17:09 ----A---- C:\WINDOWS\system32\MRT.exe
2012-12-02 10:17:52 ----D---- C:\Program Files\Mozilla Maintenance Service

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 79696916;79696916; C:\WINDOWS\system32\DRIVERS\79696916.sys [2012-12-28 133208]
R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2012-11-08 99080]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2011-01-25 61824]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2012-05-20 477240]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\WINDOWS\System32\DRIVERS\cmderd.sys [2012-11-08 18096]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2012-05-21 242240]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2011-09-02 41240]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2011-09-02 30360]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2011-01-25 12160]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2011-01-25 32384]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2012-11-08 497952]
S1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2012-11-08 32640]
S1 DumpDrv;Crash Dump Driver; C:\WINDOWS\system32\drivers\DumpDrv.sys [2011-01-25 9472]
S1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
S2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2012-01-28 278728]
S2 LBeepKE;Logitech Beep Suppression Driver; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2011-09-02 12184]
S2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2012-01-28 25416]
S2 rspndr;Odpovídající zařízení zjišťování topologie linkové vrstvy; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2011-01-25 62848]
S2 SVKP;SVKP; \??\C:\WINDOWS\system32\SVKP.sys []
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2011-01-25 60800]
S3 cpudrv;cpudrv; \??\C:\Program Files\SystemRequirementsLab\cpudrv.sys []
S3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2004-10-15 155648]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-06-08 1050140]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-06-09 3160576]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2011-01-25 61824]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2011-05-25 12753664]
S3 utexnjq4;AVZ Kernel Driver; \??\C:\WINDOWS\system32\Drivers\utexnjq4.sys []
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2011-01-25 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2011-01-25 82944]
S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2011-01-25 133632]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2012-11-08 1990464]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-07-26 136176]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2012-11-19 1435568]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2012-09-24 161768]
S2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2011-05-25 154728]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-25 2214504]
S2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2011-01-25 439808]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-13 250808]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-07-26 136176]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2011-09-27 295192]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-12-01 115168]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-03-16 407336]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2011-01-25 14848]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2011-01-25 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2011-01-25 14848]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Skaler.x. · #4 Příspěvek od **Skaler.x.** » 29 pro 2012 13:36

Zabudol som spomenut, pri starte mi vypisuje : Chyba pri nacitani souboru C:\dokume~1\jozifek\wgsdgsdgdsgsd.dll Uvedeny modul nebyl nalezen.

Skaler.x. · #5 Příspěvek od **Skaler.x.** » 29 pro 2012 15:28

Pridal som kompletny log.

#6 Příspěvek od **Rudy** » 29 pro 2012 17:36

Poprosím ještě o log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

Skaler.x. · #7 Příspěvek od **Skaler.x.** » 29 pro 2012 18:50

Combofix:

ComboFix 12-12-29.02 - Jozifek . 12. 2012 18:05:56.1.1 - x86
Running from: d:\download\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\TZLog.log
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-11-28 to 2012-12-29 )))))))))))))))))))))))))))))))
.
.
2012-12-29 11:47 . 2012-12-29 14:19 -------- d-----w- c:\program files\trend micro
2012-12-29 11:46 . 2012-12-29 14:21 -------- d-----w- C:\rsit
2012-12-28 22:02 . 2012-12-28 20:17 133208 ----a-w- c:\windows\system32\drivers\79696916.sys
2012-12-28 21:56 . 2012-12-28 21:56 7168 ----a-w- c:\windows\system32\drivers\utexnjq4.sys
2012-12-28 16:35 . 2012-12-28 18:04 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0
2012-12-28 14:13 . 2012-12-28 14:13 3003 ----a-w- c:\documents and settings\All Users\Data aplikací\dsgsdgdsgdsgw.js
2012-12-23 15:07 . 2007-03-05 06:32 201216 ----a-w- c:\windows\system32\mediarcpt.dll
2012-12-23 15:07 . 2012-12-23 15:33 -------- d-----w- c:\program files\Recepty doma
2012-12-18 14:57 . 2012-12-23 10:47 -------- d-----w- c:\program files\Team17
2012-12-17 12:57 . 2012-12-17 12:57 -------- d-----w- c:\documents and settings\Jozifek\Data aplikací\Quake3
2012-12-17 12:49 . 2012-12-17 12:53 -------- d-----w- c:\program files\ioQuake3&TA
2012-12-17 06:56 . 2012-12-17 07:04 -------- d-----w- c:\program files\Outlook Attachment Sniffer
2012-12-17 06:31 . 2012-12-23 11:12 -------- d-----w- c:\documents and settings\Jozifek\Data aplikací\Atari
2012-12-17 06:20 . 2012-12-17 06:20 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2012-12-13 15:59 . 2012-12-13 15:59 16363960 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-26 09:03 . 2011-09-08 19:24 73728 ----a-w- c:\windows\ALCFDRTM.VER
2012-12-16 12:31 . 2011-01-25 08:09 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-12-13 16:00 . 2012-10-11 09:50 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-13 16:00 . 2011-07-30 19:41 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-13 11:56 . 2011-01-25 08:12 1875456 ----a-w- c:\windows\system32\win32k.sys
2012-11-07 23:38 . 2010-04-08 23:25 99080 ----a-w- c:\windows\system32\drivers\inspect.sys
2012-11-07 23:38 . 2010-04-08 23:25 32640 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2012-11-07 23:38 . 2010-04-08 23:25 497952 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2012-11-07 23:38 . 2010-04-08 23:25 18096 ----a-w- c:\windows\system32\drivers\cmderd.sys
2012-11-07 23:37 . 2011-12-24 19:18 34024 ----a-w- c:\windows\system32\cmdcsr.dll
2012-11-07 23:37 . 2010-04-08 23:26 301264 ----a-w- c:\windows\system32\guard32.dll
2012-11-02 02:03 . 2008-04-14 11:00 375296 ----a-w- c:\windows\system32\dpnet.dll
2012-11-01 12:11 . 2011-01-25 08:12 920064 ----a-w- c:\windows\system32\wininet.dll
2012-11-01 12:11 . 2011-01-25 08:10 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-11-01 12:11 . 2011-01-25 08:10 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-10-31 23:39 . 2011-01-25 08:10 385024 ----a-w- c:\windows\system32\html.iec
2012-10-23 13:20 . 2012-10-23 13:20 2 ----a-w- c:\windows\system32\TempWmicBatchFile.bat
2012-10-11 10:04 . 2012-10-11 10:05 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-10-11 10:04 . 2011-07-21 19:52 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-02 18:04 . 2008-04-14 11:00 58368 ----a-w- c:\windows\system32\synceng.dll
2012-12-01 19:17 . 2012-12-01 19:16 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2011-01-25 . 8F41FD1CC693054347C6FB7B0E618B07 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DWPersistentQueuedReporting"="c:\program files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE" [2011-07-27 434080]
"SoundMan"="SOUNDMAN.EXE" [2005-05-04 90112]
"AlcWzrd"="ALCWZRD.EXE" [2005-05-04 2805248]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-05-25 13895272]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-11-07 6756048]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-06-08 94208]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-06-08 77824]
"Persistence"="c:\windows\system32\igfxpers.exe" [2005-06-08 114688]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1387288]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-11-19 2254768]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"KB976002-v5"="advpack.dll" [2011-01-25 128512]
.
c:\documents and settings\Jozifek\Nabídka Start\Programy\Po spuštění\
runctf.lnk - c:\windows\system32\rundll32.exe [2008-4-14 33280]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2011-01-25 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2011-06-17 07:33 66328 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll
.
[HKLM\~\startupfolder\C:^Documents and Settings^Jozifek^Nabídka Start^Programy^Po spuštění^Logitech . Registrácia výrobku.lnk]
path=c:\documents and settings\Jozifek\Nabídka Start\Programy\Po spuštění\Logitech . Registrácia výrobku.lnk
backup=c:\windows\pss\Logitech . Registrácia výrobku.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-06-06 10:55 937920 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2010-08-20 11:03 33120 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-02-20 19:28 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2011-07-23 09:18 1242448 ----a-w- c:\program files\Steam\Steam.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Warcraft III\\gproxy.exe"=
"c:\\Program Files\\Warcraft III\\war3.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\EA GAMES\\Need for Speed Underground 2\\speed2.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
.
R1 DumpDrv;Crash Dump Driver; [x]
R3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files\Garena\safedrv.sys [x]
R3 utexnjq4;AVZ Kernel Driver;c:\windows\system32\Drivers\utexnjq4.sys [x]
S0 79696916;79696916;c:\windows\system32\DRIVERS\79696916.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [x]
S2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\Drivers\LBeepKE.sys [x]
S2 SVKP;SVKP;c:\windows\system32\SVKP.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-11 16:00]
.
2012-12-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-26 18:00]
.
2012-12-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-26 18:00]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 172.16.0.2 195.168.1.4 62.168.96.4
FF - ProfilePath - c:\documents and settings\Jozifek\Data aplikací\Mozilla\Firefox\Profiles\mm4b3bix.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - true
.
- - - - ORPHANS REMOVED - - - -
.
Notify-RailNotification - (no file)
SafeBoot-Wdf01000.sys
SafeBoot-SolutoService
AddRemove-{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2487367 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2656351 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2539636 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2572078 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2604121 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2633870 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656351 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656368 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656368v2 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656405 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2686827 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2729449 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2737019 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-12-29 18:35
Windows 5.1.2600 Service Pack 3 NTFS
.
detected NTDLL code modification:
ZwClose
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG15.00.00.01PROFESSIONAL"="BEBCF59BB709084079D10696E33918D1882E3FAC4E1353F86FD8E7FD461ECA953E79F1ED5CE783022F8DDC1126C6BA418EB1E024C9AB77456EF5E696E277F13E3644DA2B317247FDF4D9C39897477DE98FC7B24CEE8D5801B211FEAFA5F07D6822485488B0D8E993CB5108DA4AA6B474B39D516C840BA63B2985BA4A295D1AAED333F3616A0C34088994702E611CE56DF3E0CE7463B8446A9036950B9BCFA68DEFB5C7330141A3015743B488179BCC44A2472E73F8ED49E87D85043D3EA33A6AEF064B232DFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A6171C11EC38DE3DA2D97226D213B5555D575E7D6A3B9808A63F1394DF80F890D56E1C669C431C023DC1DAF8840F87B2252547B7CC5254B43BDE986BEDBDA21FF4F411BA8B92ADB9F963E80A683F7A02A29DBA9D71CA12FD0CE70796CE94CAD42EF3CAB910DA2745925F1C0A5E9E38E50CEDE12B42499E32892990A1002D93EDF2388355F85303D6199ED9EEA21135A032BDEA7C0F7D09C86726CA6C02A8C3B8F7C059D11725E02FE4C06683796F888AABE566012B8E03D01E182EA9D895C215B6C4CEC6BF7182A60E9570E42A85EE11D575C6FAEE135FEA6AE898E20CFBA07C6BA94A234DCAD0A8F3A205057E1349B2CE306701B599984CCAB94B72AB550E77188E95269CB6D3B4B82217A9444B9806F80B037D5E22CABE845B6D89C40F62248242DFE31032BC5C428080EB4ED786317C31B8B04EA3B69E9FD8052BEE0D163532C9BC470DABDD493AE17BB9F454DFF1C3818FABEA8542DEE86A812F40A3487174DE9F0C7D052EB48F98A6D591CF92977E0E6ED5A1A475826F81B440571D3932DC6CE442CD96C6EEF4B0855503CE34879F9CA269E0537D248841D2DFD3B850E63D134BCFF0AA695B5FE580A12CCAFB385EA85BF61DD52BEFCA8076E05A279710B1A873EC5C8177700A2BE2F9722DC438B661ADDECD6473A9934C1BEB140E3B4514B4E52789CC78BA71A5DCEDC2D79026E52891DA6E2D6F2483E2A4FB2E880FB089F30C5D76B3965859AD7FE4891E02B6F01464F100D05B49FC38D560D7A4089074573347A3D022FCC65143983BC8E0B11EEF668604E41917A973DABDC6E440B7FD828FEA18358BEF05538395CD1399F478B8BAC983F1AC9EF4F0BF8BB23D758A144E37A6DDE16B0DA02801BFBBACBB6F4FA26AC10974BF050F40F516D9998984E8C7A3AA80CE7C42ED79DC4A833A7B26B593634BA5DD1F036C2352FCFBD682B56F2EB3FA92E61E9302259F412854B0B004267392EB943BE545930FB25DC70ABCE278A972AA09D119363CB501300657BA53A8519BF3EEA910943B498146B26FD23ECC2C3C6208C0FC2A846DBC26D00F86831E933ED93CA1F51CFA820384D0A2C1C488C5"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(856)
c:\windows\system32\guard32.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
.
- - - - - - - > 'lsass.exe'(912)
c:\windows\system32\MPR.dll
c:\windows\system32\guard32.dll
.
- - - - - - - > 'csrss.exe'(828)
c:\windows\system32\cmdcsr.dll
.
Completion time: 2012-12-29 18:38:08
ComboFix-quarantined-files.txt 2012-12-29 17:38
.
Pre-Run: Volných bajtů: 60 066 713 600
Post-Run: Volných bajtů: 60 502 507 520
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - B6CCBB84E3A519AABE1D5D4AE978DEA7

#8 Příspěvek od **Rudy** » 29 pro 2012 19:30

Ještě dočistíme. Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Collect::
c:\windows\system32\drivers\79696916.sys

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Driver::
79696916

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

Skaler.x. · #9 Příspěvek od **Skaler.x.** » 29 pro 2012 20:06

Hotovo:

