Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu:Qvo6,delta-search

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
monty1
Návštěvník
Návštěvník
Příspěvky: 116
Registrován: 03 kvě 2007 16:59

Prosím o kontrolu logu:Qvo6,delta-search

#1 Příspěvek od monty1 »

LOG JE DLOUHÝ TAK HO DÁVÁM NA DVĚ ČÁSTI


Logfile of random's system information tool 1.09 (written by random/random)
Run by Monty at 2013-07-06 09:19:03
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 352 GB (77%) free of 455 GB
Total RAM: 4044 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:19:11, on 6.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16483)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Seznam.cz\bin\postak.exe
C:\Program Files (x86)\Codyssey(FREERASER)\Freeraser\Freeraser.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Monty.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1372929995
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1372929995
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_m ... 1372929995
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7076] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365\Desk 365.lnk"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9541] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365\Desk 365.lnk"
O4 - HKLM\..\RunOnce: [SpybotDeletingA1014] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365\eUninstall.lnk"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2103] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365\eUninstall.lnk"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4036] command.com /c del "C:\Users\Monty\AppData\Roaming\Desk 365\accelerate"
O4 - HKLM\..\RunOnce: [SpybotDeletingC139] cmd.exe /c del "C:\Users\Monty\AppData\Roaming\Desk 365\accelerate"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5578] command.com /c del "C:\Users\Monty\AppData\Roaming\Desk 365\desk_bkg_list.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingC825] cmd.exe /c del "C:\Users\Monty\AppData\Roaming\Desk 365\desk_bkg_list.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3207] command.com /c del "C:\Users\Monty\AppData\Roaming\Desk 365\desk_list.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingC6306] cmd.exe /c del "C:\Users\Monty\AppData\Roaming\Desk 365\desk_list.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8264] command.com /c del "C:\Users\Monty\AppData\Roaming\Desk 365\desk_settings.ini"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8404] cmd.exe /c del "C:\Users\Monty\AppData\Roaming\Desk 365\desk_settings.ini"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7513] command.com /c del "C:\Users\Monty\AppData\Roaming\Desk 365\process_mgr.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7712] cmd.exe /c del "C:\Users\Monty\AppData\Roaming\Desk 365\process_mgr.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5531] command.com /c del "C:\Users\Monty\AppData\Roaming\Desk 365\promote.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9526] cmd.exe /c del "C:\Users\Monty\AppData\Roaming\Desk 365\promote.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5779] command.com /c del "C:\Program Files (x86)\Desk 365\desk_bkg_list.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7208] cmd.exe /c del "C:\Program Files (x86)\Desk 365\desk_bkg_list.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingA2012] command.com /c del "C:\Program Files (x86)\Desk 365\desk_list.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8326] cmd.exe /c del "C:\Program Files (x86)\Desk 365\desk_list.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6865] command.com /c del "C:\Program Files (x86)\Desk 365\desk_settings.ini"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9831] cmd.exe /c del "C:\Program Files (x86)\Desk 365\desk_settings.ini"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7395] command.com /c del "C:\Program Files (x86)\Desk 365\desk365.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9261] cmd.exe /c del "C:\Program Files (x86)\Desk 365\desk365.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5219] command.com /c del "C:\Program Files (x86)\Desk 365\deskSvc.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8056] cmd.exe /c del "C:\Program Files (x86)\Desk 365\deskSvc.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9342] command.com /c del "C:\Program Files (x86)\Desk 365\ebase.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5756] cmd.exe /c del "C:\Program Files (x86)\Desk 365\ebase.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3927] command.com /c del "C:\Program Files (x86)\Desk 365\edeskcmn.