Prosím o kontrolu...Bez jevných závad

[kengura.ivo]

Logfile of random's system information tool 1.08 (written by random/random)
Run by ivo at 2013-04-12 08:29:17
Microsoft Windows 7 Ultimate
System drive C: has 84 GB (60%) free of 140 GB
Total RAM: 2047 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:30:33, on 12.4.2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.17051)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\TNod User & Password Finder\TNODUP.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10p_ActiveX.exe
C:\Windows\system32\UI0Detect.exe
C:\Users\ivo\Pictures\RSIT.exe
C:\Program Files\trend micro\ivo.exe
C:\Program Files\TNod User & Password Finder\TNODUP.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [CmPCIaudio] RunDll32 CMICNFG3.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [TNOD UP] "C:\Program Files\TNod User & Password Finder\TNODUP.exe" /i
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKUS\S-1-5-21-2835880761-377794395-384413730-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2835880761-377794395-384413730-1003\..\Run: [] (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2835880761-377794395-384413730-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O17 - HKLM\System\CCS\Services\Tcpip\..\{27142A06-3188-4F43-B2C6-D8DA4864F6C3}: NameServer = 212.96.161.6,212.96.160.7
O17 - HKLM\System\CS1\Services\Tcpip\..\{27142A06-3188-4F43-B2C6-D8DA4864F6C3}: NameServer = 212.96.161.6,212.96.160.7
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe

--
End of file - 3981 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-01-03 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CmPCIaudio"=RunDll32 CMICNFG3.cpl,CMICtrlWnd []
"TNOD UP"=C:\Program Files\TNod User & Password Finder\TNODUP.exe [2010-04-02 1811968]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-07-02 2202704]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CmPCIaudio]
RunDll32 CMICNFG3.cpl,CMICtrlWnd []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2011-06-29 966712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2013-04-12 08:29:17 ----D---- C:\rsit
2013-04-12 08:29:17 ----D---- C:\Program Files\trend micro
2013-04-07 12:53:12 ----D---- C:\ProgramData\ESET
2013-04-07 12:53:12 ----D---- C:\Program Files\ESET
2013-04-07 12:48:18 ----D---- C:\Program Files\TNod User & Password Finder
2013-04-05 07:54:44 ----D---- C:\ProgramData\Norton
2013-04-05 07:54:31 ----D---- C:\ProgramData\NortonInstaller
2013-03-26 09:53:39 ----D---- C:\Program Files\Ubisoft
2013-03-13 15:39:49 ----A---- C:\Windows\SETUP.INI

======List of files/folders modified in the last 1 months======

2013-04-12 08:30:16 ----D---- C:\Windows\Temp
2013-04-12 08:29:30 ----D---- C:\Windows\Prefetch
2013-04-12 08:29:17 ----D---- C:\Program Files
2013-04-12 08:24:20 ----D---- C:\Windows\System32
2013-04-12 08:24:19 ----D---- C:\Windows\inf
2013-04-12 08:24:19 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-12 08:23:18 ----D---- C:\Windows\system32\config
2013-04-12 08:22:36 ----SHD---- C:\Windows\Installer
2013-04-12 08:19:34 ----D---- C:\Windows
2013-04-11 12:34:12 ----D---- C:\Windows\system32\catroot2
2013-04-07 12:53:34 ----D---- C:\Windows\system32\drivers
2013-04-07 12:53:12 ----HD---- C:\ProgramData
2013-04-05 12:12:01 ----D---- C:\Program Files\The KMPlayer
2013-04-05 11:43:27 ----A---- C:\Windows\Cmicnfg3.ini.cfl
2013-04-05 11:43:19 ----A---- C:\Windows\Cmicnfg3.ini.imi
2013-04-05 11:43:08 ----D---- C:\Windows\system
2013-04-05 11:38:58 ----SHD---- C:\System Volume Information
2013-04-05 11:38:58 ----D---- C:\Program Files\Common Files
2013-04-05 08:23:16 ----D---- C:\Windows\winsxs
2013-04-05 07:55:48 ----D---- C:\Windows\system32\Tasks
2013-03-26 09:58:51 ----RSD---- C:\Windows\assembly
2013-03-26 09:58:03 ----D---- C:\Windows\Logs
2013-03-26 09:53:39 ----HD---- C:\Program Files\InstallShield Installation Information
2013-03-25 15:22:49 ----D---- C:\Users\ivo\AppData\Roaming\Ubisoft
2013-03-25 12:24:09 ----D---- C:\Program Files\Ashampoo
2013-03-18 02:27:12 ----D---- C:\Program Files\CCleaner
2013-03-17 12:42:53 ----SHD---- C:\Boot
2013-03-17 00:01:44 ----D---- C:\Windows\SoftwareDistribution

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-04-28 114984]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2010-04-12 59388]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2011/08/16 18:16:22]; \??\C:\Program Files\CyberLink\PowerDVD9\000.fcl [2009-02-28 87536]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-06-24 136120]
R2 enodpl;enodpl; C:\Windows\System32\drivers\enodpl.sys [2003-03-02 7552]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-04-28 96896]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 tandpl;tandpl; C:\Windows\System32\drivers\tandpl.sys [2003-04-19 4736]
R3 cmuda3;C-Media PCI Audio Interface; C:\Windows\system32\drivers\cmudax3.sys [2009-05-22 1872320]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2011-03-03 139368]
R3 PAC207;SoC PC-Camera; C:\Windows\system32\DRIVERS\PFC027.SYS [2006-12-05 507136]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2011-01-03 47360]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-14 139776]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2010-11-29 10064]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-14 4194816]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-11-26 231936]
S3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athur.sys [2010-01-05 1500160]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2010-11-17 101392]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-14 4194816]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2011-08-17 137472]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-07-02 810144]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-04-07 612456]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2010-12-14 1517376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-13 136176]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-07-02 33584]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-13 136176]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-01-03 1343400]
S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-10-27 718384]
S4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-04-07 378472]

-----------------EOF-----------------

[Márty84]

Zdravim


Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

[kengura.ivo]

OTL Extras logfile created on: 12.4.2013 10:50:06 - Run 1
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\ivo\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,07 Gb Available Physical Memory | 53,62% Memory free
4,00 Gb Paging File | 2,98 Gb Available in Paging File | 74,50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136,71 Gb Total Space | 84,96 Gb Free Space | 62,14% Space Free | Partition Type: NTFS
Drive D: | 12,33 Gb Total Space | 3,47 Gb Free Space | 28,13% Space Free | Partition Type: NTFS