ComboFix 12-12-29.02 - Jozifek . 12. 2012 19:39:49.2.1 - x86
Running from: c:\documents and settings\Jozifek\Plocha\ComboFix.exe
Command switches used :: c:\documents and settings\Jozifek\Plocha\CFScript.txt
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
file zipped: c:\windows\system32\drivers\79696916.sys
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\drivers\79696916.sys
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_79696916
-------\Service_79696916
.
.
((((((((((((((((((((((((( Files Created from 2012-11-28 to 2012-12-29 )))))))))))))))))))))))))))))))
.
.
2012-12-29 11:47 . 2012-12-29 14:19 -------- d-----w- c:\program files\trend micro
2012-12-29 11:46 . 2012-12-29 14:21 -------- d-----w- C:\rsit
2012-12-28 21:56 . 2012-12-28 21:56 7168 ----a-w- c:\windows\system32\drivers\utexnjq4.sys
2012-12-28 16:35 . 2012-12-28 18:04 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0
2012-12-28 14:13 . 2012-12-28 14:13 3003 ----a-w- c:\documents and settings\All Users\Data aplikací\dsgsdgdsgdsgw.js
2012-12-23 15:07 . 2007-03-05 06:32 201216 ----a-w- c:\windows\system32\mediarcpt.dll
2012-12-23 15:07 . 2012-12-23 15:33 -------- d-----w- c:\program files\Recepty doma
2012-12-18 14:57 . 2012-12-23 10:47 -------- d-----w- c:\program files\Team17
2012-12-17 12:57 . 2012-12-17 12:57 -------- d-----w- c:\documents and settings\Jozifek\Data aplikací\Quake3
2012-12-17 12:49 . 2012-12-17 12:53 -------- d-----w- c:\program files\ioQuake3&TA
2012-12-17 06:56 . 2012-12-17 07:04 -------- d-----w- c:\program files\Outlook Attachment Sniffer
2012-12-17 06:31 . 2012-12-23 11:12 -------- d-----w- c:\documents and settings\Jozifek\Data aplikací\Atari
2012-12-17 06:20 . 2012-12-17 06:20 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2012-12-13 15:59 . 2012-12-13 15:59 16363960 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-26 09:03 . 2011-09-08 19:24 73728 ----a-w- c:\windows\ALCFDRTM.VER
2012-12-16 12:31 . 2011-01-25 08:09 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-12-13 16:00 . 2012-10-11 09:50 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-13 16:00 . 2011-07-30 19:41 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-13 11:56 . 2011-01-25 08:12 1875456 ----a-w- c:\windows\system32\win32k.sys
2012-11-07 23:38 . 2010-04-08 23:25 99080 ----a-w- c:\windows\system32\drivers\inspect.sys
2012-11-07 23:38 . 2010-04-08 23:25 32640 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2012-11-07 23:38 . 2010-04-08 23:25 497952 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2012-11-07 23:38 . 2010-04-08 23:25 18096 ----a-w- c:\windows\system32\drivers\cmderd.sys
2012-11-07 23:37 . 2011-12-24 19:18 34024 ----a-w- c:\windows\system32\cmdcsr.dll
2012-11-07 23:37 . 2010-04-08 23:26 301264 ----a-w- c:\windows\system32\guard32.dll
2012-11-02 02:03 . 2008-04-14 11:00 375296 ----a-w- c:\windows\system32\dpnet.dll
2012-11-01 12:11 . 2011-01-25 08:12 920064 ----a-w- c:\windows\system32\wininet.dll
2012-11-01 12:11 . 2011-01-25 08:10 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-11-01 12:11 . 2011-01-25 08:10 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-10-31 23:39 . 2011-01-25 08:10 385024 ----a-w- c:\windows\system32\html.iec
2012-10-23 13:20 . 2012-10-23 13:20 2 ----a-w- c:\windows\system32\TempWmicBatchFile.bat
2012-10-11 10:04 . 2012-10-11 10:05 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-10-11 10:04 . 2011-07-21 19:52 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-02 18:04 . 2008-04-14 11:00 58368 ----a-w- c:\windows\system32\synceng.dll
2012-12-01 19:17 . 2012-12-01 19:16 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2011-01-25 . 8F41FD1CC693054347C6FB7B0E618B07 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DWPersistentQueuedReporting"="c:\program files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE" [2011-07-27 434080]
"SoundMan"="SOUNDMAN.EXE" [2005-05-04 90112]
"AlcWzrd"="ALCWZRD.EXE" [2005-05-04 2805248]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-05-25 13895272]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-11-07 6756048]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-06-08 94208]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-06-08 77824]
"Persistence"="c:\windows\system32\igfxpers.exe" [2005-06-08 114688]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1387288]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-11-19 2254768]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"KB976002-v5"="advpack.dll" [2011-01-25 128512]
.
c:\documents and settings\Jozifek\Nabídka Start\Programy\Po spuštění\
runctf.lnk - c:\windows\system32\rundll32.exe [2008-4-14 33280]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2011-01-25 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2011-06-17 07:33 66328 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll
.
[HKLM\~\startupfolder\C:^Documents and Settings^Jozifek^Nabídka Start^Programy^Po spuštění^Logitech . Registrácia výrobku.lnk]
path=c:\documents and settings\Jozifek\Nabídka Start\Programy\Po spuštění\Logitech . Registrácia výrobku.lnk
backup=c:\windows\pss\Logitech . Registrácia výrobku.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-06-06 10:55 937920 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2010-08-20 11:03 33120 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-02-20 19:28 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2011-07-23 09:18 1242448 ----a-w- c:\program files\Steam\Steam.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Warcraft III\\gproxy.exe"=
"c:\\Program Files\\Warcraft III\\war3.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\EA GAMES\\Need for Speed Underground 2\\speed2.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
.
R1 DumpDrv;Crash Dump Driver; [x]
R3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files\Garena\safedrv.sys [x]
R3 utexnjq4;AVZ Kernel Driver;c:\windows\system32\Drivers\utexnjq4.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [x]
S2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\Drivers\LBeepKE.sys [x]
S2 SVKP;SVKP;c:\windows\system32\SVKP.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-11 16:00]
.
2012-12-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-26 18:00]
.
2012-12-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-26 18:00]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 172.16.0.2 195.168.1.4 62.168.96.4
FF - ProfilePath - c:\documents and settings\Jozifek\Data aplikací\Mozilla\Firefox\Profiles\mm4b3bix.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - true
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-12-29 19:48
Windows 5.1.2600 Service Pack 3 NTFS
.
detected NTDLL code modification:
ZwClose
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG15.00.00.01PROFESSIONAL"="BEBCF59BB709084079D10696E33918D1882E3FAC4E1353F86FD8E7FD461ECA953E79F1ED5CE783022F8DDC1126C6BA418EB1E024C9AB77456EF5E696E277F13E3644DA2B317247FDF4D9C39897477DE98FC7B24CEE8D5801B211FEAFA5F07D6822485488B0D8E993CB5108DA4AA6B474B39D516C840BA63B2985BA4A295D1AAED333F3616A0C34088994702E611CE56DF3E0CE7463B8446A9036950B9BCFA68DEFB5C7330141A3015743B488179BCC44A2472E73F8ED49E87D85043D3EA33A6AEF064B232DFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A6171C11EC38DE3DA2D97226D213B5555D575E7D6A3B9808A63F1394DF80F890D56E1C669C431C023DC1DAF8840F87B2252547B7CC5254B43BDE986BEDBDA21FF4F411BA8B92ADB9F963E80A683F7A02A29DBA9D71CA12FD0CE70796CE94CAD42EF3CAB910DA2745925F1C0A5E9E38E50CEDE12B42499E32892990A1002D93EDF2388355F85303D6199ED9EEA21135A032BDEA7C0F7D09C86726CA6C02A8C3B8F7C059D11725E02FE4C06683796F888AABE566012B8E03D01E182EA9D895C215B6C4CEC6BF7182A60E9570E42A85EE11D575C6FAEE135FEA6AE898E20CFBA07C6BA94A234DCAD0A8F3A205057E1349B2CE306701B599984CCAB94B72AB550E77188E95269CB6D3B4B82217A9444B9806F80B037D5E22CABE845B6D89C40F62248242DFE31032BC5C428080EB4ED786317C31B8B04EA3B69E9FD8052BEE0D163532C9BC470DABDD493AE17BB9F454DFF1C3818FABEA8542DEE86A812F40A3487174DE9F0C7D052EB48F98A6D591CF92977E0E6ED5A1A475826F81B440571D3932DC6CE442CD96C6EEF4B0855503CE34879F9CA269E0537D248841D2DFD3B850E63D134BCFF0AA695B5FE580A12CCAFB385EA85BF61DD52BEFCA8076E05A279710B1A873EC5C8177700A2BE2F9722DC438B661ADDECD6473A9934C1BEB140E3B4514B4E52789CC78BA71A5DCEDC2D79026E52891DA6E2D6F2483E2A4FB2E880FB089F30C5D76B3965859AD7FE4891E02B6F01464F100D05B49FC38D560D7A4089074573347A3D022FCC65143983BC8E0B11EEF668604E41917A973DABDC6E440B7FD828FEA18358BEF05538395CD1399F478B8BAC983F1AC9EF4F0BF8BB23D758A144E37A6DDE16B0DA02801BFBBACBB6F4FA26AC10974BF050F40F516D9998984E8C7A3AA80CE7C42ED79DC4A833A7B26B593634BA5DD1F036C2352FCFBD682B56F2EB3FA92E61E9302259F412854B0B004267392EB943BE545930FB25DC70ABCE278A972AA09D119363CB501300657BA53A8519BF3EEA910943B498146B26FD23ECC2C3C6208C0FC2A846DBC26D00F86831E933ED93CA1F51CFA820384D0A2C1C488C5"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(860)
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
.
- - - - - - - > 'lsass.exe'(916)
c:\windows\system32\MPR.dll
c:\windows\system32\guard32.dll
.
- - - - - - - > 'explorer.exe'(2464)
c:\windows\system32\guard32.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
- - - - - - - > 'csrss.exe'(832)
c:\windows\system32\cmdcsr.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\WgaTray.exe
c:\windows\SOUNDMAN.EXE
c:\windows\ALCWZRD.EXE
c:\program files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\SearchProtocolHost.exe
c:\windows\system32\SearchFilterHost.exe
.
**************************************************************************
.
Completion time: 2012-12-29 19:50:56 - machine was rebooted
ComboFix-quarantined-files.txt 2012-12-29 18:50
ComboFix2.txt 2012-12-29 17:38
.
Pre-Run: Volných bajtů: 60 506 451 968
Post-Run: Volných bajtů: 60 399 276 032
.
- - End Of File - - A6DE6A7FAE435256EE4043CCA9DF473D
Upload was successful

#10 Příspěvek od **Rudy** » 29 pro 2012 20:25

Log již vypadá čistý. Nastala nějaká změna?

Skaler.x. · #11 Příspěvek od **Skaler.x.** » 29 pro 2012 20:32

Bohuzial nie , vsetky spomenute problemy nadalej pretrvavaju :/

Skaler.x. · #12 Příspěvek od **Skaler.x.** » 29 pro 2012 21:24

OTL.txt :

OTL logfile created on: 29. 12. 2012 20:50:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Jozifek\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

1,49 Gb Total Physical Memory | 0,81 Gb Available Physical Memory | 54,43% Memory free
3,59 Gb Paging File | 2,94 Gb Available in Paging File | 81,72% Paging File free
Paging file location(s): D:\pagefile.sys 2302 2302 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 56,31 Gb Free Space | 37,78% Space Free | Partition Type: NTFS
Drive D: | 298,09 Gb Total Space | 0,67 Gb Free Space | 0,23% Space Free | Partition Type: NTFS
Drive J: | 644,70 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive L: | 487,19 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive M: | 422,63 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: EMIL | User Name: Jozifek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.12.29 20:46:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jozifek\Plocha\OTL.exe
PRC - [2012.12.01 20:17:17 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.11.19 21:48:16 | 002,254,768 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2012.11.19 21:48:14 | 001,435,568 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2012.11.08 00:37:37 | 001,990,464 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2012.11.08 00:37:12 | 002,726,608 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfpupdat.exe
PRC - [2012.11.08 00:37:12 | 000,719,056 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\crashrep.exe
PRC - [2012.11.08 00:37:11 | 006,756,048 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2012.09.24 22:12:59 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012.04.17 16:19:40 | 003,671,872 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2011.10.07 10:40:42 | 001,387,288 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
PRC - [2011.09.27 20:05:24 | 000,149,784 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
PRC - [2011.05.25 07:09:21 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.01.25 09:10:07 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005.05.04 18:01:36 | 002,805,248 | R--- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
PRC - [2005.05.04 02:43:50 | 000,090,112 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE

========== Modules (All) ==========

MOD - [2012.12.29 20:46:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jozifek\Plocha\OTL.exe
MOD - [2012.12.01 20:17:18 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
MOD - [2012.12.01 20:17:17 | 004,220,896 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\gkmedias.dll
MOD - [2012.12.01 20:17:17 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
MOD - [2012.12.01 20:17:17 | 000,258,528 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\freebl3.dll
MOD - [2012.12.01 20:17:16 | 002,397,152 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.12.01 20:17:16 | 000,810,976 | ---- | M] (sqlite.org) -- C:\Program Files\Mozilla Firefox\mozsqlite3.dll
MOD - [2012.12.01 20:17:16 | 000,124,896 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozglue.dll
MOD - [2012.12.01 20:17:16 | 000,015,840 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozalloc.dll
MOD - [2012.12.01 20:17:15 | 000,638,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nss3.dll
MOD - [2012.12.01 20:17:15 | 000,370,656 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssckbi.dll
MOD - [2012.12.01 20:17:15 | 000,172,000 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nspr4.dll
MOD - [2012.12.01 20:17:15 | 000,096,224 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssdbm3.dll
MOD - [2012.12.01 20:17:15 | 000,092,640 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssutil3.dll
MOD - [2012.12.01 20:17:14 | 000,155,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\softokn3.dll
MOD - [2012.12.01 20:17:14 | 000,091,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\smime3.dll
MOD - [2012.12.01 20:17:14 | 000,021,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plc4.dll
MOD - [2012.12.01 20:17:14 | 000,020,960 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plds4.dll
MOD - [2012.12.01 20:17:13 | 000,145,376 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\ssl3.dll
MOD - [2012.12.01 20:17:12 | 015,112,160 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xul.dll
MOD - [2012.12.01 20:17:12 | 000,019,424 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xpcom.dll
MOD - [2012.11.19 21:48:16 | 002,254,768 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
MOD - [2012.11.19 21:48:14 | 001,435,568 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
MOD - [2012.11.08 00:37:37 | 001,990,464 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
MOD - [2012.11.08 00:37:34 | 000,301,264 | ---- | M] (COMODO) -- C:\WINDOWS\system32\guard32.dll
MOD - [2012.11.08 00:37:21 | 000,498,384 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\themes\default.theme
MOD - [2012.11.08 00:37:18 | 002,805,456 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdhtml.dll
MOD - [2012.11.08 00:37:12 | 002,726,608 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfpupdat.exe
MOD - [2012.11.08 00:37:12 | 000,719,056 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\crashrep.exe
MOD - [2012.11.08 00:37:11 | 006,756,048 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
MOD - [2012.11.01 13:11:09 | 011,113,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ieframe.dll
MOD - [2012.11.01 13:11:09 | 002,001,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iertutil.dll
MOD - [2012.11.01 13:11:09 | 001,214,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll
MOD - [2012.11.01 13:11:09 | 000,920,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll
MOD - [2012.11.01 13:11:09 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msfeeds.dll
MOD - [2012.10.11 11:04:29 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Java\jre7\bin\msvcr100.dll
MOD - [2012.10.05 01:33:29 | 001,317,072 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\scanners\unpack.cav
MOD - [2012.10.05 01:33:29 | 000,061,648 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\scanners\white.cav
MOD - [2012.10.05 01:33:28 | 000,659,152 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\scanners\unarch.cav
MOD - [2012.10.05 01:33:28 | 000,653,520 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\scanners\scrtemu.cav
MOD - [2012.10.05 01:33:28 | 000,070,352 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
MOD - [2012.10.05 01:33:27 | 000,288,976 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\scanners\script.cav
MOD - [2012.10.05 01:33:27 | 000,216,272 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\scanners\pe.cav
MOD - [2012.10.05 01:33:27 | 000,082,128 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\scanners\pe32.cav
MOD - [2012.10.05 01:33:26 | 000,128,720 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\scanners\gunpack.cav
MOD - [2012.10.05 01:33:26 | 000,119,504 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\scanners\heur.cav
MOD - [2012.10.05 01:33:26 | 000,111,312 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\scanners\mem.cav
MOD - [2012.10.05 01:33:25 | 000,321,744 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\scanners\dunpack.cav
MOD - [2012.10.05 01:33:25 | 000,208,080 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\scanners\fileid.cav
MOD - [2012.10.05 01:33:25 | 000,194,768 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\scanners\extra.cav
MOD - [2012.10.05 01:33:24 | 000,212,688 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\scanners\common.cav
MOD - [2012.10.05 01:33:24 | 000,080,080 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\scanners\dosmz.cav
MOD - [2012.10.05 01:33:21 | 000,861,392 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\signmgr.dll
MOD - [2012.10.05 01:33:20 | 000,287,440 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\scanners\rkdntfs.dll
MOD - [2012.10.05 01:33:20 | 000,144,592 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\scanners\rkdscan.dll
MOD - [2012.10.05 01:33:19 | 000,211,664 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\platform.dll
MOD - [2012.10.05 01:33:19 | 000,059,600 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\scanners\rkdhive.dll
MOD - [2012.10.05 01:33:19 | 000,020,176 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\scanners\rkdenum.dll
MOD - [2012.10.05 01:33:18 | 001,682,128 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\scanners\mach32.dll
MOD - [2012.10.05 01:33:18 | 000,356,560 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\scanners\pkann.dll
MOD - [2012.10.05 01:33:17 | 000,172,752 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\framework.dll
MOD - [2012.10.03 05:57:28 | 000,990,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2012.09.24 22:12:59 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
MOD - [2012.08.28 16:01:58 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
MOD - [2012.08.24 14:53:00 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll
MOD - [2012.08.14 16:08:26 | 003,018,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\OLMAPI32.DLL
MOD - [2012.07.06 14:58:15 | 000,339,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll
MOD - [2012.07.06 14:58:15 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browser.dll
MOD - [2012.07.03 08:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
MOD - [2012.06.26 02:35:58 | 001,375,288 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll
MOD - [2012.06.11 22:33:20 | 017,323,640 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSO.DLL
MOD - [2012.06.08 15:24:24 | 008,467,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2012.06.06 19:24:58 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\msvcr100.dll
MOD - [2012.06.06 19:24:58 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\msvcp100.dll
MOD - [2012.06.05 16:48:30 | 001,172,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msxml3.dll
MOD - [2012.06.04 05:31:49 | 000,153,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schannel.dll
MOD - [2012.06.02 14:19:34 | 000,045,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wups2.dll
MOD - [2012.06.02 14:19:18 | 001,933,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuaueng.dll
MOD - [2012.06.01 17:49:19 | 000,604,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll
MOD - [2012.05.14 10:21:40 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\localspl.dll
MOD - [2012.04.17 16:19:40 | 003,671,872 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
MOD - [2012.04.17 16:19:08 | 004,860,736 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTCommonRes.dll
MOD - [2012.04.17 16:18:40 | 003,725,120 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\Engine.dll
MOD - [2012.04.06 11:22:56 | 000,382,784 | ---- | M] (DT Soft Ltd.) -- C:\Program Files\DAEMON Tools Lite\imgengine.dll
MOD - [2012.02.29 15:08:55 | 000,148,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll
MOD - [2012.02.09 16:43:28 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
MOD - [2011.11.16 15:20:56 | 000,354,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winhttp.dll
MOD - [2011.11.01 17:05:36 | 001,288,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2011.10.14 15:47:24 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll
MOD - [2011.10.07 10:41:16 | 000,879,896 | ---- | M] () -- C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
MOD - [2011.10.07 10:41:16 | 000,207,640 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\Macros\MacroMedia.dll
MOD - [2011.10.07 10:41:16 | 000,173,336 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\Macros\MacroEmail.dll
MOD - [2011.10.07 10:41:06 | 000,134,936 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\Macros\MacroAppSwitch.dll
MOD - [2011.10.07 10:40:54 | 000,032,024 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\WebBrowserSupport.dll
MOD - [2011.10.07 10:40:54 | 000,031,000 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPointCOM.dll
MOD - [2011.10.07 10:40:42 | 001,387,288 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
MOD - [2011.10.07 10:40:20 | 000,107,800 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\LCabHandler.dll
MOD - [2011.10.07 10:40:08 | 000,039,704 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\khalwrapper.dll
MOD - [2011.10.07 10:39:58 | 000,122,648 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\KemUtil.dll
MOD - [2011.10.07 10:39:58 | 000,105,752 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\KemWnd.dll
MOD - [2011.10.07 10:39:58 | 000,070,936 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\KemXML.dll
MOD - [2011.10.07 10:39:58 | 000,064,280 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\KGame.dll
MOD - [2011.10.07 10:39:46 | 000,135,448 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\kemutb.dll
MOD - [2011.10.07 10:39:46 | 000,024,856 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\KemMon.dll
MOD - [2011.09.27 20:05:48 | 000,293,144 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL3\KHALUSB.dll
MOD - [2011.09.27 20:05:36 | 000,296,728 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL3\KHALMOU.dll
MOD - [2011.09.27 20:05:36 | 000,272,152 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL3\KHALMW.dll
MOD - [2011.09.27 20:05:24 | 000,729,368 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL3\KHALHPP.dll
MOD - [2011.09.27 20:05:24 | 000,268,056 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL3\KHALITCH.dll
MOD - [2011.09.27 20:05:24 | 000,149,784 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
MOD - [2011.09.27 20:05:14 | 000,501,528 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL3\KHALAPI.dll
MOD - [2011.09.27 20:05:14 | 000,347,416 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL3\KHALHID.dll
MOD - [2011.09.27 20:03:22 | 000,134,936 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.dll
MOD - [2011.09.26 10:41:20 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleacc.dll
MOD - [2011.09.05 18:04:56 | 000,394,136 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll
MOD - [2011.06.17 08:33:50 | 000,066,328 | ---- | M] (Logitech, Inc.) -- c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
MOD - [2011.05.28 21:04:56 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2011.05.14 00:17:40 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
MOD - [2011.04.18 21:51:18 | 003,781,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90u.dll
MOD - [2011.04.18 21:51:18 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
MOD - [2011.04.18 21:51:18 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
MOD - [2011.04.18 21:51:14 | 000,159,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_92453bb7\atl90.dll
MOD - [2011.03.03 07:53:40 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll
MOD - [2011.02.08 14:32:34 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42u.dll
MOD - [2011.01.25 09:27:11 | 000,483,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsvc.dll
MOD - [2011.01.25 09:27:11 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsapi.dll
MOD - [2011.01.25 09:27:11 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cnbjmon.dll
MOD - [2011.01.25 09:27:11 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll
MOD - [2011.01.25 09:27:11 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pjlmon.dll
MOD - [2011.01.25 09:18:06 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wpdshserviceobj.dll
MOD - [2011.01.25 09:17:45 | 000,239,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WgaLogon.dll
MOD - [2011.01.25 09:17:40 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\UncPH.dll
MOD - [2011.01.25 09:17:39 | 001,589,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tquery.dll
MOD - [2011.01.25 09:17:39 | 000,225,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cs-cz\tquery.dll.mui
MOD - [2011.01.25 09:17:11 | 000,439,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\searchindexer.exe
MOD - [2011.01.25 09:17:11 | 000,184,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\searchprotocolhost.exe
MOD - [2011.01.25 09:16:50 | 000,754,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\propsys.dll
MOD - [2011.01.25 09:16:48 | 000,166,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\portabledevicetypes.dll
MOD - [2011.01.25 09:16:47 | 000,254,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\portabledeviceapi.dll
MOD - [2011.01.25 09:16:44 | 000,273,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oeph.dll
MOD - [2011.01.25 09:16:44 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\normaliz.dll
MOD - [2011.01.25 09:16:38 | 001,418,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mssrch.dll
MOD - [2011.01.25 09:16:37 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mssph.dll
MOD - [2011.01.25 09:16:37 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mssprxy.dll
MOD - [2011.01.25 09:16:36 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll
MOD - [2011.01.25 09:16:36 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscntrs.dll
MOD - [2011.01.25 09:16:36 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscb.dll
MOD - [2011.01.25 09:16:36 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msshooks.dll
MOD - [2011.01.25 09:15:06 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
MOD - [2011.01.25 09:13:17 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xmllite.dll
MOD - [2011.01.25 09:13:16 | 000,022,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauserv.dll
MOD - [2011.01.25 09:12:40 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2011.01.25 09:12:40 | 000,134,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wkssvc.dll
MOD - [2011.01.25 09:12:39 | 000,509,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
MOD - [2011.01.25 09:12:36 | 000,104,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32spl.dll
MOD - [2011.01.25 09:12:33 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\webcheck.dll
MOD - [2011.01.25 09:12:32 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\w32time.dll
MOD - [2011.01.25 09:12:32 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdigest.dll
MOD - [2011.01.25 09:12:30 | 000,406,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usp10.dll
MOD - [2011.01.25 09:12:29 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2011.01.25 09:12:26 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\unimdm.tsp
MOD - [2011.01.25 09:12:26 | 000,124,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umpnpmgr.dll
MOD - [2011.01.25 09:12:24 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\termsrv.dll
MOD - [2011.01.25 09:12:23 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapisrv.dll
MOD - [2011.01.25 09:12:23 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpmon.dll
MOD - [2011.01.25 09:12:22 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\t2embed.dll
MOD - [2011.01.25 09:12:18 | 000,713,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sxs.dll
MOD - [2011.01.25 09:12:17 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
MOD - [2011.01.25 09:12:16 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srvsvc.dll
MOD - [2011.01.25 09:12:15 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
MOD - [2011.01.25 09:12:14 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2011.01.25 09:12:14 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shsvcs.dll
MOD - [2011.01.25 09:12:13 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll
MOD - [2011.01.25 09:12:01 | 000,991,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2011.01.25 09:12:00 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
MOD - [2011.01.25 09:12:00 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2011.01.25 09:11:59 | 000,401,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcss.dll
MOD - [2011.01.25 09:11:58 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2011.01.25 09:11:57 | 000,433,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\riched20.dll
MOD - [2011.01.25 09:11:56 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastls.dll
MOD - [2011.01.25 09:11:56 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\raschap.dll
MOD - [2011.01.25 09:11:55 | 001,437,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\query.dll
MOD - [2011.01.25 09:11:55 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasapi32.dll
MOD - [2011.01.25 09:11:50 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psbase.dll
MOD - [2011.01.25 09:11:49 | 000,284,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pdh.dll
MOD - [2011.01.25 09:11:46 | 000,253,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbc32.dll
MOD - [2011.01.25 09:11:46 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcbcp.dll
MOD - [2011.01.25 09:11:45 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oakley.dll
MOD - [2011.01.25 09:11:39 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll
MOD - [2011.01.25 09:11:37 | 000,407,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netlogon.dll
MOD - [2011.01.25 09:11:35 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mtxclu.dll
MOD - [2011.01.25 09:11:32 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mswsock.dll
MOD - [2011.01.25 09:11:29 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2011.01.25 09:11:27 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msv1_0.dll
MOD - [2011.01.25 09:11:19 | 004,446,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msi.dll
MOD - [2011.01.25 09:11:05 | 000,997,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msgina.dll
MOD - [2011.01.25 09:11:03 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcuiu.dll
MOD - [2011.01.25 09:11:02 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcprx.dll
MOD - [2011.01.25 09:11:01 | 000,299,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2011.01.25 09:11:01 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME
MOD - [2011.01.25 09:11:01 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscms.dll
MOD - [2011.01.25 09:11:00 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll
MOD - [2011.01.25 09:10:28 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetpp.dll
MOD - [2011.01.25 09:10:18 | 000,345,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hnetcfg.dll
MOD - [2011.01.25 09:10:15 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2011.01.25 09:10:14 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2011.01.25 09:10:08 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\fastprox.dll
MOD - [2011.01.25 09:10:07 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
MOD - [2011.01.25 09:10:06 | 000,253,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\es.dll
MOD - [2011.01.25 09:10:04 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll
MOD - [2011.01.25 09:10:02 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dhcpcsvc.dll
MOD - [2011.01.25 09:10:02 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll
MOD - [2011.01.25 09:10:00 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscdll.dll
MOD - [2011.01.25 09:09:59 | 000,617,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comctl32.dll
MOD - [2011.01.25 09:09:55 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\avifil32.dll
MOD - [2011.01.25 09:09:54 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\atl.dll
MOD - [2011.01.25 09:09:51 | 000,684,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2011.01.25 09:08:35 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010.12.22 13:32:18 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kerberos.dll
MOD - [2010.12.20 18:32:06 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2010.12.20 18:24:15 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsasrv.dll
MOD - [2010.12.09 16:15:49 | 000,713,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2010.04.09 00:26:40 | 000,075,152 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\scanners\unsfx.cav
MOD - [2010.03.18 15:47:22 | 000,030,040 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Aspnet_perf.dll
MOD - [2010.03.18 15:47:22 | 000,017,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\aspnet_counters.dll
MOD - [2010.03.18 12:16:28 | 000,771,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr100_clr0400.dll
MOD - [2010.03.18 12:16:28 | 000,413,008 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MOD - [2010.03.18 12:16:28 | 000,129,880 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll
MOD - [2010.03.18 12:16:28 | 000,121,688 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll
MOD - [2010.03.18 09:09:00 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscoree.dll
MOD - [2010.03.18 09:09:00 | 000,049,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netfxperf.dll
MOD - [2008.07.25 14:16:40 | 000,033,800 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
MOD - [2008.04.14 12:00:00 | 002,927,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll
MOD - [2008.04.14 12:00:00 | 001,852,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcGenral.dll
MOD - [2008.04.14 12:00:00 | 001,703,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netshell.dll
MOD - [2008.04.14 12:00:00 | 001,499,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll
MOD - [2008.04.14 12:00:00 | 001,083,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\esent.dll
MOD - [2008.04.14 12:00:00 | 001,025,024 | ---- | M] (Společnost Microsoft) -- C:\WINDOWS\system32\browseui.dll
MOD - [2008.04.14 12:00:00 | 000,806,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008.04.14 12:00:00 | 000,729,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008.04.14 12:00:00 | 000,662,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasdlg.dll
MOD - [2008.04.14 12:00:00 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dbghelp.dll
MOD - [2008.04.14 12:00:00 | 000,625,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netcfgx.dll
MOD - [2008.04.14 12:00:00 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll
MOD - [2008.04.14 12:00:00 | 000,515,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll
MOD - [2008.04.14 12:00:00 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008.04.14 12:00:00 | 000,423,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samsrv.dll
MOD - [2008.04.14 12:00:00 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2008.04.14 12:00:00 | 000,385,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\themeui.dll
MOD - [2008.04.14 12:00:00 | 000,367,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dsound.dll
MOD - [2008.04.14 12:00:00 | 000,338,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\zipfldr.dll
MOD - [2008.04.14 12:00:00 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscui.dll
MOD - [2008.04.14 12:00:00 | 000,322,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scesrv.dll
MOD - [2008.04.14 12:00:00 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\duser.dll
MOD - [2008.04.14 12:00:00 | 000,279,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008.04.14 12:00:00 | 000,265,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\h323.tsp
MOD - [2008.04.14 12:00:00 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll
MOD - [2008.04.14 12:00:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008.04.14 12:00:00 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcomn.dll
MOD - [2008.04.14 12:00:00 | 000,210,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasppp.dll
MOD - [2008.04.14 12:00:00 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll
MOD - [2008.04.14 12:00:00 | 000,198,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netman.dll
MOD - [2008.04.14 12:00:00 | 000,196,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\certcli.dll
MOD - [2008.04.14 12:00:00 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msutb.dll
MOD - [2008.04.14 12:00:00 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\activeds.dll
MOD - [2008.04.14 12:00:00 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schedsvc.dll
MOD - [2008.04.14 12:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasmans.dll
MOD - [2008.04.14 12:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
MOD - [2008.04.14 12:00:00 | 000,183,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipsecsvc.dll
MOD - [2008.04.14 12:00:00 | 000,181,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapi32.dll
MOD - [2008.04.14 12:00:00 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srsvc.dll
MOD - [2008.04.14 12:00:00 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\credui.dll
MOD - [2008.04.14 12:00:00 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shmedia.dll
MOD - [2008.04.14 12:00:00 | 000,146,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008.04.14 12:00:00 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\onex.dll
MOD - [2008.04.14 12:00:00 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntshrui.dll
MOD - [2008.04.14 12:00:00 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\adsldpc.dll
MOD - [2008.04.14 12:00:00 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc_os.dll
MOD - [2008.04.14 12:00:00 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dssenh.dll
MOD - [2008.04.14 12:00:00 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\upnp.dll
MOD - [2008.04.14 12:00:00 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappcfg.dll
MOD - [2008.04.14 12:00:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
MOD - [2008.04.14 12:00:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2008.04.14 12:00:00 | 000,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oledlg.dll
MOD - [2008.04.14 12:00:00 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\stobject.dll
MOD - [2008.04.14 12:00:00 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvfw32.dll
MOD - [2008.04.14 12:00:00 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2008.04.14 12:00:00 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstlsapi.dll
MOD - [2008.04.14 12:00:00 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mapi32.dll
MOD - [2008.04.14 12:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008.04.14 12:00:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008.04.14 12:00:00 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winscard.dll
MOD - [2008.04.14 12:00:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\actxprxy.dll
MOD - [2008.04.14 12:00:00 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\loadperf.dll
MOD - [2008.04.14 12:00:00 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll
MOD - [2008.04.14 12:00:00 | 000,094,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcint.dll
MOD - [2008.04.14 12:00:00 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wlnotify.dll
MOD - [2008.04.14 12:00:00 | 000,090,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mydocs.dll
MOD - [2008.04.14 12:00:00 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\trkwks.dll
MOD - [2008.04.14 12:00:00 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiaprpl.dll
MOD - [2008.04.14 12:00:00 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mprapi.dll
MOD - [2008.04.14 12:00:00 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008.04.14 12:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll
MOD - [2008.04.14 12:00:00 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll
MOD - [2008.04.14 12:00:00 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qutil.dll
MOD - [2008.04.14 12:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolss.dll
MOD - [2008.04.14 12:00:00 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll
MOD - [2008.04.14 12:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008.04.14 12:00:00 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browselc.dll
MOD - [2008.04.14 12:00:00 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2008.04.14 12:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptsvc.dll
MOD - [2008.04.14 12:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\authz.dll
MOD - [2008.04.14 12:00:00 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasqec.dll
MOD - [2008.04.14 12:00:00 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasman.dll
MOD - [2008.04.14 12:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cabinet.dll
MOD - [2008.04.14 12:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll
MOD - [2008.04.14 12:00:00 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\resutils.dll
MOD - [2008.04.14 12:00:00 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastapi.dll
MOD - [2008.04.14 12:00:00 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clusapi.dll
MOD - [2008.04.14 12:00:00 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ndptsp.tsp
MOD - [2008.04.14 12:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll
MOD - [2008.04.14 12:00:00 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2008.04.14 12:00:00 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll
MOD - [2008.04.14 12:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
MOD - [2008.04.14 12:00:00 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\regapi.dll
MOD - [2008.04.14 12:00:00 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msprivs.dll
MOD - [2008.04.14 12:00:00 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rtutils.dll
MOD - [2008.04.14 12:00:00 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll
MOD - [2008.04.14 12:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\audiosrv.dll
MOD - [2008.04.14 12:00:00 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappprxy.dll
MOD - [2008.04.14 12:00:00 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfctrs.dll
MOD - [2008.04.14 12:00:00 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sens.dll
MOD - [2008.04.14 12:00:00 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcAdProc.dll
MOD - [2008.04.14 12:00:00 | 000,038,400 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
MOD - [2008.04.14 12:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ncobjapi.dll
MOD - [2008.04.14 12:00:00 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ssdpapi.dll
MOD - [2008.04.14 12:00:00 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfproc.dll
MOD - [2008.04.14 12:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pstorsvc.dll
MOD - [2008.04.14 12:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kmddsp.tsp
MOD - [2008.04.14 12:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptdll.dll
MOD - [2008.04.14 12:00:00 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winipsec.dll
MOD - [2008.04.14 12:00:00 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\traffic.dll
MOD - [2008.04.14 12:00:00 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eapolqec.dll
MOD - [2008.04.14 12:00:00 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidphone.tsp
MOD - [2008.04.14 12:00:00 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mspatcha.dll
MOD - [2008.04.14 12:00:00 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\batmeter.dll
MOD - [2008.04.14 12:00:00 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\profmap.dll
MOD - [2008.04.14 12:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfdisk.dll
MOD - [2008.04.14 12:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\utildll.dll
MOD - [2008.04.14 12:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3api.dll
MOD - [2008.04.14 12:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfos.dll
MOD - [2008.04.14 12:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
MOD - [2008.04.14 12:00:00 | 000,024,064 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\system32\dmserver.dll
MOD - [2008.04.14 12:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008.04.14 12:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ersvc.dll
MOD - [2008.04.14 12:00:00 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\feclient.dll
MOD - [2008.04.14 12:00:00 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.drv
MOD - [2008.04.14 12:00:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll
MOD - [2008.04.14 12:00:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll
MOD - [2008.04.14 12:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wshtcpip.dll
MOD - [2008.04.14 12:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dimsntfy.dll
MOD - [2008.04.14 12:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemprox.dll
MOD - [2008.04.14 12:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008.04.14 12:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\seclogon.dll
MOD - [2008.04.14 12:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\midimap.dll
MOD - [2008.04.14 12:00:00 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2008.04.14 12:00:00 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\nddeapi.dll
MOD - [2008.04.14 12:00:00 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\powrprof.dll
MOD - [2008.04.14 12:00:00 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfnet.dll
MOD - [2008.04.14 12:00:00 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipconf.tsp
MOD - [2008.04.14 12:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winrnr.dll
MOD - [2008.04.14 12:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usbmon.dll
MOD - [2008.04.14 12:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\fltlib.dll
MOD - [2008.04.14 12:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cfgmgr32.dll
MOD - [2008.04.14 12:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
MOD - [2008.04.14 12:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uniplat.dll
MOD - [2008.04.14 12:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
MOD - [2008.04.14 12:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfts.dll
MOD - [2008.04.14 12:00:00 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll
MOD - [2008.04.14 12:00:00 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icaapi.dll
MOD - [2008.04.14 12:00:00 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pschdprf.dll
MOD - [2008.04.14 12:00:00 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsvpperf.dll
MOD - [2008.04.14 12:00:00 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3dlg.dll
MOD - [2008.04.14 12:00:00 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlsapi.dll
MOD - [2008.04.14 12:00:00 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasadhlp.dll
MOD - [2008.04.14 12:00:00 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sensapi.dll
MOD - [2008.04.14 12:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapres.dll
MOD - [2008.04.14 12:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msidle.dll
MOD - [2008.04.14 12:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmi.dll
MOD - [2008.04.14 12:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapiperf.dll
MOD - [2008.04.14 12:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc.dll
MOD - [2008.04.14 12:00:00 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll
MOD - [2008.04.14 12:00:00 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lz32.dll
MOD - [2008.04.14 08:51:44 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidserv.dll
MOD - [2008.04.14 06:53:00 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdmaud.drv
MOD - [2008.04.14 06:51:46 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ksuser.dll
MOD - [2007.02.17 05:24:42 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll
MOD - [2006.10.18 19:05:16 | 000,232,448 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\system32\mp3fhg.acm
MOD - [2005.06.08 19:03:08 | 000,114,688 | R--- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpers.exe
MOD - [2005.06.08 18:59:06 | 000,077,824 | R--- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
MOD - [2005.06.08 18:58:58 | 000,057,344 | R--- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.dll
MOD - [2005.06.08 18:57:56 | 000,073,728 | R--- | M] (Intel Corporation) -- C:\WINDOWS\system32\hccutils.dll
MOD - [2005.05.04 18:01:36 | 002,805,248 | R--- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
MOD - [2005.05.04 02:43:50 | 000,090,112 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE

========== Services (SafeList) ==========

SRV - [2012.12.13 17:00:01 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.12.01 20:17:16 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.11.19 21:48:14 | 001,435,568 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.11.08 00:37:37 | 001,990,464 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2012.09.24 22:12:59 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2011.09.27 20:03:28 | 000,295,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011.05.25 07:09:21 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.03.16 09:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\Jozifek\LOCALS~1\Temp\mbr.sys -- (mbr)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Garena\safedrv.sys -- (GGSAFERDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - File not found [Kernel | On_Demand | Running] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (atyuczxb)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (acgk4a1r)
DRV - [2012.12.28 22:56:18 | 000,007,168 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\utexnjq4.sys -- (utexnjq4)
DRV - [2012.11.08 00:38:17 | 000,099,080 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\inspect.sys -- (Inspect)
DRV - [2012.11.08 00:38:16 | 000,032,640 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2012.11.08 00:38:14 | 000,497,952 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2012.11.08 00:38:13 | 000,018,096 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmderd.sys -- (cmderd)
DRV - [2012.06.14 19:35:41 | 000,002,368 | ---- | M] (AntiCracking) [Kernel | Auto | Running] -- C:\WINDOWS\system32\SVKP.sys -- (SVKP)
DRV - [2012.05.21 09:02:23 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012.05.20 09:44:37 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2012.01.28 12:26:36 | 000,278,728 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2012.01.28 12:26:36 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2011.09.02 07:31:28 | 000,030,360 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2011.09.02 07:31:20 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2011.09.02 07:30:58 | 000,012,184 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2011.01.25 09:15:05 | 000,009,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\dumpdrv.sys -- (DumpDrv)
DRV - [2009.03.18 15:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2005.06.09 00:22:20 | 003,160,576 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1993962763-838170752-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1993962763-838170752-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9C 38 2D FC E1 47 CC 01 [binary data]
IE - HKU\S-1-5-21-1993962763-838170752-1801674531-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1993962763-838170752-1801674531-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1993962763-838170752-1801674531-1004\..\SearchScopes\{1BFFE098-2B4B-4938-84A0-CF368BBCFAFE}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-1993962763-838170752-1801674531-1004\..\SearchScopes\{5ED4FC08-97FB-40BF-B745-3357CEA72DCB}: "URL" = http://websearch.ask.com/redirect?clien ... 5D413FC7B3
IE - HKU\S-1-5-21-1993962763-838170752-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1993962763-838170752-1801674531-1005\..\SearchScopes,DefaultScope =