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC6475] cmd.exe /c del "C:\Program Files (x86)\Desk 365\edeskcmn.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA71] command.com /c del "C:\Program Files (x86)\Desk 365\eDhelper.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5677] cmd.exe /c del "C:\Program Files (x86)\Desk 365\eDhelper.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7070] command.com /c del "C:\Program Files (x86)\Desk 365\eDhelper64.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2000] cmd.exe /c del "C:\Program Files (x86)\Desk 365\eDhelper64.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA559] command.com /c del "C:\Program Files (x86)\Desk 365\edis.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5100] cmd.exe /c del "C:\Program Files (x86)\Desk 365\edis.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6093] command.com /c del "C:\Program Files (x86)\Desk 365\edis64.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4130] cmd.exe /c del "C:\Program Files (x86)\Desk 365\edis64.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA2963] command.com /c del "C:\Program Files (x86)\Desk 365\ElexDbg.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8641] cmd.exe /c del "C:\Program Files (x86)\Desk 365\ElexDbg.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7986] command.com /c del "C:\Program Files (x86)\Desk 365\eUninstall.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2864] cmd.exe /c del "C:\Program Files (x86)\Desk 365\eUninstall.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8085] command.com /c del "C:\Program Files (x86)\Desk 365\libpng.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3741] cmd.exe /c del "C:\Program Files (x86)\Desk 365\libpng.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8682] command.com /c del "C:\Program Files (x86)\Desk 365\main"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4490] cmd.exe /c del "C:\Program Files (x86)\Desk 365\main"
O4 - HKLM\..\RunOnce: [SpybotDeletingA1511] command.com /c del "C:\Program Files (x86)\Desk 365\ouilibnl.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1565] cmd.exe /c del "C:\Program Files (x86)\Desk 365\ouilibnl.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9767] command.com /c del "C:\Program Files (x86)\Desk 365\process_mgr.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1845] cmd.exe /c del "C:\Program Files (x86)\Desk 365\process_mgr.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9474] command.com /c del "C:\Program Files (x86)\Desk 365\promote.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingC232] cmd.exe /c del "C:\Program Files (x86)\Desk 365\promote.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4348] command.com /c del "C:\Program Files (x86)\Desk 365\recent.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7487] cmd.exe /c del "C:\Program Files (x86)\Desk 365\recent.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3019] command.com /c del "C:\Program Files (x86)\Desk 365\sqlite3.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5942] cmd.exe /c del "C:\Program Files (x86)\Desk 365\sqlite3.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8532] command.com /c del "C:\Program Files (x86)\Desk 365\svc.conf"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5985] cmd.exe /c del "C:\Program Files (x86)\Desk 365\svc.conf"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9443] command.com /c del "C:\Program Files (x86)\Desk 365\TrayDownloader.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7514] cmd.exe /c del "C:\Program Files (x86)\Desk 365\TrayDownloader.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9528] command.com /c del "C:\Program Files (x86)\Desk 365\zlib1.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC105] cmd.exe /c del "C:\Program Files (x86)\Desk 365\zlib1.dll"
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files (x86)\Seznam.cz\bin\postak.exe" -s
O4 - HKCU\..\Run: [Freeraser] C:\Program Files (x86)\Codyssey(FREERASER)\Freeraser\Freeraser.exe
O4 - HKCU\..\Run: [DS Clock] "C:\Program Files\DS Clock\DSClock.exe"
O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\RunOnce: [SpybotDeletingB8545] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365\Desk 365.lnk"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5583] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365\Desk 365.lnk"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9736] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365\eUninstall.lnk"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7101] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365\eUninstall.lnk"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4803] command.com /c del "C:\Users\Monty\AppData\Roaming\Desk 365\accelerate"