Computer Name: IVO-PC | User Name: ivo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2835880761-377794395-384413730-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D7D5F96-8368-47B3-8869-3D4C7464696A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2F42653F-B598-4B14-86A2-AA883DD79E27}" = rport=138 | protocol=17 | dir=out | app=system |
"{3B6BBB9F-9810-499A-90A4-51EB834963AA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4F3E5585-9C9A-4EC0-8EE4-7DB1FA9DF2C6}" = rport=137 | protocol=17 | dir=out | app=system |
"{5C203EC0-9678-472A-BF4E-3190F58460F3}" = lport=137 | protocol=17 | dir=in | app=system |
"{6332500D-FC15-4E3C-AFC9-0B405450AB22}" = lport=10243 | protocol=6 | dir=in | app=system |
"{70A777FF-FF54-41B7-9F64-46F51DD679D2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7EA73307-99C0-4B2A-ACA5-B64974645FC6}" = lport=445 | protocol=6 | dir=in | app=system |
"{861B56E7-C2B4-46C3-9407-4CD725ED8D5B}" = rport=139 | protocol=6 | dir=out | app=system |
"{8900F004-0B40-490E-A135-9437F8A6EB15}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8B6E21C4-F188-462A-9F66-2A6CF4BBC57A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{924FB32D-D77D-4F29-B9D2-1FDF9E60CD38}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9CB4BA45-D182-440E-A5B6-D4F69F433C0B}" = lport=138 | protocol=17 | dir=in | app=system |
"{A47AB88C-12F6-4A0B-80A9-5D413101FA8A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A721FBA1-AFD7-4C7A-AC4B-AEF3F71E3D2F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A878CEA4-E854-4C5F-B8B6-092885B42EF0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{AF1E6CF2-41DC-4A5E-8928-7DFB78A3B775}" = lport=139 | protocol=6 | dir=in | app=system |
"{B1AB394C-2FAE-4AAA-A2D8-12A5388ACA50}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C0E204A7-61CA-4874-B227-5AFA6105538A}" = rport=445 | protocol=6 | dir=out | app=system |
"{C9CA4A55-EEB8-4E49-8367-B851CCF6DCBA}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D76CE28B-A8E9-413D-8238-7317CE7F162E}" = rport=10243 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{143A5709-F47A-49F2-A9FA-D8841CBA1BF4}" = dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe |
"{1C2C10BF-EFE5-4164-BD6D-A866FF97B131}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2DCB2E0D-B606-4063-8D8A-81A827864FFF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{339C34A0-B911-42C2-B1C8-C52DFDDC65C8}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{540E68FA-C5B2-42D6-A6E9-788B31E2C131}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5D6C7457-2BC9-4D3B-8A73-AF48063C3E71}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6A87B68F-CEC2-4D80-9795-5287E078B7B4}" = dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"{72887B54-7612-486C-97FB-26A3311678F0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{B840E9CD-FD0A-491C-AD65-FF98DF346CC5}" = protocol=17 | dir=in | app=c:\program files\search results toolbar\datamngr\srtool~1\dtuser.exe |
"{BAB98C11-2A32-4DE7-AC4A-2335ADA7EED7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{BEA76CC7-A57C-4629-9ED3-94B98447A923}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C3E51F8B-10CA-4E26-A4C6-196207ED5FB9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CADA6C74-DD84-46ED-9821-81C7146E8D9B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D0268170-2DEE-4972-98F8-A47AACC14BAC}" = protocol=6 | dir=in | app=c:\program files\search results toolbar\datamngr\srtool~1\dtuser.exe |
"{D03236B1-01E9-4412-9255-E40ED0A066F1}" = protocol=6 | dir=out | app=system |
"{D10EA164-DA5F-4848-835D-CC7EE2F98D1F}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd9.exe |
"{D282BB94-99F8-4AB6-B1A9-7A26D2E4A59E}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
"{E6BB2F19-73B9-4C71-AC66-251936DB55D3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E83A6BAE-2106-4548-8386-287B636F9DDF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ECF7F14D-80DD-4A13-A0B3-29BC17C423F9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F0E0F4D7-39B5-41B9-A34B-6434793D9676}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F164CBA8-99C6-4A14-94DF-E8D566C24382}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{12451AF7-EFF8-4B5B-8255-282D7CC7CAEE}" = OviMPlatform
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23BE4DF2-293D-4077-82F4-1FD8C269277C}" = TuneUp Utilities Language Pack (en-US)
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23
"{2CC53A53-44F4-4667-8584-2FFC9ACB2242}" = Ovi Desktop Sync Engine
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{55EB7967-5BB1-4EA2-8AFF-B2F9E487E553}" = PC Connectivity Solution
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{90280405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional s aplikací FrontPage
"{94490075-155F-4D08-B92D-4FE592F98591}" = Nokia Ovi Suite
"{95140000-00AF-0405-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A8F7FCEF-3CA6-4CE9-8FEA-8BB18F8686F0}" = Nokia Ovi Suite Software Updater
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.3 - Czech
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF88496B-4BBA-4922-97E9-2582D3A28358}" = Nokia Connectivity Cable Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 270.61
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.2.22.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B75C664F-070C-4E38-918C-DC98F877F837}" = ESET NOD32 Antivirus
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{D1B01DC9-CBAF-45F9-A387-7D00C11B630E}" = Microsoft Games for Windows - LIVE Redistributable
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.9.322
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ashampoo Burning Studio 11_is1" = Ashampoo Burning Studio 11 v.11.0.4
"C-Media PCI Audio Driver" = C-Media PCI Audio Device
"CyberLink PowerDVD 9.0.1501" = CyberLink PowerDVD 9.0.1501 CZ
"ilividtoolbargaw" = Search-Results Toolbar
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 20.0.1 (x86 cs)" = Mozilla Firefox 20.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nokia Ovi Suite" = Nokia Ovi Suite
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"PowerISO" = PowerISO
"The KMPlayer" = The KMPlayer (remove only)
"TNod" = TNod User & Password Finder
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"WinRAR archiver" = WinRAR
"ZonerPhotoStudio12_CZ_is1" = Zoner Photo Studio 12

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2835880761-377794395-384413730-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2835880761-377794395-384413730-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 18.11.2011 7:07:37 | Computer Name = ivo-PC | Source = System Restore | ID = 8193
Description =

Error - 18.11.2011 8:34:02 | Computer Name = ivo-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: mm.exe, verze: 0.0.0.0, časové razítko:
0x45211f69 Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16695, časové razítko:
0x4cc7ab44 Kód výjimky: 0xc0000005 Posun chyby: 0x00051f88 ID chybujícího procesu:
0xd94 Čas spuštění chybující aplikace: 0x01cca5e29610446b Cesta k chybující aplikaci:
C:\Users\ivo\AppData\Roaming\Ubisoft\Dark Messiah of Might and Magic\mm.exe Cesta
k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll ID zprávy: 9856a746-11e1-11e1-8ece-00218514e695

Error - 18.11.2011 10:51:55 | Computer Name = ivo-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: mm.exe, verze: 0.0.0.0, časové razítko:
0x45211f69 Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16695, časové razítko:
0x4cc7ab44 Kód výjimky: 0xc0000005 Posun chyby: 0x00051f88 ID chybujícího procesu:
0xe4c Čas spuštění chybující aplikace: 0x01cca5ff9d5cbdcd Cesta k chybující aplikaci:
C:\Users\ivo\AppData\Roaming\Ubisoft\Dark Messiah of Might and Magic\mm.exe Cesta
k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll ID zprávy: db4f4734-11f4-11e1-a373-00218514e695