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: DivXWebPlayer%40divx.com:2.0.2.039
FF - prefs.js..extensions.enabledAddons: fbchathistory%40firechm.com:1.5
FF - prefs.js..extensions.enabledAddons: onair_FM%40marek.chrenko.net:3.9.2
FF - prefs.js..extensions.enabledAddons: %7B1e9a63ef-84ec-49a4-8d6f-2dd9524e90d0%7D:1.4.3
FF - prefs.js..extensions.enabledAddons: %7B37E4D8EA-8BDA-4831-8EA1-89053939A250%7D:3.0.0.2
FF - prefs.js..extensions.enabledAddons: %7B4BBDD651-70CF-4821-84F8-2B918CF89CA3%7D:7.0.3.5
FF - prefs.js..extensions.enabledAddons: %7BD4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389%7D:0.9.10
FF - prefs.js..extensions.enabledAddons: fbp%40fbpurity.com:8.0.1
FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:3.8.2
FF - prefs.js..extensions.enabledAddons: %7B1A2D0EC4-75F5-4c91-89C4-3656F6E44B68%7D:0.4.6
FF - prefs.js..extensions.enabledAddons: FasterFox_Lite%40BigRedBrent:3.9.9Lite
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..extensions.enabledItems: {4BBDD651-70CF-4821-84F8-2B918CF89CA3}:6.3.3.2
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2a}:1.3.8
FF - prefs.js..extensions.enabledItems: onair_FM@marek.chrenko.net:3.5.1
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.2
FF - prefs.js..extensions.enabledItems: elemhidehelper@adblockplus.org:1.1.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: fbchathistory@firechm.com:1.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "true"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.01 20:17:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011.07.21 21:19:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jozifek\Data aplikací\Mozilla\Extensions
[2012.12.29 20:04:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jozifek\Data aplikací\Mozilla\Firefox\Profiles\mm4b3bix.default\extensions
[2011.07.26 18:45:03 | 000,000,000 | ---D | M] (PDF Download) -- C:\Documents and Settings\Jozifek\Data aplikací\Mozilla\Firefox\Profiles\mm4b3bix.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2012.06.26 17:05:10 | 000,000,000 | ---D | M] (FEBE) -- C:\Documents and Settings\Jozifek\Data aplikací\Mozilla\Firefox\Profiles\mm4b3bix.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
[2012.12.29 20:04:56 | 000,000,000 | ---D | M] (Fasterfox Lite) -- C:\Documents and Settings\Jozifek\Data aplikací\Mozilla\Firefox\Profiles\mm4b3bix.default\extensions\FasterFox_Lite@BigRedBrent
[2012.12.22 19:31:35 | 000,234,999 | ---- | M] () (No name found) -- C:\Documents and Settings\Jozifek\Data aplikací\Mozilla\Firefox\Profiles\mm4b3bix.default\extensions\artur.dubovoy@gmail.com.xpi
[2012.09.25 21:33:00 | 000,550,833 | ---- | M] () (No name found) -- C:\Documents and Settings\Jozifek\Data aplikací\Mozilla\Firefox\Profiles\mm4b3bix.default\extensions\DivXWebPlayer@divx.com.xpi
[2012.03.21 17:09:56 | 000,064,779 | ---- | M] () (No name found) -- C:\Documents and Settings\Jozifek\Data aplikací\Mozilla\Firefox\Profiles\mm4b3bix.default\extensions\fbchathistory@firechm.com.xpi
[2012.12.13 20:56:36 | 000,062,582 | ---- | M] () (No name found) -- C:\Documents and Settings\Jozifek\Data aplikací\Mozilla\Firefox\Profiles\mm4b3bix.default\extensions\fbp@fbpurity.com.xpi
[2012.10.18 17:25:23 | 000,149,040 | ---- | M] () (No name found) -- C:\Documents and Settings\Jozifek\Data aplikací\Mozilla\Firefox\Profiles\mm4b3bix.default\extensions\jid1-uB4sJEPvR2m4QQ@jetpack.xpi
[2011.05.18 09:21:16 | 000,047,225 | ---- | M] () (No name found) -- C:\Documents and Settings\Jozifek\Data aplikací\Mozilla\Firefox\Profiles\mm4b3bix.default\extensions\onair_FM@marek.chrenko.net.xpi
[2012.12.29 20:04:48 | 000,079,135 | ---- | M] () (No name found) -- C:\Documents and Settings\Jozifek\Data aplikací\Mozilla\Firefox\Profiles\mm4b3bix.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi
[2012.08.24 02:47:15 | 000,587,582 | ---- | M] () (No name found) -- C:\Documents and Settings\Jozifek\Data aplikací\Mozilla\Firefox\Profiles\mm4b3bix.default\extensions\{1e9a63ef-84ec-49a4-8d6f-2dd9524e90d0}.xpi
[2012.11.24 10:38:16 | 000,804,627 | ---- | M] () (No name found) -- C:\Documents and Settings\Jozifek\Data aplikací\Mozilla\Firefox\Profiles\mm4b3bix.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2011.10.29 22:09:59 | 000,434,392 | ---- | M] () (No name found) -- C:\Documents and Settings\Jozifek\Data aplikací\Mozilla\Firefox\Profiles\mm4b3bix.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
[2012.01.03 16:27:44 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\Jozifek\Data aplikací\Mozilla\Firefox\Profiles\mm4b3bix.default\searchplugins\askcom.xml
[2011.02.15 12:56:04 | 000,001,974 | ---- | M] () -- C:\Documents and Settings\Jozifek\Data aplikací\Mozilla\Firefox\Profiles\mm4b3bix.default\searchplugins\hadaj-video.xml
[2010.05.06 09:18:04 | 000,002,388 | ---- | M] () -- C:\Documents and Settings\Jozifek\Data aplikací\Mozilla\Firefox\Profiles\mm4b3bix.default\searchplugins\hellspy.xml
[2009.01.08 15:30:58 | 000,001,692 | ---- | M] () -- C:\Documents and Settings\Jozifek\Data aplikací\Mozilla\Firefox\Profiles\mm4b3bix.default\searchplugins\sfd.xml
[2010.09.13 11:11:50 | 000,002,476 | ---- | M] () -- C:\Documents and Settings\Jozifek\Data aplikací\Mozilla\Firefox\Profiles\mm4b3bix.default\searchplugins\stahujcz.xml
[2009.01.15 06:50:58 | 000,002,143 | ---- | M] () -- C:\Documents and Settings\Jozifek\Data aplikací\Mozilla\Firefox\Profiles\mm4b3bix.default\searchplugins\vyhledvn-vide-ve-slub-youtube.xml
[2012.12.01 20:17:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\JOZIFEK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\MM4B3BIX.DEFAULT\EXTENSIONS\{1A2D0EC4-75F5-4C91-89C4-3656F6E44B68}.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\JOZIFEK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\MM4B3BIX.DEFAULT\EXTENSIONS\{1E9A63EF-84EC-49A4-8D6F-2DD9524E90D0}.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\JOZIFEK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\MM4B3BIX.DEFAULT\EXTENSIONS\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\JOZIFEK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\MM4B3BIX.DEFAULT\EXTENSIONS\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\JOZIFEK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\MM4B3BIX.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\JOZIFEK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\MM4B3BIX.DEFAULT\EXTENSIONS\ARTUR.DUBOVOY@GMAIL.COM.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\JOZIFEK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\MM4B3BIX.DEFAULT\EXTENSIONS\DIVXWEBPLAYER@DIVX.COM.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\JOZIFEK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\MM4B3BIX.DEFAULT\EXTENSIONS\FASTERFOX_LITE@BIGREDBRENT
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\JOZIFEK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\MM4B3BIX.DEFAULT\EXTENSIONS\FBCHATHISTORY@FIRECHM.COM.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\JOZIFEK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\MM4B3BIX.DEFAULT\EXTENSIONS\FBP@FBPURITY.COM.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\JOZIFEK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\MM4B3BIX.DEFAULT\EXTENSIONS\ONAIR_FM@MAREK.CHRENKO.NET.XPI
[2012.12.01 20:17:18 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.02.11 09:57:36 | 000,001,583 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\atlas-sk.xml
[2012.02.11 09:57:36 | 000,001,380 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\azet-sk.xml
[2012.02.11 09:57:36 | 000,001,479 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\dunaj-sk.xml
[2012.02.11 09:57:36 | 000,001,473 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slovnik-sk.xml
[2012.02.11 09:57:36 | 000,001,104 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-sk.xml
[2012.02.11 09:57:36 | 000,000,830 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\zoznam-sk.xml

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.64\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.64\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Jozifek\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: registryAccess (Enabled) = C:\Documents and Settings\Jozifek\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\aaaapoomnboffjcgcebabolakmhbblbk\7.14.1.20074_0\background/registryAccess.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U23 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - Extension: YouTube = C:\Documents and Settings\Jozifek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\Jozifek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Documents and Settings\Jozifek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012.12.29 19:47:40 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-1993962763-838170752-1801674531-1004..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-21-1993962763-838170752-1801674531-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1993962763-838170752-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1993962763-838170752-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1993962763-838170752-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1993962763-838170752-1801674531-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1993962763-838170752-1801674531-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.16.0.2 195.168.1.4 62.168.96.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0DA094EE-D060-4A9B-867C-CC68C2D736F6}: DhcpNameServer = 172.16.0.2 195.168.1.4 62.168.96.4
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Jozifek\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jozifek\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.07.21 20:51:34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2003.05.04 09:57:28 | 000,172,032 | R--- | M] (Team17 Software Ltd) - J:\AUTORUN.EXE -- [ CDFS ]
O32 - AutoRun File - [2000.11.09 17:05:38 | 000,000,051 | R--- | M] () - J:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2001.04.18 15:23:00 | 000,000,041 | R--- | M] () - L:\Autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2000.05.11 11:13:12 | 000,000,046 | R--- | M] () - M:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

Skaler.x. · #13 Příspěvek od **Skaler.x.** » 29 pro 2012 21:25

CREATERESTOREPOINT
System Restore Service not available.