O4 - HKCU\..\RunOnce: [SpybotDeletingD294] cmd.exe /c del "C:\Users\Monty\AppData\Roaming\Desk 365\accelerate"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3548] command.com /c del "C:\Users\Monty\AppData\Roaming\Desk 365\desk_bkg_list.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2391] cmd.exe /c del "C:\Users\Monty\AppData\Roaming\Desk 365\desk_bkg_list.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7055] command.com /c del "C:\Users\Monty\AppData\Roaming\Desk 365\desk_list.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingD318] cmd.exe /c del "C:\Users\Monty\AppData\Roaming\Desk 365\desk_list.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1970] command.com /c del "C:\Users\Monty\AppData\Roaming\Desk 365\desk_settings.ini"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2744] cmd.exe /c del "C:\Users\Monty\AppData\Roaming\Desk 365\desk_settings.ini"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3829] command.com /c del "C:\Users\Monty\AppData\Roaming\Desk 365\process_mgr.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4081] cmd.exe /c del "C:\Users\Monty\AppData\Roaming\Desk 365\process_mgr.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5029] command.com /c del "C:\Users\Monty\AppData\Roaming\Desk 365\promote.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8464] cmd.exe /c del "C:\Users\Monty\AppData\Roaming\Desk 365\promote.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4922] command.com /c del "C:\Program Files (x86)\Desk 365\desk_bkg_list.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7805] cmd.exe /c del "C:\Program Files (x86)\Desk 365\desk_bkg_list.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1487] command.com /c del "C:\Program Files (x86)\Desk 365\desk_list.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1300] cmd.exe /c del "C:\Program Files (x86)\Desk 365\desk_list.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7840] command.com /c del "C:\Program Files (x86)\Desk 365\desk_settings.ini"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4048] cmd.exe /c del "C:\Program Files (x86)\Desk 365\deskSvc.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1108] command.com /c del "C:\Program Files (x86)\Desk 365\desk365.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6615] cmd.exe /c del "C:\Program Files (x86)\Desk 365\desk365.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6308] command.com /c del "C:\Program Files (x86)\Desk 365\deskSvc.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4594] command.com /c del "C:\Program Files (x86)\Desk 365\ebase.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5971] cmd.exe /c del "C:\Program Files (x86)\Desk 365\ebase.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5560] command.com /c del "C:\Program Files (x86)\Desk 365\edeskcmn.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7424] cmd.exe /c del "C:\Program Files (x86)\Desk 365\edeskcmn.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5884] command.com /c del "C:\Program Files (x86)\Desk 365\eDhelper.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4132] cmd.exe /c del "C:\Program Files (x86)\Desk 365\eDhelper.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6460] command.com /c del "C:\Program Files (x86)\Desk 365\eDhelper64.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3157] cmd.exe /c del "C:\Program Files (x86)\Desk 365\eDhelper64.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8273] command.com /c del "C:\Program Files (x86)\Desk 365\edis.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7343] cmd.exe /c del "C:\Program Files (x86)\Desk 365\edis.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9703] command.com /c del "C:\Program Files (x86)\Desk 365\edis64.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9793] cmd.exe /c del "C:\Program Files (x86)\Desk 365\edis64.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4345] command.com /c del "C:\Program Files (x86)\Desk 365\ElexDbg.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8018] cmd.exe /c del "C:\Program Files (x86)\Desk 365\ElexDbg.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7402] command.com /c del "C:\Program Files (x86)\Desk 365\eUninstall.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4982] cmd.exe /c del "C:\Program Files (x86)\Desk 365\eUninstall.