Error - 18.11.2011 11:09:59 | Computer Name = ivo-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: mm.exe, verze: 0.0.0.0, časové razítko:
0x45211f69 Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16695, časové razítko:
0x4cc7ab44 Kód výjimky: 0xc0000005 Posun chyby: 0x00051f88 ID chybujícího procesu:
0x50c Čas spuštění chybující aplikace: 0x01cca6038bbacaa6 Cesta k chybující aplikaci:
C:\Users\ivo\AppData\Roaming\Ubisoft\Dark Messiah of Might and Magic\mm.exe Cesta
k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll ID zprávy: 615da681-11f7-11e1-8aa0-00218514e695

Error - 18.11.2011 11:10:23 | Computer Name = ivo-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: mm.exe, verze: 0.0.0.0, časové razítko:
0x45211f69 Název chybujícího modulu: engine.dll_unloaded, verze: 0.0.0.0, časové
razítko: 0x456c5bb0 Kód výjimky: 0xc0000005 Posun chyby: 0x202b6859 ID chybujícího
procesu: 0x50c Čas spuštění chybující aplikace: 0x01cca6038bbacaa6 Cesta k chybující
aplikaci: C:\Users\ivo\AppData\Roaming\Ubisoft\Dark Messiah of Might and Magic\mm.exe
Cesta
k chybujícímu modulu: engine.dll ID zprávy: 6fac0ecc-11f7-11e1-8aa0-00218514e695

Error - 18.11.2011 13:42:33 | Computer Name = ivo-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: mm.exe, verze: 0.0.0.0, časové razítko:
0x45211f69 Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16695, časové razítko:
0x4cc7ab44 Kód výjimky: 0xc0000005 Posun chyby: 0x00051f88 ID chybujícího procesu:
0xcc8 Čas spuštění chybující aplikace: 0x01cca60480dd8ab7 Cesta k chybující aplikaci:
C:\Users\ivo\AppData\Roaming\Ubisoft\Dark Messiah of Might and Magic\mm.exe Cesta
k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll ID zprávy: b1b33d1b-120c-11e1-8aa0-00218514e695

Error - 19.11.2011 5:32:26 | Computer Name = ivo-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: mm.exe, verze: 0.0.0.0, časové razítko:
0x45211f69 Název chybujícího modulu: datacache.dll, verze: 0.0.0.0, časové razítko:
0x456c5aa1 Kód výjimky: 0xc0000005 Posun chyby: 0x00009737 ID chybujícího procesu:
0x478 Čas spuštění chybující aplikace: 0x01cca69ba34119bd Cesta k chybující aplikaci:
C:\Users\ivo\AppData\Roaming\Ubisoft\Dark Messiah of Might and Magic\mm.exe Cesta
k chybujícímu modulu: c:\users\ivo\appdata\roaming\ubisoft\dark messiah of might
and magic\bin\datacache.dll ID zprávy: 640e7d9f-1291-11e1-be13-00218514e695

Error - 19.11.2011 10:52:20 | Computer Name = ivo-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: mm.exe, verze: 0.0.0.0, časové razítko:
0x45211f69 Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16695, časové razítko:
0x4cc7ab44 Kód výjimky: 0xc0000005 Posun chyby: 0x00051f88 ID chybujícího procesu:
0x2a0 Čas spuštění chybující aplikace: 0x01cca6ad838e1e70 Cesta k chybující aplikaci:
C:\Users\ivo\AppData\Roaming\Ubisoft\Dark Messiah of Might and Magic\mm.exe Cesta
k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll ID zprávy: 144fb4c7-12be-11e1-96db-00218514e695

Error - 19.11.2011 12:52:10 | Computer Name = ivo-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: mm.exe, verze: 0.0.0.0, časové razítko:
0x45211f69 Název chybujícího modulu: datacache.dll, verze: 0.0.0.0, časové razítko:
0x456c5aa1 Kód výjimky: 0xc0000005 Posun chyby: 0x00009737 ID chybujícího procesu:
0x2bc Čas spuštění chybující aplikace: 0x01cca6ce24a161b8 Cesta k chybující aplikaci:
C:\Users\ivo\AppData\Roaming\Ubisoft\Dark Messiah of Might and Magic\mm.exe Cesta
k chybujícímu modulu: c:\users\ivo\appdata\roaming\ubisoft\dark messiah of might
and magic\bin\datacache.dll ID zprávy: d2344c52-12ce-11e1-a917-00218514e695

Error - 20.11.2011 10:39:11 | Computer Name = ivo-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: mm.exe, verze: 0.0.0.0, časové razítko:
0x45211f69 Název chybujícího modulu: datacache.dll, verze: 0.0.0.0, časové razítko:
0x456c5aa1 Kód výjimky: 0xc0000005 Posun chyby: 0x00009737 ID chybujícího procesu:
0x97c Čas spuštění chybující aplikace: 0x01cca7690d32a203 Cesta k chybující aplikaci:
C:\Users\ivo\AppData\Roaming\Ubisoft\Dark Messiah of Might and Magic\mm.exe Cesta
k chybujícímu modulu: c:\users\ivo\appdata\roaming\ubisoft\dark messiah of might
and magic\bin\datacache.dll ID zprávy: 6878770a-1385-11e1-8264-00218514e695

[ System Events ]
Error - 10.4.2013 12:28:08 | Computer Name = ivo-PC | Source = Service Control Manager | ID = 7001
Description = Služba Načítání obrázků (WIA) závisí na službě Rozpoznávání hardwaru,
která neuspěla při spuštění v důsledku následující chyby: %%1058

Error - 11.4.2013 6:33:48 | Computer Name = ivo-PC | Source = Service Control Manager | ID = 7001
Description = Služba Načítání obrázků (WIA) závisí na službě Rozpoznávání hardwaru,
která neuspěla při spuštění v důsledku následující chyby: %%1058

Error - 11.4.2013 9:00:10 | Computer Name = ivo-PC | Source = Service Control Manager | ID = 7001
Description = Služba Načítání obrázků (WIA) závisí na službě Rozpoznávání hardwaru,
která neuspěla při spuštění v důsledku následující chyby: %%1058

Error - 11.4.2013 11:56:20 | Computer Name = ivo-PC | Source = Service Control Manager | ID = 7001
Description = Služba Načítání obrázků (WIA) závisí na službě Rozpoznávání hardwaru,
která neuspěla při spuštění v důsledku následující chyby: %%1058

Error - 12.4.2013 2:19:46 | Computer Name = ivo-PC | Source = Service Control Manager | ID = 7001
Description = Služba Načítání obrázků (WIA) závisí na službě Rozpoznávání hardwaru,
která neuspěla při spuštění v důsledku následující chyby: %%1058

Error - 12.4.2013 3:49:14 | Computer Name = ivo-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (9:47:35, ?12.?4.?2013) bylo neočekávané.

Error - 12.4.2013 3:49:29 | Computer Name = ivo-PC | Source = Service Control Manager | ID = 7001
Description = Služba Načítání obrázků (WIA) závisí na službě Rozpoznávání hardwaru,
která neuspěla při spuštění v důsledku následující chyby: %%1058

Error - 12.4.2013 4:03:15 | Computer Name = ivo-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (10:02:01, ?12.?4.?2013) bylo neočekávané.