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\WINDOWS\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: VIDC.FMVC - C:\WINDOWS\System32\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.12.29 20:47:46 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jozifek\Plocha\OTL.exe
[2012.12.29 19:46:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012.12.29 18:04:08 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012.12.29 18:01:11 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012.12.29 18:01:11 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012.12.29 18:01:11 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012.12.29 18:01:11 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012.12.29 18:00:38 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.12.29 17:58:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012.12.29 17:55:59 | 005,015,489 | R--- | C] (Swearware) -- C:\Documents and Settings\Jozifek\Plocha\ComboFix.exe
[2012.12.29 12:47:31 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.12.29 12:46:12 | 000,000,000 | ---D | C] -- C:\rsit
[2012.12.29 11:54:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Jozifek\Recent
[2012.12.28 17:35:27 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2012.12.28 15:39:49 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2012.12.23 16:07:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Recepty doma
[2012.12.23 16:07:32 | 000,000,000 | ---D | C] -- C:\Program Files\Recepty doma
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012.12.29 20:52:29 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.12.29 20:46:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jozifek\Plocha\OTL.exe
[2012.12.29 20:03:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.12.29 19:58:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.12.29 19:49:55 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.12.29 19:47:40 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012.12.29 19:47:38 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.29 19:47:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.12.29 19:47:29 | 1601,622,016 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.29 18:04:15 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012.12.29 17:56:38 | 005,015,489 | R--- | M] (Swearware) -- C:\Documents and Settings\Jozifek\Plocha\ComboFix.exe
[2012.12.28 23:09:37 | 000,154,112 | ---- | M] () -- C:\Documents and Settings\Jozifek\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.12.28 22:56:18 | 000,007,168 | ---- | M] () -- C:\WINDOWS\System32\drivers\utexnjq4.sys
[2012.12.28 18:58:53 | 001,474,832 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2012.12.28 16:11:34 | 095,023,320 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\dsgsdgdsgdsgw.pad
[2012.12.28 15:13:07 | 000,003,003 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\dsgsdgdsgdsgw.js
[2012.12.28 15:13:07 | 000,000,788 | ---- | M] () -- C:\Documents and Settings\Jozifek\Nabídka Start\Programy\Po spuštění\runctf.lnk
[2012.12.28 14:08:27 | 005,373,952 | ---- | M] () -- C:\Documents and Settings\Jozifek\fbchathistory.dat
[2012.12.27 21:20:42 | 000,743,582 | ---- | M] () -- C:\Documents and Settings\Jozifek\Plocha\ivanka v aute.jpg
[2012.12.27 21:08:10 | 000,349,308 | ---- | M] () -- C:\Documents and Settings\Jozifek\Plocha\Toyota-Aygo-Fire-2012-widescreen-02.jpg
[2012.12.27 21:00:37 | 000,017,501 | ---- | M] () -- C:\Documents and Settings\Jozifek\Plocha\536_img-1_1_1_s.jpg
[2012.12.27 19:13:28 | 000,076,298 | ---- | M] () -- C:\Documents and Settings\Jozifek\Plocha\Ivanka.jpg
[2012.12.26 10:03:20 | 000,073,728 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCFDRTM.VER
[2012.12.24 11:52:10 | 000,520,068 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2012.12.24 11:52:10 | 000,504,422 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.12.24 11:52:10 | 000,110,694 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2012.12.24 11:52:10 | 000,087,990 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.12.23 16:07:43 | 000,000,725 | ---- | M] () -- C:\Documents and Settings\Jozifek\Plocha\Recepty doma.lnk
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.12.29 20:52:29 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.12.29 18:04:15 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012.12.29 18:04:12 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012.12.29 18:01:11 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012.12.29 18:01:11 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012.12.29 18:01:11 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012.12.29 18:01:11 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012.12.29 18:01:11 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012.12.29 15:24:48 | 1601,622,016 | -HS- | C] () -- C:\hiberfil.sys
[2012.12.28 22:56:12 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\utexnjq4.sys
[2012.12.28 15:13:07 | 000,003,003 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\dsgsdgdsgdsgw.js
[2012.12.28 15:13:06 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\Jozifek\Nabídka Start\Programy\Po spuštění\runctf.lnk
[2012.12.28 15:13:01 | 095,023,320 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\dsgsdgdsgdsgw.pad
[2012.12.27 21:20:40 | 000,743,582 | ---- | C] () -- C:\Documents and Settings\Jozifek\Plocha\ivanka v aute.jpg
[2012.12.27 21:08:10 | 000,349,308 | ---- | C] () -- C:\Documents and Settings\Jozifek\Plocha\Toyota-Aygo-Fire-2012-widescreen-02.jpg
[2012.12.27 21:00:36 | 000,017,501 | ---- | C] () -- C:\Documents and Settings\Jozifek\Plocha\536_img-1_1_1_s.jpg
[2012.12.27 19:13:24 | 000,076,298 | ---- | C] () -- C:\Documents and Settings\Jozifek\Plocha\Ivanka.jpg
[2012.12.23 16:07:43 | 000,000,725 | ---- | C] () -- C:\Documents and Settings\Jozifek\Plocha\Recepty doma.lnk
[2012.12.23 16:07:40 | 000,201,216 | ---- | C] () -- C:\WINDOWS\System32\mediarcpt.dll
[2012.12.17 07:20:49 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2012.09.29 14:18:48 | 000,000,030 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2012.07.04 16:29:29 | 000,000,979 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2012.02.23 17:16:45 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2012.02.21 20:27:20 | 000,035,279 | ---- | C] () -- C:\WINDOWS\DIIUnin.dat
[2012.02.19 23:02:57 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2012.02.19 23:02:57 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2012.02.19 23:02:57 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2012.02.15 07:09:53 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.01.28 12:26:36 | 000,278,728 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2012.01.28 12:26:36 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2012.01.24 14:13:49 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2012.01.18 13:53:02 | 000,000,031 | ---- | C] () -- C:\WINDOWS\ultimatecd.ini
[2011.12.29 15:00:58 | 000,008,192 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2011.12.25 19:54:24 | 000,001,480 | ---- | C] () -- C:\Documents and Settings\Jozifek\Local Settings\Data aplikací\Adobe Uložit pro web 11.0 Prefs
[2011.10.21 18:21:09 | 000,000,193 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Microsoft.SqlServer.Compact.351.32.bc
[2011.09.30 16:11:06 | 000,045,194 | ---- | C] () -- C:\Documents and Settings\Jozifek\Data aplikací\room_v3.dat
[2011.08.11 17:52:24 | 001,474,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2011.07.27 20:20:50 | 000,078,896 | ---- | C] () -- C:\WINDOWS\War3Unin.dat
[2011.07.23 18:29:32 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011.07.23 18:29:31 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2011.07.23 18:29:25 | 000,644,608 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011.07.23 18:29:25 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011.07.23 18:29:25 | 000,073,216 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011.07.23 08:35:07 | 005,373,952 | ---- | C] () -- C:\Documents and Settings\Jozifek\fbchathistory.dat
[2011.07.22 13:00:10 | 000,154,112 | ---- | C] () -- C:\Documents and Settings\Jozifek\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.21 22:10:17 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.07.21 22:08:50 | 000,142,032 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.07.21 21:42:18 | 000,273,344 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011.07.21 21:42:18 | 000,273,344 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011.07.21 21:42:18 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011.07.21 21:42:10 | 002,123,582 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2011.07.21 21:19:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011.07.21 20:54:48 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.07.21 20:31:05 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011.07.21 20:22:08 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2011.07.21 20:22:08 | 000,021,464 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2011.07.21 20:22:08 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2011.07.21 20:22:07 | 000,015,552 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2011.07.21 20:22:07 | 000,014,910 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2011.01.25 09:22:10 | 000,000,257 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

========== ZeroAccess Check ==========

[2011.07.21 20:31:33 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 12:00:00 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2011.01.25 09:10:08 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 12:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012.03.21 15:27:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ashampoo
[2011.08.11 16:28:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2012.03.22 16:23:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Canneverbe Limited
[2012.07.04 16:41:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2012.04.10 11:48:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DriverGenius
[2011.10.29 10:57:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Soluto
[2012.09.29 22:27:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2011.10.08 16:21:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ukfree
[2012.02.01 07:14:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ukprfree
[2012.03.21 15:30:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\Ashampoo
[2012.12.23 12:12:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\Atari
[2011.11.06 20:11:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\Blender Foundation
[2012.03.22 17:58:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\Canneverbe Limited
[2011.07.23 00:47:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\COWON
[2012.12.23 12:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\DAEMON Tools Lite
[2011.08.23 14:18:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\Foxit Software
[2011.07.21 21:48:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\Leadertech
[2011.09.22 08:40:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\QIP
[2012.12.17 13:57:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\Quake3
[2012.10.18 07:26:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\Softland
[2011.07.25 20:24:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\Thunderbird
[2011.07.21 21:02:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\Windows Desktop Search
[2011.07.23 10:11:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\Windows Search
[2012.10.18 07:26:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Softland

========== Purity Check ==========

========== Custom Scans ==========

========== Drive Information ==========

Physical Drives
---------------

Error accessing drive info (0)
Error accessing drive info (0)

Partitions
---------------

Error accessing partition info (0)
Error accessing partition info (0)

========== Base Services ==========
SRV - [2008.04.14 12:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2011.01.25 09:13:16 | 000,022,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2011.01.25 09:11:52 | 000,408,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2012.07.06 14:58:15 | 000,078,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2008.04.14 12:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2011.01.25 09:10:02 | 000,125,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2011.01.25 09:10:03 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2011.01.25 09:12:00 | 000,111,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2008.04.14 12:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost)
SRV - [2011.01.25 09:12:14 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2008.04.14 12:00:00 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - [2008.04.14 08:51:44 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\hidserv.dll -- (HidServ)
SRV - [2008.04.14 12:00:00 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2008.04.14 12:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2008.04.14 12:00:00 | 000,024,064 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008.04.14 12:00:00 | 000,225,280 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2008.04.14 12:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2008.04.14 12:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008.04.14 12:00:00 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2011.01.25 09:11:32 | 000,247,296 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\mswsock.dll -- (Nla)
SRV - [2011.01.25 09:12:00 | 000,111,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2011.01.25 09:12:15 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2008.04.14 12:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2008.04.14 12:00:00 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008.04.14 12:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2011.01.25 09:11:59 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs)
SRV - [2008.04.14 12:00:00 | 000,435,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008.04.14 12:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008.04.14 12:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2008.04.14 12:00:00 | 000,080,896 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2011.01.25 09:12:16 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (LanmanServer)
SRV - [2011.01.25 09:12:14 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2008.04.14 12:00:00 | 000,171,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008.04.14 12:00:00 | 000,192,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008.04.14 12:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2011.01.25 09:12:23 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2011.01.25 09:12:24 | 000,297,472 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2011.01.25 09:12:14 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2008.04.14 12:00:00 | 000,290,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008.04.14 12:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2011.01.25 09:10:32 | 000,329,728 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
SRV - [2008.04.14 12:00:00 | 000,334,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc)
SRV - [2011.01.25 09:11:19 | 000,095,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2011.01.25 09:12:17 | 000,014,848 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\svchost.exe -- (winmgmt)
SRV - [2011.01.25 09:09:51 | 000,684,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)
SRV - [2011.01.25 09:10:03 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)
SRV - [2011.01.25 09:27:11 | 000,483,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2011.01.25 09:12:40 | 000,134,144 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)

< >
[2011.07.21 20:48:17 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2011.07.21 21:00:19 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2011.07.26 19:03:22 | 000,000,922 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2011.07.26 19:03:23 | 000,000,926 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012.10.11 10:52:10 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

< MD5 for: ACPI.SYS >
[2011.01.25 09:27:11 | 017,817,474 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:acpi.sys
[2008.04.14 12:00:00 | 000,188,288 | ---- | M] (Microsoft Corporation) MD5=4FE34F1F3126B61FCC6B2043AA8112C9 -- C:\WINDOWS\system32\drivers\acpi.sys

< MD5 for: AFD.SYS >
[2011.08.17 14:41:46 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=F6B7B1ECD7B41736BDB6FF4B092BCB79 -- C:\WINDOWS\system32\dllcache\afd.sys
[2011.08.17 14:41:46 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=F6B7B1ECD7B41736BDB6FF4B092BCB79 -- C:\WINDOWS\system32\drivers\afd.sys

< MD5 for: AGP440.SYS >
[2011.01.25 09:27:11 | 017,817,474 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2011.01.25 09:27:11 | 017,817,474 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 12:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2008.04.14 12:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 12:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 12:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 12:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2011.01.25 09:27:11 | 017,817,474 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.05.02 09:49:40 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2011.01.25 09:09:56 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CMD.EXE >
[2008.04.14 12:00:00 | 000,390,144 | ---- | M] (Microsoft Corporation) MD5=58A4129B7AB2CF2E7F00256F7EDAEAC2 -- C:\WINDOWS\system32\cmd.exe
[2008.04.14 12:00:00 | 000,390,144 | ---- | M] (Microsoft Corporation) MD5=58A4129B7AB2CF2E7F00256F7EDAEAC2 -- C:\WINDOWS\system32\dllcache\cmd.exe

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 12:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\erdnt\cache\cryptsvc.dll
[2008.04.14 12:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 12:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: CSRSS.EXE >
[2008.04.14 12:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\system32\csrss.exe
[2008.04.14 12:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\system32\dllcache\csrss.exe

< MD5 for: EVENTLOG.DLL >
[2008.04.14 12:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\erdnt\cache\eventlog.dll
[2008.04.14 12:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 12:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2011.01.25 09:10:07 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=8AB626E4E4B289646E11311E66FB0B88 -- C:\WINDOWS\erdnt\cache\explorer.exe
[2011.01.25 09:10:07 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=8AB626E4E4B289646E11311E66FB0B88 -- C:\WINDOWS\explorer.exe
[2011.01.25 09:10:07 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=8AB626E4E4B289646E11311E66FB0B88 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: FASTFAT.SYS >
[2008.04.14 12:00:00 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\system32\dllcache\fastfat.sys
[2008.04.14 12:00:00 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\system32\drivers\fastfat.sys

< MD5 for: HAL.DLL >
[2011.01.25 09:27:11 | 017,817,474 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2011.01.25 09:10:15 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=429B2A7E9569C19BFE58F71FC02DE220 -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2011.01.25 09:27:11 | 017,817,474 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys

< MD5 for: I8042PRT.SYS >
[2011.01.25 09:27:11 | 017,817,474 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:i8042prt.sys
[2008.04.14 12:00:00 | 000,052,096 | ---- | M] (Microsoft Corporation) MD5=C528E27945367191E7BAE364930B6932 -- C:\WINDOWS\system32\drivers\i8042prt.sys

< MD5 for: ISAPNP.SYS >
[2011.01.25 09:27:11 | 017,817,474 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 12:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: KBDCLASS.SYS >
[2011.01.25 09:27:11 | 017,817,474 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:kbdclass.sys
[2008.04.14 05:59:08 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=1B6162FE7F66B1A71A4B70F941C4AA9B -- C:\WINDOWS\erdnt\cache\kbdclass.sys
[2008.04.14 05:59:08 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=1B6162FE7F66B1A71A4B70F941C4AA9B -- C:\WINDOWS\system32\dllcache\kbdclass.sys
[2008.04.14 05:59:08 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=1B6162FE7F66B1A71A4B70F941C4AA9B -- C:\WINDOWS\system32\drivers\kbdclass.sys
[2008.04.14 05:59:08 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=1B6162FE7F66B1A71A4B70F941C4AA9B -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\kbdclass.sys