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6948] command.com /c del "C:\Program Files (x86)\Desk 365\libpng.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9585] cmd.exe /c del "C:\Program Files (x86)\Desk 365\libpng.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9307] command.com /c del "C:\Program Files (x86)\Desk 365\main"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8518] cmd.exe /c del "C:\Program Files (x86)\Desk 365\main"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5249] command.com /c del "C:\Program Files (x86)\Desk 365\ouilibnl.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2613] cmd.exe /c del "C:\Program Files (x86)\Desk 365\ouilibnl.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4706] command.com /c del "C:\Program Files (x86)\Desk 365\process_mgr.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7008] cmd.exe /c del "C:\Program Files (x86)\Desk 365\process_mgr.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9794] command.com /c del "C:\Program Files (x86)\Desk 365\promote.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4602] cmd.exe /c del "C:\Program Files (x86)\Desk 365\promote.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3308] command.com /c del "C:\Program Files (x86)\Desk 365\recent.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9180] cmd.exe /c del "C:\Program Files (x86)\Desk 365\recent.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7386] command.com /c del "C:\Program Files (x86)\Desk 365\sqlite3.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1547] cmd.exe /c del "C:\Program Files (x86)\Desk 365\sqlite3.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4778] command.com /c del "C:\Program Files (x86)\Desk 365\svc.conf"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9353] cmd.exe /c del "C:\Program Files (x86)\Desk 365\svc.conf"
O4 - HKCU\..\RunOnce: [SpybotDeletingB593] command.com /c del "C:\Program Files (x86)\Desk 365\TrayDownloader.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2548] cmd.exe /c del "C:\Program Files (x86)\Desk 365\TrayDownloader.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6516] command.com /c del "C:\Program Files (x86)\Desk 365\zlib1.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7835] cmd.exe /c del "C:\Program Files (x86)\Desk 365\zlib1.dll"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: DS Clock Synchronization Service www.dualitysoft.com (DSClockSyncTime) - Duality Software - C:\Program Files\DS Clock\dsetime.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung AllShare PC Service (SamsungAllShare) - Unknown owner - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\WiselinkPro.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SimpleSlideShowServer - Samsung Electronics - C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wsys Service (WsysSvc) - Wsys Co., Ltd. - C:\ProgramData\eSafe\eGdpSvc.exe

--
End of file - 29836 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\AUDIODG.EXE 0x328
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\DS Clock\dsetime.exe"
C:\Windows\SysWOW64\ezSharedSvcHost.exe
"C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe"
"C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe" /s "NCO" /m "C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\diMaster.dll" /prefetch:1
"C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe"
"C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\diMaster.dll" /prefetch:1
C:\Windows\SysWOW64\IoctlSvc.exe
"C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\WiselinkPro.exe"
"taskhost.exe"
"C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\http_ss_win_pro.exe"
\??\C:\Windows\system32\conhost.exe "-777284502422592462-8974451883969022401533281735192444471492993708395472631
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe" /c /a /s UserSession
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe" /c /a /s UserSession2
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 3504
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
taskeng.exe {C1F03041-C321-4F50-A357-5DEF127EE327}
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Seznam.cz\bin\postak.exe" -s
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Codyssey(FREERASER)\Freeraser\Freeraser.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\DS Clock\dsclock.exe"
"C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\ProgramData\eSafe\eGdpSvc.exe
taskeng.exe {EEE4F6F5-FDAD-48F1-9EF6-7DC10408A33B}
"C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe"