Error - 12.4.2013 4:03:28 | Computer Name = ivo-PC | Source = Service Control Manager | ID = 7001
Description = Služba Načítání obrázků (WIA) závisí na službě Rozpoznávání hardwaru,
která neuspěla při spuštění v důsledku následující chyby: %%1058

Error - 12.4.2013 4:36:20 | Computer Name = ivo-PC | Source = Service Control Manager | ID = 7030
Description = Služba Datamngr Coordinator je označena jako interaktivní služba.
Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato
služba nebude fungovat správně.

[ TuneUp Events ]
Error - 21.7.2011 6:26:26 | Computer Name = ivo-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 20.11.2011 9:48:28 | Computer Name = ivo-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 22.11.2011 10:00:23 | Computer Name = ivo-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 10.11.2012 8:54:47 | Computer Name = ivo-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 10.11.2012 8:58:29 | Computer Name = ivo-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 10.11.2012 9:06:04 | Computer Name = ivo-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 10.11.2012 9:13:39 | Computer Name = ivo-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 10.11.2012 9:14:03 | Computer Name = ivo-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 10.11.2012 9:17:48 | Computer Name = ivo-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 22.11.2012 12:26:32 | Computer Name = ivo-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =


< End of report >

[kengura.ivo]

OTL logfile created on: 12.4.2013 10:50:06 - Run 1
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\ivo\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,07 Gb Available Physical Memory | 53,62% Memory free
4,00 Gb Paging File | 2,98 Gb Available in Paging File | 74,50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136,71 Gb Total Space | 84,96 Gb Free Space | 62,14% Space Free | Partition Type: NTFS
Drive D: | 12,33 Gb Total Space | 3,47 Gb Free Space | 28,13% Space Free | Partition Type: NTFS

Computer Name: IVO-PC | User Name: ivo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.04.10 08:56:41 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013.04.03 14:18:58 | 004,971,008 | ---- | M] (Bandoo Media Inc.) -- C:\Program Files\Search Results Toolbar\Datamngr\DatamngrUI.exe
PRC - [2013.04.03 14:18:57 | 004,557,824 | ---- | M] (Bandoo Media Inc.) -- C:\Program Files\Search Results Toolbar\Datamngr\DatamngrCoordinator.exe
PRC - [2012.05.23 13:03:54 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\ivo\Desktop\OTL.exe
PRC - [2011.04.08 07:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.04.07 22:43:20 | 000,373,864 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2011.04.07 22:43:04 | 000,841,832 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.12.14 15:44:38 | 001,049,920 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\Integrator.exe
PRC - [2010.12.14 15:42:42 | 000,653,120 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
PRC - [2010.12.14 15:41:10 | 001,517,376 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
PRC - [2010.07.02 12:43:40 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2010.07.02 12:43:36 | 002,202,704 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe


========== Modules (No Company Name) ==========

MOD - [2013.04.10 08:56:55 | 003,133,336 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013.04.03 14:19:00 | 000,011,776 | ---- | M] () -- C:\Program Files\Search Results Toolbar\Datamngr\mgrldr.dll
MOD - [2012.12.23 14:10:32 | 000,055,296 | ---- | M] () -- C:\Users\ivo\AppData\Local\Temp\nsqE0F8.tmp\~nsaD935.tmp
MOD - [2011.04.07 21:54:38 | 000,239,720 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2010.12.14 15:44:12 | 000,544,064 | ---- | M] () -- C:\Program Files\TuneUp Utilities 2011\TUSqlDB32.dll
MOD - [2010.02.10 19:10:12 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


========== Win32 Services (SafeList) ==========

SRV - [2013.04.10 08:56:49 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.04.03 14:18:57 | 004,557,824 | ---- | M] (Bandoo Media Inc.) [Auto | Running] -- C:\Program Files\Search Results Toolbar\Datamngr\DatamngrCoordinator.exe -- (DatamngrCoordinator)
SRV - [2011.10.27 10:34:30 | 000,718,384 | ---- | M] (Nokia) [Disabled | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.04.08 07:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.04.07 21:54:52 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.01.03 21:14:19 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.12.14 15:41:10 | 001,517,376 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010.12.14 15:39:10 | 000,029,504 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2010.07.02 12:44:10 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010.07.02 12:43:40 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2011.08.17 13:03:58 | 000,137,472 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2011.08.17 12:56:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.08.17 12:56:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.08.17 12:56:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.08.17 12:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011.04.08 07:14:00 | 010,690,024 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011.03.03 17:59:19 | 000,139,368 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2010.11.29 20:27:40 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2010.11.26 04:16:26 | 000,231,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010.11.17 14:04:24 | 000,101,392 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2010.06.24 09:04:14 | 000,136,120 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2010.04.28 08:17:46 | 000,114,984 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010.04.28 08:17:46 | 000,096,896 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2010.04.12 10:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2010.01.05 19:20:10 | 001,500,160 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athur.sys -- (athur)
DRV - [2009.07.14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009.07.14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009.07.14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.14 00:09:17 | 004,194,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.07.14 00:09:17 | 004,194,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2009.05.22 09:03:00 | 001,872,320 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cmudax3.sys -- (cmuda3)
DRV - [2009.02.28 19:40:18 | 000,087,536 | ---- | M] (CyberLink Corp.) [2011/08/16 18:16:22] [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006.12.05 12:34:42 | 000,507,136 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PFC027.SYS -- (PAC207)
DRV - [2003.04.19 01:32:04 | 000,004,736 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tandpl.sys -- (tandpl)
DRV - [2003.03.02 18:44:26 | 000,007,552 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\enodpl.sys -- (enodpl)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ie ... earchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2835880761-377794395-384413730-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchnu.com/406
IE - HKU\S-1-5-21-2835880761-377794395-384413730-1000\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKU\S-1-5-21-2835880761-377794395-384413730-1000\..\SearchScopes\{3CA653D2-2360-4DEA-BD5B-B5750F4F35E5}: "URL" = http://www.webhledani.cz/results.aspx?i ... earchTerms}
IE - HKU\S-1-5-21-2835880761-377794395-384413730-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ie ... earchTerms}
IE - HKU\S-1-5-21-2835880761-377794395-384413730-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2835880761-377794395-384413730-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
IE - HKU\S-1-5-21-2835880761-377794395-384413730-1003\..\SearchScopes,DefaultScope = {3CA653D2-2360-4DEA-BD5B-B5750F4F35E5}
IE - HKU\S-1-5-21-2835880761-377794395-384413730-1003\..\SearchScopes\{3CA653D2-2360-4DEA-BD5B-B5750F4F35E5}: "URL" = http://www.webhledani.cz/results.aspx?i ... earchTerms}
IE - HKU\S-1-5-21-2835880761-377794395-384413730-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Search Results"
FF - prefs.js..browser.search.useDBForOrder: ""
FF - prefs.js..browser.startup.homepage: "http://www.searchnu.com/406"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.76
FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ff ... PN10645&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.04.12 09:17:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.11.07 13:43:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2012.10.07 11:52:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013.04.07 12:53:13 | 000,000,000 | ---D | M]