< MD5 for: LSASS.EXE >
[2008.04.14 12:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\erdnt\cache\lsass.exe
[2008.04.14 12:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 12:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2011.01.25 09:11:36 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=B5B1080D35974C0E718D64280761BCD5 -- C:\WINDOWS\erdnt\cache\ndis.sys
[2011.01.25 09:11:36 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=B5B1080D35974C0E718D64280761BCD5 -- C:\WINDOWS\system32\dllcache\ndis.sys
[2011.01.25 09:11:36 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=B5B1080D35974C0E718D64280761BCD5 -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2011.01.25 09:11:37 | 000,407,552 | ---- | M] (Microsoft Corporation) MD5=6A5A974D868AE2F9AC96DC14F221A5EF -- C:\WINDOWS\erdnt\cache\netlogon.dll
[2011.01.25 09:11:37 | 000,407,552 | ---- | M] (Microsoft Corporation) MD5=6A5A974D868AE2F9AC96DC14F221A5EF -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2011.01.25 09:11:37 | 000,407,552 | ---- | M] (Microsoft Corporation) MD5=6A5A974D868AE2F9AC96DC14F221A5EF -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: NTFS.SYS >
[2009.03.23 10:55:24 | 000,576,512 | ---- | M] (Microsoft Corporation) MD5=AE8CAD8F28DB13B515A68510A539B0B8 -- C:\WINDOWS\erdnt\cache\ntfs.sys
[2009.03.23 10:55:24 | 000,576,512 | ---- | M] (Microsoft Corporation) MD5=AE8CAD8F28DB13B515A68510A539B0B8 -- C:\WINDOWS\system32\dllcache\ntfs.sys
[2009.03.23 10:55:24 | 000,576,512 | ---- | M] (Microsoft Corporation) MD5=AE8CAD8F28DB13B515A68510A539B0B8 -- C:\WINDOWS\system32\drivers\ntfs.sys
[2004.08.03 23:15:10 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\cmdcons\NTFS.SYS

< MD5 for: NTKRNLPA.EXE >
[2011.01.25 09:27:11 | 017,817,474 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:ntkrnlpa.exe
[2012.08.23 10:56:14 | 002,071,808 | ---- | M] (Microsoft Corporation) MD5=A818179E96B92BAA91203CE32D89136A -- C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe
[2012.08.23 10:56:14 | 002,071,808 | ---- | M] (Microsoft Corporation) MD5=A818179E96B92BAA91203CE32D89136A -- C:\WINDOWS\erdnt\cache\ntkrnlpa.exe
[2012.08.23 10:56:14 | 002,071,808 | ---- | M] (Microsoft Corporation) MD5=A818179E96B92BAA91203CE32D89136A -- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
[2012.08.23 10:56:14 | 002,071,808 | ---- | M] (Microsoft Corporation) MD5=A818179E96B92BAA91203CE32D89136A -- C:\WINDOWS\system32\ntkrnlpa.exe

< MD5 for: NTOSKRNL.EXE >
[2011.01.25 09:27:11 | 017,817,474 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:ntoskrnl.exe
[2012.08.23 07:26:12 | 002,195,200 | ---- | M] (Microsoft Corporation) MD5=6AEE8673A323577F0553ECFE363510DD -- C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
[2012.08.23 07:26:12 | 002,195,200 | ---- | M] (Microsoft Corporation) MD5=6AEE8673A323577F0553ECFE363510DD -- C:\WINDOWS\erdnt\cache\ntoskrnl.exe
[2012.08.23 07:26:12 | 002,195,200 | ---- | M] (Microsoft Corporation) MD5=6AEE8673A323577F0553ECFE363510DD -- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
[2012.08.23 07:26:12 | 002,195,200 | ---- | M] (Microsoft Corporation) MD5=6AEE8673A323577F0553ECFE363510DD -- C:\WINDOWS\system32\ntoskrnl.exe

< MD5 for: REGEDIT.EXE >
[2008.04.14 12:00:00 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=FDEB1D02CAE38665CBF114F44E6B997E -- C:\WINDOWS\erdnt\cache\regedit.exe
[2008.04.14 12:00:00 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=FDEB1D02CAE38665CBF114F44E6B997E -- C:\WINDOWS\regedit.exe
[2008.04.14 12:00:00 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=FDEB1D02CAE38665CBF114F44E6B997E -- C:\WINDOWS\system32\dllcache\regedit.exe

< MD5 for: SCECLI.DLL >
[2008.04.14 12:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\erdnt\cache\scecli.dll
[2008.04.14 12:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 12:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SERVICES.EXE >
[2011.01.25 09:12:00 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=4F40D16B2D5ED9E48A193CE468912FED -- C:\WINDOWS\erdnt\cache\services.exe
[2011.01.25 09:12:00 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=4F40D16B2D5ED9E48A193CE468912FED -- C:\WINDOWS\system32\dllcache\services.exe
[2011.01.25 09:12:00 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=4F40D16B2D5ED9E48A193CE468912FED -- C:\WINDOWS\system32\services.exe

< MD5 for: SMSS.EXE >
[2008.04.14 12:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 12:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
[2004.08.04 00:56:58 | 000,152,576 | ---- | M] (Microsoft Corporation) MD5=DA5CF1C368B33D75602FD6B3A7F5E0C6 -- C:\cmdcons\SYSTEM32\SMSS.EXE

< MD5 for: SPOOLSV.EXE >
[2011.01.25 09:12:15 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=258DD5D4283FD9F9A7166BE9AE45CE73 -- C:\WINDOWS\erdnt\cache\spoolsv.exe
[2011.01.25 09:12:15 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=258DD5D4283FD9F9A7166BE9AE45CE73 -- C:\WINDOWS\system32\dllcache\spoolsv.exe
[2011.01.25 09:12:15 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=258DD5D4283FD9F9A7166BE9AE45CE73 -- C:\WINDOWS\system32\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2011.01.25 09:12:17 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=67E38B4A549833E02D4D1617B5DBC318 -- C:\WINDOWS\erdnt\cache\svchost.exe
[2011.01.25 09:12:17 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=67E38B4A549833E02D4D1617B5DBC318 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2011.01.25 09:12:17 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=67E38B4A549833E02D4D1617B5DBC318 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.01.25 09:12:23 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=51E41F16ACD80B8B39C0AE703A213F09 -- C:\WINDOWS\erdnt\cache\tcpip.sys
[2011.01.25 09:12:23 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=51E41F16ACD80B8B39C0AE703A213F09 -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2011.01.25 09:12:23 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=51E41F16ACD80B8B39C0AE703A213F09 -- C:\WINDOWS\system32\drivers\tcpip.sys

< MD5 for: USER32.DLL >
[2011.01.25 09:12:29 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=A88D1807EF5370F4313C58D137D6F7B4 -- C:\WINDOWS\erdnt\cache\user32.dll
[2011.01.25 09:12:29 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=A88D1807EF5370F4313C58D137D6F7B4 -- C:\WINDOWS\system32\dllcache\user32.dll
[2011.01.25 09:12:29 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=A88D1807EF5370F4313C58D137D6F7B4 -- C:\WINDOWS\system32\user32.dll

< MD5 for: USERINIT.EXE >
[2008.04.14 12:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\erdnt\cache\userinit.exe
[2008.04.14 12:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 12:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WDF01000.SYS >
[2009.07.14 09:35:16 | 000,444,136 | ---- | M] (Microsoft Corporation) MD5=D918617B46457B9AC28027722E30F647 -- C:\WINDOWS\system32\drivers\wdf01000.sys

< MD5 for: WIN32K.SYS >
[2012.11.13 12:56:25 | 001,875,456 | ---- | M] (Microsoft Corporation) MD5=755B5172821684A6FE41461599783A5B -- C:\WINDOWS\system32\dllcache\win32k.sys
[2012.11.13 12:56:25 | 001,875,456 | ---- | M] (Microsoft Corporation) MD5=755B5172821684A6FE41461599783A5B -- C:\WINDOWS\system32\win32k.sys

< MD5 for: WINLOGON.EXE >
[2011.01.25 09:12:39 | 000,509,440 | ---- | M] (Microsoft Corporation) MD5=4212BABCC4408B052193DABAD9A691AB -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2011.01.25 09:12:39 | 000,509,440 | ---- | M] (Microsoft Corporation) MD5=4212BABCC4408B052193DABAD9A691AB -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2011.01.25 09:12:39 | 000,509,440 | ---- | M] (Microsoft Corporation) MD5=4212BABCC4408B052193DABAD9A691AB -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WINSRV.DLL >
[2011.11.25 22:56:35 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=4FC123A5B7D8F5A9511CFF7B98F9596B -- C:\WINDOWS\system32\dllcache\winsrv.dll
[2011.11.25 22:56:35 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=4FC123A5B7D8F5A9511CFF7B98F9596B -- C:\WINDOWS\system32\winsrv.dll

< MD5 for: WS2_32.DLL >
[2008.04.14 12:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\erdnt\cache\ws2_32.dll
[2008.04.14 12:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 12:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< MD5 for: WSCRIPT.EXE >
[2011.01.25 09:13:12 | 000,155,648 | ---- | M] (Microsoft Corporation) MD5=CEA8F7E45B7B098F5FB085BB6A6A4432 -- C:\WINDOWS\system32\dllcache\wscript.exe
[2011.01.25 09:13:12 | 000,155,648 | ---- | M] (Microsoft Corporation) MD5=CEA8F7E45B7B098F5FB085BB6A6A4432 -- C:\WINDOWS\system32\wscript.exe

< >

< >

< %systemroot%\system32\drivers\*.sys /10 >
[2012.12.28 22:56:18 | 000,007,168 | ---- | M] () -- C:\WINDOWS\system32\drivers\utexnjq4.sys

< %systemroot%\system32\drivers\*.sys /X >
[2008.04.14 12:00:00 | 003,440,660 | ---- | M] () -- C:\WINDOWS\system32\drivers\gm.dls
[2008.04.14 12:00:00 | 000,000,646 | ---- | M] () -- C:\WINDOWS\system32\drivers\gmreadme.txt
[2008.04.14 06:51:44 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\hidserv.dll
[2011.07.21 21:47:33 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012.12.28 18:58:53 | 001,474,832 | ---- | M] () -- C:\WINDOWS\system32\drivers\sfi.dat

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.* /10 >
[2012.12.22 10:57:40 | 000,142,032 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2012.12.24 11:52:10 | 000,110,694 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2012.12.24 11:52:10 | 000,087,990 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2012.12.24 11:52:10 | 000,520,068 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2012.12.24 11:52:10 | 000,504,422 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2012.12.24 11:52:08 | 001,242,862 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2012.12.29 19:49:55 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\*.* /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\config\*.sav >
[2011.07.21 22:08:04 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2011.07.21 22:08:04 | 001,093,632 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2011.07.21 22:08:03 | 000,495,616 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< >

< >

< >

< %systemroot%\Tasks\*.job >
[2012.12.29 20:58:01 | 000,000,914 | ---- | M] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2012.12.29 19:47:38 | 000,000,922 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2012.12.29 21:03:27 | 000,000,926 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\*.* /U /s >
[6 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[32 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\Installer\{CC6B1BB4-4E06-4A5B-A166-B371B551324B}\*.tmp files -> C:\WINDOWS\Installer\{CC6B1BB4-4E06-4A5B-A166-B371B551324B}\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\*. /rp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >
[2011.07.21 22:09:42 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\desktop.ini
[2012.12.28 15:13:07 | 000,003,003 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\dsgsdgdsgdsgw.js
[2012.12.28 16:11:34 | 095,023,320 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\dsgsdgdsgdsgw.pad
[2011.10.29 10:56:29 | 000,000,193 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\Microsoft.SqlServer.Compact.351.32.bc

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >
[2011.06.06 21:45:23 | 001,560,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\Setup\{AC76BA86-7AD7-1029-7B44-AA1000000001}\setup.exe
[2011.05.25 07:09:21 | 000,194,152 | ---- | M] (NVIDIA Corporation) -- C:\Documents and Settings\All Users\Data Aplikací\NVIDIA\Updatus\WLMerger.exe
[2011.10.21 18:06:10 | 001,241,136 | ---- | M] (Soluto Inc) -- C:\Documents and Settings\All Users\Data Aplikací\Soluto\Installer\SolutoInstaller.exe
[2011.09.28 11:43:05 | 000,099,981 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\ukprfree\unukfree.exe

< %ALLUSERSPROFILE%\Nabídka Start\*.lnk /x >
[2011.07.21 20:51:39 | 000,000,315 | -HS- | M] () -- C:\Documents and Settings\All Users\Nabídka Start\desktop.ini

< %ALLUSERSPROFILE%\Data Aplikácií\*.* >

< %ALLUSERSPROFILE%\Data Aplikácií\*.exe /s >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %APPDATA%\*. >
[2011.12.29 11:52:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\Adobe
[2012.10.12 06:50:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\Apple Computer
[2012.03.21 15:30:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\Ashampoo
[2012.12.23 12:12:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\Atari
[2011.11.06 20:11:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\Blender Foundation
[2012.03.22 17:58:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\Canneverbe Limited
[2011.07.23 00:47:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\COWON
[2012.12.23 12:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\DAEMON Tools Lite
[2011.08.23 14:18:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\Foxit Software
[2011.07.21 21:01:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\Identities
[2011.10.02 18:43:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\InstallShield Installation Information
[2011.07.21 21:48:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\Leadertech
[2011.07.21 21:42:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\Logishrd
[2011.07.21 21:48:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\Logitech
[2011.07.21 21:10:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\Macromedia
[2012.09.29 14:34:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\Media Player Classic
[2012.09.17 17:10:27 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Jozifek\Data aplikací\Microsoft
[2011.11.01 23:21:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\Microsoft Games
[2011.07.21 21:19:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\Mozilla
[2011.09.22 08:40:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\QIP
[2012.12.17 13:57:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\Quake3
[2012.10.18 07:26:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\Softland
[2011.12.29 23:21:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\Sun
[2011.07.25 20:24:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\Thunderbird
[2012.12.17 19:28:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\U3
[2011.07.21 21:02:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\Windows Desktop Search
[2011.07.23 10:11:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\Windows Search
[2011.07.23 08:54:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozifek\Data aplikací\WinRAR