"C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe" -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.google.cz
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2600.0.1212525722\1365100454" --supports-dual-gpus=false --reduce-gpu-sandbox --disable-image-transport-surface --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.830.6.3000 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyPadding channel:stable/InstantExtended/Padding2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/1/OneClickSignIn/Standard/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_45/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --instant-process --enable-threaded-compositing --channel="2600.2.586601609\826672196" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyPadding channel:stable/InstantExtended/Padding2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/1/OneClickSignIn/Standard/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_45/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --channel="2600.3.1924136161\791710019" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyPadding channel:stable/InstantExtended/Padding2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/1/OneClickSignIn/Standard/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_45/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --channel="2600.4.1483320234\1949748772" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Monty\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.0.10_0\npcoplgn.dll" --lang=cs --channel="2600.5.2074200027\1709068162" /prefetch:-390060480
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyPadding channel:stable/InstantExtended/Padding2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/1/OneClickSignIn/Standard/Prerender/PrerenderEnabled/SpdyCwnd/cwndMin16/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_45/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --channel="2600.6.839990896\1150848296" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="2600.7.1687581482\2081448666" --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyPadding channel:stable/InstantExtended/Padding2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/1/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SpdyCwnd/cwndMin16/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_45/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --channel="2600.22.502122821\1647762344" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyPadding channel:stable/InstantExtended/Padding2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/1/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SpdyCwnd/cwndMin16/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_45/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --channel="2600.25.1155151916\1381937731" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe56_ Global\UsGthrCtrlFltPipeMssGthrPipe56 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Monty\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\HPCeeScheduleForMonty.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-05-06 1746760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll [2013-05-30 509776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL [2013-04-08 387040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-04-04 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-05-06 1598280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-06-14 51872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-04-04 171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09 351136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll [2013-05-30 509776]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-06-10 2799912]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-06-08 1128448]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-06-14 932000]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-06-14 795808]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-04-15 168216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-04-15 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-04-15 416024]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"Seznam Postak"=C:\Program Files (x86)\Seznam.cz\bin\postak.exe [2012-01-10 491040]
"Freeraser"=C:\Program Files (x86)\Codyssey(FREERASER)\Freeraser\Freeraser.exe [2009-04-15 1903104]
"DS Clock"=C:\Program Files\DS Clock\DSClock.exe [2012-12-17 1350608]
""=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-05-23 1106288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SpybotDeletingB8545"=command.com /c del C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365\Desk 365.lnk []