[2013.04.12 10:35:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ivo\AppData\Roaming\Mozilla\Extensions
[2013.04.12 10:35:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\extensions
[2013.04.12 10:35:44 | 000,000,000 | ---D | M] (Search-Results Toolbar) -- C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\extensions\{377e5d4d-77e5-476a-8716-7e70a9272da0}
[2013.04.12 10:35:15 | 000,002,687 | ---- | M] () -- C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\searchplugins\Search_Results.xml
[2013.04.12 10:35:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.04.12 10:35:13 | 000,000,000 | ---D | M] (Datamngr) -- C:\PROGRAM FILES\SEARCH RESULTS TOOLBAR\DATAMNGR\FIREFOXEXTENSION
[2013.04.10 08:57:39 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.01.03 01:39:34 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2013.04.10 12:37:04 | 000,002,421 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2013.04.10 12:37:04 | 000,000,851 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2013.04.12 10:35:15 | 000,002,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2013.04.10 12:37:04 | 000,001,580 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2013.04.10 12:37:04 | 000,000,867 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2013.04.10 12:37:04 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2012.05.23 13:51:43 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Search-Results Toolbar) - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC)
O2 - BHO: (Data Manager) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files\Search Results Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media Inc.)
O3 - HKLM\..\Toolbar: (Search-Results Toolbar) - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [CmPCIaudio] RunDll32 CMICNFG3.cpl,CMICtrlWnd File not found
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\Search Results Toolbar\Datamngr\DatamngrUI.exe (Bandoo Media Inc.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [TNOD UP] D:\Instal\ESET NOD32 Antivirus 4 v4.2.58.5 100% Works Licence 32bit, 64bit CZ\TNODUP\TNODUP.exe (Tukero[X]Team)
O4 - HKU\S-1-5-21-2835880761-377794395-384413730-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-2835880761-377794395-384413730-1003..\Run: [] File not found
O4 - HKU\S-1-5-21-2835880761-377794395-384413730-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2835880761-377794395-384413730-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2835880761-377794395-384413730-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{27142A06-3188-4F43-B2C6-D8DA4864F6C3}: NameServer = 212.96.161.6,212.96.160.7
O20 - AppInit_DLLs: (C:\PROGRA~2\Wincert\WIN32C~1.DLL) - C:\ProgramData\Wincert\win32cert.dll ()
O20 - AppInit_DLLs: (C:\PROGRA~1\SEARCH~1\Datamngr\mgrldr.dll) - C:\Program Files\Search Results Toolbar\Datamngr\mgrldr.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27 - HKLM IFEO\controller editor.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\nvstlink.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\nvstview.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\skype.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.11.01 19:36:46 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AC2.part01.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
System Restore Service not available.

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (EA.com/On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (EA.com/On2.com)
Drivers32: vidc.VP62 - C:\Windows\System32\vp6vfw.dll (EA.com/On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.04.12 10:48:41 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\ivo\Desktop\OTL.exe
[2013.04.12 10:36:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Wincert
[2013.04.12 10:34:11 | 000,000,000 | ---D | C] -- C:\Program Files\Search Results Toolbar
[2013.04.12 10:33:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Datamngr
[2013.04.12 10:32:39 | 000,000,000 | ---D | C] -- C:\Users\ivo\AppData\Local\iLivid
[2013.04.12 09:17:54 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013.04.12 08:29:17 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.04.07 12:53:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2013.04.07 12:53:12 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2013.04.07 12:53:12 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013.04.07 12:48:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder
[2013.04.07 12:48:18 | 000,000,000 | ---D | C] -- C:\Program Files\TNod User & Password Finder
[2013.04.05 12:09:55 | 000,000,000 | ---D | C] -- C:\Users\ivo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
[2013.04.05 07:54:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2013.04.05 07:54:31 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2013.03.26 09:53:39 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft

========== Files - Modified Within 30 Days ==========

[2013.04.12 10:54:33 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.04.12 10:15:25 | 000,642,874 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2013.04.12 10:15:25 | 000,628,236 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.04.12 10:15:25 | 000,127,888 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2013.04.12 10:15:25 | 000,112,022 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.04.12 10:10:54 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.12 10:10:54 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.12 10:03:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.12 09:49:19 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.12 09:49:19 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.12 09:17:56 | 000,001,068 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.04.12 08:33:38 | 000,001,789 | ---- | M] () -- C:\Users\Public\Desktop\Update NOD32 license.lnk
[2013.04.05 12:09:55 | 000,000,956 | ---- | M] () -- C:\Users\ivo\Desktop\KMPlayer.lnk
[2013.04.05 11:43:27 | 000,001,312 | ---- | M] () -- C:\Windows\Cmicnfg3.ini.cfl
[2013.04.05 11:43:20 | 000,000,136 | ---- | M] () -- C:\Windows\System\Dlap.pfx
[2013.04.05 11:43:19 | 000,000,137 | ---- | M] () -- C:\Windows\Cmicnfg3.ini.imi
[2013.04.05 11:43:08 | 000,000,076 | ---- | M] () -- C:\Windows\System\Cmicnfg3.ini
[2013.03.18 00:11:36 | 000,001,416 | ---- | M] () -- C:\Users\ivo\Desktop\Internet Explorer (2).lnk
[2013.03.17 01:45:08 | 000,000,045 | ---- | M] () -- C:\Windows\System32\initdebug.nfo
[2013.03.13 15:39:49 | 000,002,066 | ---- | M] () -- C:\Windows\SETUP.INI

========== Files Created - No Company Name ==========

[2013.04.12 10:54:33 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.04.12 09:17:55 | 000,001,080 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.04.12 09:17:55 | 000,001,068 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.04.07 12:48:19 | 000,001,789 | ---- | C] () -- C:\Users\Public\Desktop\Update NOD32 license.lnk
[2013.04.05 12:09:55 | 000,000,956 | ---- | C] () -- C:\Users\ivo\Desktop\KMPlayer.lnk
[2013.03.18 00:11:36 | 000,001,416 | ---- | C] () -- C:\Users\ivo\Desktop\Internet Explorer (2).lnk
[2013.03.13 15:39:49 | 000,002,066 | ---- | C] () -- C:\Windows\SETUP.INI
[2013.02.19 11:19:59 | 000,000,583 | ---- | C] () -- C:\Windows\QIII.INI
[2012.10.17 16:57:36 | 000,000,865 | ---- | C] () -- C:\Windows\CLASSIC.INI
[2012.10.01 10:54:13 | 000,001,312 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfl
[2012.10.01 10:54:12 | 000,552,960 | R--- | C] () -- C:\Windows\System32\Cmeaupci.exe
[2012.10.01 10:53:31 | 000,303,104 | R--- | C] () -- C:\Windows\System32\CmiInstallResAll.dll
[2012.10.01 10:53:31 | 000,002,123 | R--- | C] () -- C:\Windows\Cmicnfg3.ini.cfg
[2012.10.01 10:53:31 | 000,000,137 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.imi
[2011.12.17 10:47:14 | 000,000,042 | ---- | C] () -- C:\Windows\STXKBD.INI
[2011.12.17 10:47:13 | 000,002,116 | ---- | C] () -- C:\Windows\WINTRAN.INI
[2011.12.17 10:47:13 | 000,000,882 | ---- | C] () -- C:\Windows\WDICT32.INI
[2011.12.17 10:47:13 | 000,000,033 | ---- | C] () -- C:\Windows\WTRDCTM.INI
[2011.10.22 10:27:30 | 000,007,605 | ---- | C] () -- C:\Users\ivo\AppData\Local\Resmon.ResmonCfg
[2011.09.20 16:46:50 | 000,000,024 | ---- | C] () -- C:\Windows\System32\Morrowind.ini
[2011.07.25 07:52:17 | 000,000,120 | ---- | C] () -- C:\Windows\disney.ini
[2011.07.10 09:30:00 | 000,000,059 | ---- | C] () -- C:\Windows\wininit.ini
[2011.06.11 11:39:29 | 000,007,552 | ---- | C] () -- C:\Windows\System32\drivers\enodpl.sys
[2011.06.11 11:39:29 | 000,004,736 | ---- | C] () -- C:\Windows\System32\drivers\tandpl.sys
[2011.06.11 10:48:08 | 000,000,604 | ---- | C] () -- C:\Windows\Sof2.INI
[2011.05.09 09:56:51 | 000,022,328 | ---- | C] () -- C:\Users\ivo\AppData\Roaming\PnkBstrK.sys
[2011.05.07 22:21:26 | 000,000,600 | ---- | C] () -- C:\Windows\Rtcw.INI