< %APPDATA%\*.* >
[2011.07.21 22:09:42 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Jozifek\Data aplikací\desktop.ini
[2012.10.09 20:54:27 | 000,045,194 | ---- | M] () -- C:\Documents and Settings\Jozifek\Data aplikací\room_v3.dat

< %APPDATA%\*.exe /s >
[2002.12.02 21:33:00 | 000,107,512 | ---- | M] (InstallShield Software Corporation) -- C:\Documents and Settings\Jozifek\Data aplikací\InstallShield Installation Information\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}\setup.exe
[2012.09.13 11:28:13 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\Jozifek\Data aplikací\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2012.09.27 13:14:39 | 000,026,624 | R--- | M] () -- C:\Documents and Settings\Jozifek\Data aplikací\Microsoft\Installer\{6910C412-A523-493C-BC22-0213CD7F4F3A}\Icon6910C412.exe
[2006.12.14 10:00:02 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\Jozifek\Data aplikací\U3\temp\cleanup.exe
[2007.02.12 17:46:54 | 003,096,576 | -H-- | M] (SanDisk Corporation) -- C:\Documents and Settings\Jozifek\Data aplikací\U3\temp\Launchpad Removal.exe

< %SYSTEMDRIVE%\*.exe >
[1996.09.16 03:00:00 | 000,202,240 | -H-- | M] (DreamWorks Interactive) -- C:\setup95.exe

< >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2012.04.17 16:19:40 | 003,671,872 | ---- | M] (DT Soft Ltd)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 12:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)

< >

< >

< >

< >

< C:\users\*.dll /s >

< C:\ProgramData\*.* >

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\WINDOWS\assembly\GAC_32\infocard\3.0.0.0__b77a5c561934e089] -> C:\WINDOWS\WinSxS\x86_infocard_b77a5c561934e089_3.0.0.0_x-ww_cf0bd33f -> Junction
[C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a] -> C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790 -> Junction
[C:\WINDOWS\assembly\GAC_MSIL\ComSvcConfig\3.0.0.0__b03f5f7f11d50a3a] -> C:\WINDOWS\WinSxS\MSIL_ComSvcConfig_b03f5f7f11d50a3a_3.0.0.0_x-ww_4c629641 -> Junction
[C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a] -> C:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e -> Junction
[C:\WINDOWS\assembly\GAC_MSIL\ServiceModelReg\3.0.0.0__b03f5f7f11d50a3a] -> C:\WINDOWS\WinSxS\MSIL_ServiceModelReg_b03f5f7f11d50a3a_3.0.0.0_x-ww_5bccaba2 -> Junction
[C:\WINDOWS\assembly\GAC_MSIL\SMSvcHost\3.0.0.0__b03f5f7f11d50a3a] -> C:\WINDOWS\WinSxS\MSIL_SMSvcHost_b03f5f7f11d50a3a_3.0.0.0_x-ww_9468aa34 -> Junction
[C:\WINDOWS\assembly\GAC_MSIL\WsatConfig\3.0.0.0__b03f5f7f11d50a3a] -> C:\WINDOWS\WinSxS\MSIL_WsatConfig_b03f5f7f11d50a3a_3.0.0.0_x-ww_2c20bcb1 -> Junction
[C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a] -> C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492 -> Junction
[C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler\v4.0_4.0.0.0__31bf3856ad364e35] -> C:\WINDOWS\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5 -> Junction

========== Alternate Data Streams ==========

@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:8927A071
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:39413AC3

< End of report >

Skaler.x. · #14 Příspěvek od **Skaler.x.** » 29 pro 2012 21:26

Extras.txt:

OTL Extras logfile created on: 29. 12. 2012 20:50:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Jozifek\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

1,49 Gb Total Physical Memory | 0,81 Gb Available Physical Memory | 54,43% Memory free
3,59 Gb Paging File | 2,94 Gb Available in Paging File | 81,72% Paging File free
Paging file location(s): D:\pagefile.sys 2302 2302 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 56,31 Gb Free Space | 37,78% Space Free | Partition Type: NTFS
Drive D: | 298,09 Gb Total Space | 0,67 Gb Free Space | 0,23% Space Free | Partition Type: NTFS
Drive J: | 644,70 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive L: | 487,19 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive M: | 422,63 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: EMIL | User Name: Jozifek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1993962763-838170752-1801674531-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [DirList] -- C:\Program Files\DirLister\DirLister.exe "%1" (DukeLupus)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\Warcraft III\gproxy.exe" = C:\Program Files\Warcraft III\gproxy.exe:*:Enabled:gproxy -- (www.leaguebots.com)
"C:\Program Files\Warcraft III\war3.exe" = C:\Program Files\Warcraft III\war3.exe:*:Enabled:Warcraft III -- (Blizzard Entertainment)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe" = C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe:*:Enabled:speed2 -- ()
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{378E39C3-92F2-4241-AC90-FAF023007D6D}" = Klient pro správu práv Microsoft Windows Rights Management Services s aktualizací Service Pack 2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{547ADD84-7D19-4EC0-B709-092F997ACA8C}_is1" = DaemonicMU Season V 1.20
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6910C412-A523-493C-BC22-0213CD7F4F3A}" = Industry Giant 2 - Gold Edition
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver
"{8FA7E81D-6D99-4788-8BE4-D898B346AB2E}" = Industry Giant 2
"{90120000-0010-041B-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Slovak) 12
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_STANDARD_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_STANDARD_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}_STANDARD_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_STANDARD_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_STANDARD_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_STANDARD_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARD_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_STANDARD_{0AD4BB83-13B4-4C9D-9BAC-7F64E0B2D5D7}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_STANDARD_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_STANDARD_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Czech
"{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CAE017F8-C238-4397-879B-7FBB915D9457}" = LogMeIn Hamachi
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 Service Pack 1
"{CC5C266E-83E8-43B5-A387-E001E0AD1795}" = Active@ Hard Disk Monitor
"{CC6B1BB4-4E06-4A5B-A166-B371B551324B}" = COMODO Internet Security
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = jetAudio Basic VX
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EC905264-BCFE-423B-9C42-C3A106266790}" = Klient Správy přístupových práv v systému Windows SP2, zpětná kompatibilita
"{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and ConquerTM Generals Zero Hour
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"aTube Catcher" = aTube Catcher
"Blender" = Blender (remove only)
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo II" = Diablo II
"DirLister" = DirLister 1.0
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"Eurobattle.net1.26" = Eurobattle.net
"Eurobattle.net1.26a" = Eurobattle.net
"Google Chrome" = Google Chrome
"Heroes of Might and Magic III Complete" = Heroes of Might and Magic III Complete
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and ConquerTM Generals Zero Hour
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 7.2.0
"LogMeIn Hamachi" = LogMeIn Hamachi
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 17.0.1 (x86 sk)" = Mozilla Firefox 17.0.1 (x86 sk)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NFS: Most Wanted" = NFS: Most Wanted CZ
"POD-Bot 2.5" = POD-Bot 2.5
"PROSet" = Intel(R) PRO Network Connections Drivers
"Quake III Arena & datadisk Quake III Team Arena (ioquake3 1.36 engine)" = Quake III Arena & datadisk Quake III Team Arena (ioquake3 1.36 engine)
"Recepty doma_is1" = Recepty doma
"Scorpions WinCheater 2.07 (s databází 135)_is1" = Scorpions WinCheater
"Shockwave" = Shockwave
"Shutter_is1" = Shutter
"sp6" = Logitech SetPoint 6.32
"STANDARD" = Microsoft Office Standard 2007
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WinRAR archiver" = WinRAR 4.01 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1993962763-838170752-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City
"Warcraft III" = Warcraft III: All Products

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 19. 11. 2012 9:34:41 | Computer Name = EMIL | Source = Windows Search Service | ID = 3024
Description = Aktualizaci nelze spustit, protože zdroje obsahu jsou nepřístupné.
Opravte chyby a spusťte aktualizaci znovu. Kontext: aplikace , katalog SystemIndex

Error - 19. 11. 2012 9:34:41 | Computer Name = EMIL | Source = Windows Search Service | ID = 3024
Description = Aktualizaci nelze spustit, protože zdroje obsahu jsou nepřístupné.
Opravte chyby a spusťte aktualizaci znovu. Kontext: aplikace , katalog SystemIndex

Error - 14. 12. 2012 13:03:24 | Computer Name = EMIL | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Daná operace se vrátila, protože vypršel časový limit.

Error - 14. 12. 2012 13:03:24 | Computer Name = EMIL | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Zvolený server nemůže provést požadovanou operaci.

Error - 17. 12. 2012 16:33:01 | Computer Name = EMIL | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace JetAudio.exe, verze 8.0.15.1900, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 18. 12. 2012 13:52:55 | Computer Name = EMIL | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace wwp.exe, verze 1.0.0.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 29. 12. 2012 6:54:52 | Computer Name = EMIL | Source = Windows Search Service | ID = 3024
Description = Aktualizaci nelze spustit, protože zdroje obsahu jsou nepřístupné.
Opravte chyby a spusťte aktualizaci znovu. Kontext: aplikace , katalog SystemIndex

Error - 29. 12. 2012 6:54:52 | Computer Name = EMIL | Source = Windows Search Service | ID = 3024
Description = Aktualizaci nelze spustit, protože zdroje obsahu jsou nepřístupné.
Opravte chyby a spusťte aktualizaci znovu. Kontext: aplikace , katalog SystemIndex

Error - 29. 12. 2012 15:08:38 | Computer Name = EMIL | Source = Windows Search Service | ID = 3024
Description = Aktualizaci nelze spustit, protože zdroje obsahu jsou nepřístupné.
Opravte chyby a spusťte aktualizaci znovu. Kontext: aplikace , katalog SystemIndex

Error - 29. 12. 2012 15:08:44 | Computer Name = EMIL | Source = Windows Search Service | ID = 3024
Description = Aktualizaci nelze spustit, protože zdroje obsahu jsou nepřístupné.
Opravte chyby a spusťte aktualizaci znovu. Kontext: aplikace , katalog SystemIndex

[ System Events ]
Error - 29. 12. 2012 16:03:16 | Computer Name = EMIL | Source = DCOM | ID = 10010
Description = Server {8BC3F05E-D86B-11D0-A075-00C04FB68820} se v daném časovém limitu
neregistroval u služby DCOM.

Error - 29. 12. 2012 16:03:46 | Computer Name = EMIL | Source = DCOM | ID = 10010
Description = Server {8BC3F05E-D86B-11D0-A075-00C04FB68820} se v daném časovém limitu
neregistroval u služby DCOM.

Error - 29. 12. 2012 16:05:00 | Computer Name = EMIL | Source = DCOM | ID = 10010
Description = Server {8BC3F05E-D86B-11D0-A075-00C04FB68820} se v daném časovém limitu
neregistroval u služby DCOM.

Error - 29. 12. 2012 16:09:32 | Computer Name = EMIL | Source = DCOM | ID = 10010
Description = Server {8BC3F05E-D86B-11D0-A075-00C04FB68820} se v daném časovém limitu
neregistroval u služby DCOM.

Error - 29. 12. 2012 16:10:03 | Computer Name = EMIL | Source = DCOM | ID = 10010
Description = Server {8BC3F05E-D86B-11D0-A075-00C04FB68820} se v daném časovém limitu
neregistroval u služby DCOM.

Error - 29. 12. 2012 16:10:33 | Computer Name = EMIL | Source = DCOM | ID = 10010
Description = Server {8BC3F05E-D86B-11D0-A075-00C04FB68820} se v daném časovém limitu
neregistroval u služby DCOM.

Error - 29. 12. 2012 16:11:03 | Computer Name = EMIL | Source = DCOM | ID = 10010
Description = Server {8BC3F05E-D86B-11D0-A075-00C04FB68820} se v daném časovém limitu
neregistroval u služby DCOM.

Error - 29. 12. 2012 16:11:33 | Computer Name = EMIL | Source = DCOM | ID = 10010
Description = Server {8BC3F05E-D86B-11D0-A075-00C04FB68820} se v daném časovém limitu
neregistroval u služby DCOM.

Error - 29. 12. 2012 16:12:03 | Computer Name = EMIL | Source = DCOM | ID = 10010
Description = Server {8BC3F05E-D86B-11D0-A075-00C04FB68820} se v daném časovém limitu
neregistroval u služby DCOM.

Error - 29. 12. 2012 16:16:03 | Computer Name = EMIL | Source = DCOM | ID = 10010
Description = Server {8BC3F05E-D86B-11D0-A075-00C04FB68820} se v daném časovém limitu
neregistroval u služby DCOM.

< End of report >

Skaler.x. · #15 Příspěvek od **Skaler.x.** » 29 pro 2012 21:48

Nic take som nepostrehol(na 99%), len ako som spominal Chyba pri nacitani souboru C:\dokume~1\jozifek\wgsdgsdgdsgsd.dll a to uz teraz nehlasi, ale problemi stale pretrvavaju.

VIRY.CZ

Vas pocitac bol zablokovany, policia SR

Vas pocitac bol zablokovany, policia SR

Re: Vas pocitac bol zablokovany, policia SR

Re: Vas pocitac bol zablokovany, policia SR

Re: Vas pocitac bol zablokovany, policia SR

Re: Vas pocitac bol zablokovany, policia SR

Re: Vas pocitac bol zablokovany, policia SR

Re: Vas pocitac bol zablokovany, policia SR

Re: Vas pocitac bol zablokovany, policia SR

Re: Vas pocitac bol zablokovany, policia SR

Re: Vas pocitac bol zablokovany, policia SR

Re: Vas pocitac bol zablokovany, policia SR

Re: Vas pocitac bol zablokovany, policia SR

Re: Vas pocitac bol zablokovany, policia SR

Re: Vas pocitac bol zablokovany, policia SR

Re: Vas pocitac bol zablokovany, policia SR