"SpybotDeletingD5583"=cmd.exe /c del C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365\Desk 365.lnk []
"SpybotDeletingB9736"=command.com /c del C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365\eUninstall.lnk []
"SpybotDeletingD7101"=cmd.exe /c del C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365\eUninstall.lnk []
"SpybotDeletingB4803"=command.com /c del C:\Users\Monty\AppData\Roaming\Desk 365\accelerate []
"SpybotDeletingD294"=cmd.exe /c del C:\Users\Monty\AppData\Roaming\Desk 365\accelerate []
"SpybotDeletingB3548"=command.com /c del C:\Users\Monty\AppData\Roaming\Desk 365\desk_bkg_list.xml []
"SpybotDeletingD2391"=cmd.exe /c del C:\Users\Monty\AppData\Roaming\Desk 365\desk_bkg_list.xml []
"SpybotDeletingB7055"=command.com /c del C:\Users\Monty\AppData\Roaming\Desk 365\desk_list.xml []
"SpybotDeletingD318"=cmd.exe /c del C:\Users\Monty\AppData\Roaming\Desk 365\desk_list.xml []
"SpybotDeletingB1970"=command.com /c del C:\Users\Monty\AppData\Roaming\Desk 365\desk_settings.ini []
"SpybotDeletingD2744"=cmd.exe /c del C:\Users\Monty\AppData\Roaming\Desk 365\desk_settings.ini []
"SpybotDeletingB3829"=command.com /c del C:\Users\Monty\AppData\Roaming\Desk 365\process_mgr.xml []
"SpybotDeletingD4081"=cmd.exe /c del C:\Users\Monty\AppData\Roaming\Desk 365\process_mgr.xml []
"SpybotDeletingB5029"=command.com /c del C:\Users\Monty\AppData\Roaming\Desk 365\promote.xml []
"SpybotDeletingD8464"=cmd.exe /c del C:\Users\Monty\AppData\Roaming\Desk 365\promote.xml []
"SpybotDeletingB4922"=command.com /c del C:\Program Files (x86)\Desk 365\desk_bkg_list.xml []
"SpybotDeletingD7805"=cmd.exe /c del C:\Program Files (x86)\Desk 365\desk_bkg_list.xml []
"SpybotDeletingB1487"=command.com /c del C:\Program Files (x86)\Desk 365\desk_list.xml []
"SpybotDeletingD1300"=cmd.exe /c del C:\Program Files (x86)\Desk 365\desk_list.xml []
"SpybotDeletingB7840"=command.com /c del C:\Program Files (x86)\Desk 365\desk_settings.ini []
"SpybotDeletingD4048"=cmd.exe /c del C:\Program Files (x86)\Desk 365\deskSvc.exe []
"SpybotDeletingB1108"=command.com /c del C:\Program Files (x86)\Desk 365\desk365.exe []
"SpybotDeletingD6615"=cmd.exe /c del C:\Program Files (x86)\Desk 365\desk365.exe []
"SpybotDeletingB6308"=command.com /c del C:\Program Files (x86)\Desk 365\deskSvc.exe []
"SpybotDeletingB4594"=command.com /c del C:\Program Files (x86)\Desk 365\ebase.dll []
"SpybotDeletingD5971"=cmd.exe /c del C:\Program Files (x86)\Desk 365\ebase.dll []
"SpybotDeletingB5560"=command.com /c del C:\Program Files (x86)\Desk 365\edeskcmn.dll []
"SpybotDeletingD7424"=cmd.exe /c del C:\Program Files (x86)\Desk 365\edeskcmn.dll []
"SpybotDeletingB5884"=command.com /c del C:\Program Files (x86)\Desk 365\eDhelper.exe []
"SpybotDeletingD4132"=cmd.exe /c del C:\Program Files (x86)\Desk 365\eDhelper.exe []
"SpybotDeletingB6460"=command.com /c del C:\Program Files (x86)\Desk 365\eDhelper64.exe []
"SpybotDeletingD3157"=cmd.exe /c del C:\Program Files (x86)\Desk 365\eDhelper64.exe []
"SpybotDeletingB8273"=command.com /c del C:\Program Files (x86)\Desk 365\edis.dll []
"SpybotDeletingD7343"=cmd.exe /c del C:\Program Files (x86)\Desk 365\edis.dll []
"SpybotDeletingB9703"=command.com /c del C:\Program Files (x86)\Desk 365\edis64.dll []
"SpybotDeletingD9793"=cmd.exe /c del C:\Program Files (x86)\Desk 365\edis64.dll []
"SpybotDeletingB4345"=command.com /c del C:\Program Files (x86)\Desk 365\ElexDbg.dll []
"SpybotDeletingD8018"=cmd.exe /c del C:\Program Files (x86)\Desk 365\ElexDbg.dll []
"SpybotDeletingB7402"=command.com /c del C:\Program Files (x86)\Desk 365\eUninstall.exe []
"SpybotDeletingD4982"=cmd.exe /c del C:\Program Files (x86)\Desk 365\eUninstall.exe []
"SpybotDeletingB6948"=command.com /c del C:\Program Files (x86)\Desk 365\libpng.dll []
"SpybotDeletingD9585"=cmd.exe /c del C:\Program Files (x86)\Desk 365\libpng.dll []
"SpybotDeletingB9307"=command.com /c del C:\Program Files (x86)\Desk 365\main []
"SpybotDeletingD8518"=cmd.exe /c del C:\Program Files (x86)\Desk 365\main []
"SpybotDeletingB5249"=command.com /c del C:\Program Files (x86)\Desk 365\ouilibnl.dll []
"SpybotDeletingD2613"=cmd.exe /c del C:\Program Files (x86)\Desk 365\ouilibnl.dll []
"SpybotDeletingB4706"=command.com /c del C:\Program Files (x86)\Desk 365\process_mgr.xml []
"SpybotDeletingD7008"=cmd.exe /c del C:\Program Files (x86)\Desk 365\process_mgr.xml []
"SpybotDeletingB9794"=command.com /c del C:\Program Files (x86)\Desk 365\promote.xml []
"SpybotDeletingD4602"=cmd.exe /c del C:\Program Files (x86)\Desk 365\promote.xml []