========== LOP Check ==========

[2012.05.07 15:17:54 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Ashampoo
[2011.09.05 16:52:22 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Bioshock
[2011.03.12 16:34:39 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\FairStars Audio Converter Pro
[2011.01.16 01:58:42 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\FreeFileViewer
[2011.03.17 09:07:43 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\ICQ
[2011.09.03 13:09:41 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Leadertech
[2012.10.30 14:22:30 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\MAGIX
[2012.10.20 10:36:01 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Nokia
[2011.07.11 13:46:23 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Nokia Ovi Suite
[2011.01.11 18:42:06 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\PC Suite
[2011.09.28 11:21:43 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Stardock
[2011.01.13 13:50:40 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Tific
[2011.07.25 08:19:22 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Touchstone
[2012.09.10 18:30:10 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\TuneUp Software
[2013.03.25 15:22:49 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Ubisoft
[2011.01.16 01:58:17 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Uniblue
[2011.01.10 13:30:31 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Voipwise
[2013.03.04 19:36:53 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Vso
[2011.01.02 20:25:08 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Zoner
[2013.03.23 14:02:14 | 000,032,566 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< >

[kengura.ivo]

< >

< MD5 for: AGP440.SYS >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\System32\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2012.04.24 06:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2012.04.24 06:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2012.04.24 06:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\System32\cryptsvc.dll
[2012.04.24 06:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2012.04.24 06:33:53 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=F522279B4717E2BFF269C771FAC2B78E -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\System32\hal.dll
[2009.07.14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: IASTORV.SYS >
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0033117673c16921\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2011.03.11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\drivers\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\isapnp.sys

< MD5 for: LSASS.EXE >
[2011.11.17 09:09:25 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=05F38CB7CAB3CE8E9A1812D517DA93EF -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_a69c8e86d7476262\lsass.exe
[2011.11.17 07:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\lsass.exe
[2011.11.17 07:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_a828bb43bb2beb28\lsass.exe
[2012.06.02 06:40:31 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=A6034689ACF9D14973F8384AD5A5451E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_a6eb42a4d70be51e\lsass.exe
[2011.11.17 07:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- C:\Windows\System32\lsass.exe
[2011.11.17 07:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_a66c9bbdbde5f8fa\lsass.exe
[2011.11.17 07:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_a656d407bdf6641e\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe
[2012.06.02 06:51:22 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FA7B950E4CA6AA260C4EABA19E03644D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_a8d76e24d42eb666\lsass.exe
[2011.11.17 07:24:04 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FBCB2DFA40862DAA7B1534C9538208A5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\lsass.exe

< MD5 for: NDIS.SYS >
[2009.07.14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\System32\drivers\ndis.sys
[2009.07.14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvraid.sys
[2011.03.11 07:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvraid.sys
[2011.03.11 07:28:10 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=E3B840350A72CA6F39BD2BEF85A2BCFB -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvraid.sys
[2011.03.11 07:44:01 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=F1B0BED906F97E16F6D0C3629D2F21C6 -- C:\Windows\System32\drivers\nvraid.sys
[2011.03.11 07:44:01 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=F1B0BED906F97E16F6D0C3629D2F21C6 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_38e464dbe521cc7f\nvraid.sys
[2011.03.11 07:44:01 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=F1B0BED906F97E16F6D0C3629D2F21C6 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvraid.sys
[2011.03.11 07:52:25 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=FCD5C3542A85EEBA7D0833B7E5086C10 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_38e464dbe521cc7f\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\System32\smss.exe
[2009.07.14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.04.25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2012.03.30 12:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\System32\drivers\tcpip.sys
[2012.03.30 12:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011.04.25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2012.03.30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011.04.25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012.03.30 11:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2010.06.14 08:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010.06.14 08:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2012.03.30 12:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< MD5 for: WS2_32.DLL >
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\System32\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.02.11 23:28:44 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Adobe
[2011.02.27 20:00:00 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Ahead
[2012.05.07 15:17:54 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Ashampoo
[2011.01.02 18:24:01 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\ATI
[2011.09.05 16:52:22 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Bioshock
[2011.08.16 07:46:22 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\CyberLink
[2011.03.12 16:34:39 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\FairStars Audio Converter Pro
[2011.01.16 01:58:42 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\FreeFileViewer
[2011.03.17 09:07:43 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\ICQ
[2011.01.02 08:46:27 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Identities
[2011.08.31 06:51:44 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\InstallShield
[2011.09.03 13:09:41 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Leadertech
[2011.01.02 08:51:53 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Macromedia
[2012.10.30 14:22:30 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\MAGIX
[2011.01.02 20:43:04 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Malwarebytes
[2009.07.14 11:20:06 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Media Center Programs
[2013.02.09 13:57:53 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Media Player Classic
[2012.11.07 14:30:54 | 000,000,000 | --SD | M] -- C:\Users\ivo\AppData\Roaming\Microsoft
[2011.01.02 20:07:42 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Mozilla
[2011.02.18 14:08:28 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Nero
[2012.10.20 10:36:01 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Nokia
[2011.07.11 13:46:23 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Nokia Ovi Suite
[2011.02.18 15:31:46 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\NVIDIA
[2011.01.11 18:42:06 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\PC Suite
[2011.05.24 07:07:07 | 000,000,000 | RH-D | M] -- C:\Users\ivo\AppData\Roaming\SecuROM
[2012.01.27 16:10:47 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Skype
[2011.04.01 09:15:28 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\skypePM
[2011.09.28 11:21:43 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Stardock
[2011.01.13 13:50:40 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Tific
[2011.07.25 08:19:22 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Touchstone
[2012.09.10 18:30:10 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\TuneUp Software
[2013.03.25 15:22:49 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Ubisoft
[2011.01.16 01:58:17 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Uniblue
[2011.01.10 13:30:31 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Voipwise
[2013.03.04 19:36:53 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Vso
[2011.01.02 09:02:57 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\WinRAR
[2011.01.02 20:25:08 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2011.01.03 04:53:39 | 000,087,608 | ---- | M] () -- C:\Users\ivo\AppData\Roaming\inst.exe
[2011.11.22 15:35:13 | 000,007,680 | R--- | M] () -- C:\Users\ivo\AppData\Roaming\Microsoft\Installer\{2B0C9858-8D78-48B2-BC37-4CAEBB2CA510}\Icon2B0C9858.exe
[2011.11.22 15:35:13 | 000,101,888 | R--- | M] () -- C:\Users\ivo\AppData\Roaming\Microsoft\Installer\{2B0C9858-8D78-48B2-BC37-4CAEBB2CA510}\Icon2B0C98582.exe
[2011.11.22 15:35:13 | 000,012,800 | R--- | M] () -- C:\Users\ivo\AppData\Roaming\Microsoft\Installer\{2B0C9858-8D78-48B2-BC37-4CAEBB2CA510}\Icon2B0C98583.exe
[2011.11.22 15:35:13 | 000,018,944 | R--- | M] () -- C:\Users\ivo\AppData\Roaming\Microsoft\Installer\{2B0C9858-8D78-48B2-BC37-4CAEBB2CA510}\Icon2B0C98584.exe
[2011.11.22 15:35:13 | 000,396,288 | R--- | M] () -- C:\Users\ivo\AppData\Roaming\Microsoft\Installer\{2B0C9858-8D78-48B2-BC37-4CAEBB2CA510}\Icon2B0C98585.exe
[2011.11.22 15:35:13 | 000,252,416 | R--- | M] () -- C:\Users\ivo\AppData\Roaming\Microsoft\Installer\{2B0C9858-8D78-48B2-BC37-4CAEBB2CA510}\Icon2B0C98586.exe
[2011.11.27 18:33:29 | 000,107,008 | R--- | M] () -- C:\Users\ivo\AppData\Roaming\Microsoft\Installer\{359ADF3A-F727-40F1-9D8A-6699EE355287}\Icon359ADF3A1.exe
[2011.11.27 18:33:29 | 000,004,608 | R--- | M] () -- C:\Users\ivo\AppData\Roaming\Microsoft\Installer\{359ADF3A-F727-40F1-9D8A-6699EE355287}\Icon359ADF3A2.exe
[2011.11.27 18:33:29 | 000,106,496 | R--- | M] () -- C:\Users\ivo\AppData\Roaming\Microsoft\Installer\{359ADF3A-F727-40F1-9D8A-6699EE355287}\Icon359ADF3A3.exe
[2011.11.27 18:33:29 | 000,107,008 | R--- | M] () -- C:\Users\ivo\AppData\Roaming\Microsoft\Installer\{359ADF3A-F727-40F1-9D8A-6699EE355287}\Icon359ADF3A4.exe
[2011.11.27 18:33:29 | 000,210,432 | R--- | M] () -- C:\Users\ivo\AppData\Roaming\Microsoft\Installer\{359ADF3A-F727-40F1-9D8A-6699EE355287}\Icon359ADF3A5.exe
[2011.05.21 22:39:04 | 000,010,134 | R--- | M] () -- C:\Users\ivo\AppData\Roaming\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
[2010.04.25 22:08:43 | 000,342,365 | ---- | M] () -- C:\Users\ivo\AppData\Roaming\Nero\Uninstall.exe
[2011.03.31 23:26:36 | 007,391,320 | ---- | M] (ZONER software ) -- C:\Users\ivo\AppData\Roaming\Zoner\NLMDB\product.0032\autoupdate.cz\ZPS12_Update_Build12.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.04.12 10:10:54 | 000,014,224 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.12 10:10:54 | 000,014,224 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.12 11:22:20 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\deployJava1.dll
[2013.04.12 11:22:20 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\npDeployJava1.dll
[2013.04.12 10:15:25 | 000,127,888 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2013.04.12 10:15:25 | 000,112,022 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2013.04.12 10:15:25 | 000,642,874 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2013.04.12 10:15:25 | 000,628,236 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2013.04.12 10:15:22 | 001,506,968 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"" =

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.04.12 10:54:33 | 000,000,512 | ---- | M] () MD5=C1640A2FD066CD86531E1D057C2FEBE9 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2003.04.23 18:09:10 | 000,459,150 | ---- | M] () -- \Program Files\Bethesda Softworks\Morrowind\Data Files\Sound\Fx\icecracking.wav

< *keygen* /s >

< *loader* /s >
[2011.02.15 08:22:28 | 000,335,872 | ---- | M] () -- \Program Files\Common Files\Nokia\Service Layer\A\nsl_loader.dll
[2011.04.14 11:35:32 | 000,131,072 | ---- | M] () -- \Program Files\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2009.02.28 22:12:40 | 000,010,789 | ---- | M] () -- \Program Files\CyberLink\PowerDVD9\PowerDVD Cinema\mm\MediaCtrl\ImageLoader.kc
[2009.02.28 22:12:44 | 000,003,500 | ---- | M] () -- \Program Files\CyberLink\PowerDVD9\PowerDVD Cinema\widget\langloader.kc
[2009.02.28 22:12:44 | 000,012,803 | ---- | M] () -- \Program Files\CyberLink\PowerDVD9\PowerDVD Cinema\widget\layoutloader.kc
[2011.06.29 22:05:30 | 000,017,976 | ---- | M] () -- \Program Files\Nokia\Nokia Ovi Suite\OviSuiteDownloader.dll
[2009.05.31 04:21:00 | 000,071,008 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2012.12.07 08:55:04 | 000,006,820 | ---- | M] () -- \Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\ajax-loader.gif
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2009.09.25 15:00:00 | 000,001,849 | ---- | M] () -- \Program Files\TuneUp Utilities 2011\data\Integrator\images\panel6\loader.gif
[2009.09.25 15:00:00 | 000,001,849 | ---- | M] () -- \Program Files\TuneUp Utilities 2011\data\TuneUpUtilities.gadget\images\loader.gif
[2009.09.25 15:00:00 | 000,001,849 | ---- | M] () -- \Program Files\Windows Sidebar\Shared Gadgets\TuneUpUtilities.gadget\images\loader.gif
[2010.02.10 19:10:14 | 000,045,056 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2010.04.29 14:12:38 | 000,673,160 | ---- | M] () -- \Program Files\Zoner\Photo Studio 12\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 14:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 12\Plugins\Facebook\ZPSPluginLoader.exe
[2010.04.29 14:12:42 | 000,686,984 | ---- | M] () -- \Program Files\Zoner\Photo Studio 12\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 14:12:42 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 12\Plugins\Flickr\ZPSPluginLoader.exe
[2012.12.07 08:55:04 | 000,006,820 | ---- | M] () -- \Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\extensions\{377e5d4d-77e5-476a-8716-7e70a9272da0}\chrome\skin\lib\panels\images\ajax-loader.gif
[2009.07.14 14:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.12.22 16:14:02 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.07.14 10:43:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 10:43:57 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.07.14 10:43:57 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2011.01.03 21:21:20 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2011.01.03 21:21:20 | 000,507,568 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed_winload.exe_75835076
[2011.01.03 21:21:20 | 000,442,920 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed_winresume.exe_85cd1215
[2009.07.14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.14 10:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 03:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 09:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 09:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 05:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >
[2010.04.02 01:08:00 | 000,097,792 | ---- | M] () -- \Program Files\TNod User & Password Finder\tnodicons.icl
[2010.04.02 00:44:58 | 001,811,968 | ---- | M] () -- \Program Files\TNod User & Password Finder\TNODUP.exe
[2013.04.12 08:33:38 | 000,063,797 | ---- | M] () -- \Program Files\TNod User & Password Finder\uninst-tnod.exe
[2013.04.12 08:33:26 | 000,039,194 | ---- | M] () -- \Windows\Prefetch\TNODUP SETUP.EXE-6FD4FD9C.pf
[2013.04.07 12:47:57 | 000,032,426 | ---- | M] () -- \Windows\Prefetch\TNODUP SETUP.EXE-DE1F43EE.pf
[2013.04.12 08:36:47 | 000,031,408 | ---- | M] () -- \Windows\Prefetch\TNODUP.EXE-89F2F377.pf
[2013.04.12 09:04:39 | 000,140,526 | ---- | M] () -- \Windows\Prefetch\TNODUP.EXE-AF7B35EC.pf