"SpybotDeletingB3308"=command.com /c del C:\Program Files (x86)\Desk 365\recent.xml []
"SpybotDeletingD9180"=cmd.exe /c del C:\Program Files (x86)\Desk 365\recent.xml []
"SpybotDeletingB7386"=command.com /c del C:\Program Files (x86)\Desk 365\sqlite3.dll []
"SpybotDeletingD1547"=cmd.exe /c del C:\Program Files (x86)\Desk 365\sqlite3.dll []
"SpybotDeletingB4778"=command.com /c del C:\Program Files (x86)\Desk 365\svc.conf []
"SpybotDeletingD9353"=cmd.exe /c del C:\Program Files (x86)\Desk 365\svc.conf []
"SpybotDeletingB593"=command.com /c del C:\Program Files (x86)\Desk 365\TrayDownloader.exe []
"SpybotDeletingD2548"=cmd.exe /c del C:\Program Files (x86)\Desk 365\TrayDownloader.exe []
"SpybotDeletingB6516"=command.com /c del C:\Program Files (x86)\Desk 365\zlib1.dll []
"SpybotDeletingD7835"=cmd.exe /c del C:\Program Files (x86)\Desk 365\zlib1.dll []
Nahoru
monty1
Návštěvník
Návštěvník
Příspěvky: 116
Registrován: 03 kvě 2007 16:59

Re: Prosím o kontrolu logu:Qvo6,delta-search

#2 Příspěvek od monty1 »

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AllShareAgent]
C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [2011-02-18 250768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2011-03-14 2779024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx]
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2011-03-28 1611160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desk 365]
C:\Program Files (x86)\Desk 365\desk365.exe /autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easybits Recovery]
C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2011-05-17 61112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Quick Launch]
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2011-04-08 586808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPQuickWebProxy]
C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [2011-06-28 168504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Iconoid]
C:\Program Files\Iconoid\iconoid64.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
C:\Program Files (x86)\Samsung\Kies\Kies.exe [2013-05-23 1561968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2013-05-23 311152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefault]
C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [2011-06-27 42808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [2012-10-18 752736]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-04-30 284440]
""= []
"HPOSD"=C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2011-01-27 318520]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"SpybotDeletingA7076"=command.com /c del C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365\Desk 365.lnk []
"SpybotDeletingC9541"=cmd.exe /c del C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365\Desk 365.lnk []
"SpybotDeletingA1014"=command.com /c del C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365\eUninstall.lnk []
"SpybotDeletingC2103"=cmd.exe /c del C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365\eUninstall.lnk []
"SpybotDeletingA4036"=command.com /c del C:\Users\Monty\AppData\Roaming\Desk 365\accelerate []
"SpybotDeletingC139"=cmd.exe /c del C:\Users\Monty\AppData\Roaming\Desk 365\accelerate []
"SpybotDeletingA5578"=command.com /c del C:\Users\Monty\AppData\Roaming\Desk 365\desk_bkg_list.xml []
"SpybotDeletingC825"=cmd.exe /c del C:\Users\Monty\AppData\Roaming\Desk 365\desk_bkg_list.xml []
"SpybotDeletingA3207"=command.com /c del C:\Users\Monty\AppData\Roaming\Desk 365\desk_list.xml []
"SpybotDeletingC6306"=cmd.exe /c del C:\Users\Monty\AppData\Roaming\Desk 365\desk_list.xml []
"SpybotDeletingA8264"=command.com /c del C:\Users\Monty\AppData\Roaming\Desk 365\desk_settings.ini []
"SpybotDeletingC8404"=cmd.exe /c del C:\Users\Monty\AppData\Roaming\Desk 365\desk_settings.ini []
"SpybotDeletingA7513"=command.com /c del C:\Users\Monty\AppData\Roaming\Desk 365\process_mgr.xml []
"SpybotDeletingC7712"=cmd.exe /c del C:\Users\Monty\AppData\Roaming\Desk 365\process_mgr.xml []
"SpybotDeletingA5531"=command.com /c del C:\Users\Monty\AppData\Roaming\Desk 365\promote.xml []
"SpybotDeletingC9526"=cmd.exe /c del C:\Users\Monty\AppData\Roaming\Desk 365\promote.xml []
"SpybotDeletingA5779"=command.com /c del C:\Program Files (x86)\Desk 365\desk_bkg_list.xml []
"SpybotDeletingC7208"=cmd.exe /c del C:\Program Files (x86)\Desk 365\desk_bkg_list.xml []
"SpybotDeletingA2012"=command.com /c del C:\Program Files (x86)\Desk 365\desk_list.xml []
"SpybotDeletingC8326"=cmd.exe /c del C:\Program Files (x86)\Desk 365\desk_list.xml []