< *AutoKMS* /s >

< *activator* /s >
[2010.12.14 15:44:40 | 000,325,952 | ---- | M] () -- \Program Files\TuneUp Utilities 2011\ProgramDeactivator.exe
[2010.12.14 15:42:44 | 000,103,232 | ---- | M] () -- \Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe
[2009.09.25 15:00:00 | 000,003,006 | ---- | M] () -- \Program Files\TuneUp Utilities 2011\data\deinstallation_programDeactivator_40x40.png
[2009.09.25 15:00:00 | 000,001,534 | ---- | M] () -- \Program Files\TuneUp Utilities 2011\data\icon_ProgramDeactivator_16.png
[2009.09.25 15:00:00 | 000,003,100 | ---- | M] () -- \Program Files\TuneUp Utilities 2011\data\icon_ProgramDeactivator_32.png
[2009.09.25 15:00:00 | 000,004,597 | ---- | M] () -- \Program Files\TuneUp Utilities 2011\data\icon_ProgramDeactivator_48.png
[2009.09.25 15:00:00 | 000,006,373 | ---- | M] () -- \Program Files\TuneUp Utilities 2011\data\icon_ProgramDeactivator_64.png
[2009.09.25 15:00:00 | 000,001,534 | ---- | M] () -- \Program Files\TuneUp Utilities 2011\data\Integrator\images\panel6\ProgramDeactivator_16x16.png
[2009.09.25 15:00:00 | 000,006,368 | ---- | M] () -- \Program Files\TuneUp Utilities 2011\data\Integrator\images\tab2\ProgramDeactivator_64x64-hover.png
[2009.09.25 15:00:00 | 000,006,373 | ---- | M] () -- \Program Files\TuneUp Utilities 2011\data\Integrator\images\tab2\ProgramDeactivator_64x64.png
[2009.09.25 15:00:00 | 000,003,100 | ---- | M] () -- \Program Files\TuneUp Utilities 2011\data\ProgramDeactivator\icon_ProgramDeactivator_32.png
[2011.01.02 18:46:26 | 000,002,407 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011\All functions\TuneUp Program Deactivator.lnk
[2011.01.02 18:46:26 | 000,002,407 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011\All functions\TuneUp Program Deactivator.lnk
[2013.04.12 09:40:21 | 000,006,373 | ---- | M] () -- \Users\ivo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MAO74UFT\ProgramDeactivator_64x64[1].png
[2013.04.12 09:18:14 | 000,017,640 | ---- | M] () -- \Windows\Prefetch\TUAUTOREACTIVATOR32.EXE-B0F28695.pf

< *serial* /s >
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009.07.14 10:43:37 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2009.07.14 10:43:23 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 10:43:37 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.09.13 09:42:42 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\35fcbda2532ece23d09a044aa2ef62a4\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.09.14 21:52:34 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\3848d7865bda88a9e94e03480b5ada2f\System.Runtime.Serialization.ni.dll
[2012.07.14 16:54:52 | 000,310,272 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\7de8fccb064fff0d219e8594a014b600\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.07.14 16:54:08 | 002,625,024 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\c46375bba06671d2a9369e630752987a\System.Runtime.Serialization.ni.dll
[2012.07.14 03:01:50 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.07.14 03:01:47 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 10:43:15 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:14:06 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.14 10:43:17 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2009.07.14 10:43:30 | 000,009,728 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2009.07.14 00:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009.07.14 00:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2009.07.14 04:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 04:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2009.07.14 10:43:55 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 03:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2012.10.06 20:07:20 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.17136_none_a6a4fe887487d009.manifest
[2012.10.06 20:58:54 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.21337_none_8fd740dc8e2f4a01.manifest
[2010.11.20 05:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2009.07.14 10:42:43 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.06 21:19:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_cs-cz_3450454183d3f023.manifest
[2012.10.06 21:26:57 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_cs-cz_1d8287959d7b6a1b.manifest
[2009.07.14 03:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2012.10.06 20:11:48 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.17136_none_d6e834229c2ed13c.manifest
[2012.10.06 21:03:01 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.21337_none_c01a7676b5d64b34.manifest
[2010.11.20 05:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2009.07.14 03:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 03:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2009.07.14 03:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2012.10.06 20:09:38 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_dbc2dfefdd056b7e.manifest
[2012.10.06 21:00:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_c4f52243f6ace576.manifest
[2010.11.20 05:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 10:43:23 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2009.07.14 10:43:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2009.07.14 10:43:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_cs-cz_3450454183d3f023\System.RunTime.Serialization.Resources.dll
[2009.07.14 10:43:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_cs-cz_1d8287959d7b6a1b\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2009.07.14 00:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2009.07.14 10:43:15 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c002c1170ca9a88f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.14 10:43:17 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.07.14 10:43:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2009.07.14 10:43:30 | 000,009,728 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c48c78a9ad8ff996\serial.sys.mui
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009.07.14 00:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

[Márty84]

No, podivejte, asi takto. Kdyz pominu ten nelegalni antivir, s kterym tu nejste poprve, tak mate i nelegalni windows. Cili myslim, ze neni co dodat.


Pravidla fora totiz hovori jasne http://forum.viry.cz/viewtopic.php?f=12&t=115512

Pomáhat NELZE:
2) Pokud stroj uživatele prokazatelně obsahuje nelegální hostitelský čí ochranný software
(operační systém, antivir, firewall, atd.), je nutné navést uživatele k nápravě, např. skrze neplacený software,
a začít řešit, až v době kdy je PC "v pořádku". V případě že uživatel nechce na pravidla přistoupit,
je nutné jej vyzvat ať fórum opustí, a vrátí se až je splní.

[kengura.ivo]

Díky za Váš čas...Ten antivir jsem nainstaloval asi před 14 dny a není nic moc...Příjemný den přeji .

[Márty84]

Ten antivir jsem nainstaloval asi před 14 dny

A proc jste ho hned cracknul? Vzdyt jste mohl pouzit zkusebni verzi, ta je na mesic zdarma
No to uz je fuk.

Neni samozrejme zac

Mejte se