"SpybotDeletingA6865"=command.com /c del C:\Program Files (x86)\Desk 365\desk_settings.ini []
"SpybotDeletingC9831"=cmd.exe /c del C:\Program Files (x86)\Desk 365\desk_settings.ini []
"SpybotDeletingA7395"=command.com /c del C:\Program Files (x86)\Desk 365\desk365.exe []
"SpybotDeletingC9261"=cmd.exe /c del C:\Program Files (x86)\Desk 365\desk365.exe []
"SpybotDeletingA5219"=command.com /c del C:\Program Files (x86)\Desk 365\deskSvc.exe []
"SpybotDeletingC8056"=cmd.exe /c del C:\Program Files (x86)\Desk 365\deskSvc.exe []
"SpybotDeletingA9342"=command.com /c del C:\Program Files (x86)\Desk 365\ebase.dll []
"SpybotDeletingC5756"=cmd.exe /c del C:\Program Files (x86)\Desk 365\ebase.dll []
"SpybotDeletingA3927"=command.com /c del C:\Program Files (x86)\Desk 365\edeskcmn.dll []
"SpybotDeletingC6475"=cmd.exe /c del C:\Program Files (x86)\Desk 365\edeskcmn.dll []
"SpybotDeletingA71"=command.com /c del C:\Program Files (x86)\Desk 365\eDhelper.exe []
"SpybotDeletingC5677"=cmd.exe /c del C:\Program Files (x86)\Desk 365\eDhelper.exe []
"SpybotDeletingA7070"=command.com /c del C:\Program Files (x86)\Desk 365\eDhelper64.exe []
"SpybotDeletingC2000"=cmd.exe /c del C:\Program Files (x86)\Desk 365\eDhelper64.exe []
"SpybotDeletingA559"=command.com /c del C:\Program Files (x86)\Desk 365\edis.dll []
"SpybotDeletingC5100"=cmd.exe /c del C:\Program Files (x86)\Desk 365\edis.dll []
"SpybotDeletingA6093"=command.com /c del C:\Program Files (x86)\Desk 365\edis64.dll []
"SpybotDeletingC4130"=cmd.exe /c del C:\Program Files (x86)\Desk 365\edis64.dll []
"SpybotDeletingA2963"=command.com /c del C:\Program Files (x86)\Desk 365\ElexDbg.dll []
"SpybotDeletingC8641"=cmd.exe /c del C:\Program Files (x86)\Desk 365\ElexDbg.dll []
"SpybotDeletingA7986"=command.com /c del C:\Program Files (x86)\Desk 365\eUninstall.exe []
"SpybotDeletingC2864"=cmd.exe /c del C:\Program Files (x86)\Desk 365\eUninstall.exe []
"SpybotDeletingA8085"=command.com /c del C:\Program Files (x86)\Desk 365\libpng.dll []
"SpybotDeletingC3741"=cmd.exe /c del C:\Program Files (x86)\Desk 365\libpng.dll []
"SpybotDeletingA8682"=command.com /c del C:\Program Files (x86)\Desk 365\main []
"SpybotDeletingC4490"=cmd.exe /c del C:\Program Files (x86)\Desk 365\main []
"SpybotDeletingA1511"=command.com /c del C:\Program Files (x86)\Desk 365\ouilibnl.dll []
"SpybotDeletingC1565"=cmd.exe /c del C:\Program Files (x86)\Desk 365\ouilibnl.dll []
"SpybotDeletingA9767"=command.com /c del C:\Program Files (x86)\Desk 365\process_mgr.xml []
"SpybotDeletingC1845"=cmd.exe /c del C:\Program Files (x86)\Desk 365\process_mgr.xml []
"SpybotDeletingA9474"=command.com /c del C:\Program Files (x86)\Desk 365\promote.xml []
"SpybotDeletingC232"=cmd.exe /c del C:\Program Files (x86)\Desk 365\promote.xml []
"SpybotDeletingA4348"=command.com /c del C:\Program Files (x86)\Desk 365\recent.xml []
"SpybotDeletingC7487"=cmd.exe /c del C:\Program Files (x86)\Desk 365\recent.xml []
"SpybotDeletingA3019"=command.com /c del C:\Program Files (x86)\Desk 365\sqlite3.dll []
"SpybotDeletingC5942"=cmd.exe /c del C:\Program Files (x86)\Desk 365\sqlite3.dll []
"SpybotDeletingA8532"=command.com /c del C:\Program Files (x86)\Desk 365\svc.conf []
"SpybotDeletingC5985"=cmd.exe /c del C:\Program Files (x86)\Desk 365\svc.conf []
"SpybotDeletingA9443"=command.com /c del C:\Program Files (x86)\Desk 365\TrayDownloader.exe []
"SpybotDeletingC7514"=cmd.exe /c del C:\Program Files (x86)\Desk 365\TrayDownloader.exe []
"SpybotDeletingA9528"=command.com /c del C:\Program Files (x86)\Desk 365\zlib1.dll []
"SpybotDeletingC105"=cmd.exe /c del C:\Program Files (x86)\Desk 365\zlib1.dll []
"SpybotSnD"=C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe [2009-01-26 5365592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-04-15 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2011-07-29 52920]
"UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"= []
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableTaskMgr"=0
"DisableChangePassword"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"HideFastUserSwitching"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"EnableShellExecuteHooks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-07-06 09:19:03 ----D---- C:\rsit
2013-07-06 09:13:41 ----A---- C:\AdwCleaner[R13].txt
2013-07-06 09:05:20 ----A---- C:\AdwCleaner[R12].txt
2013-07-06 08:41:48 ----A---- C:\AdwCleaner[R11].txt
2013-07-04 13:57:36 ----A---- C:\AdwCleaner[R10].txt
2013-07-04 13:57:03 ----A---- C:\AdwCleaner[R9].txt
2013-07-04 13:55:49 ----A---- C:\AdwCleaner[R8].txt
2013-07-04 13:50:14 ----A---- C:\AdwCleaner[R7].txt
2013-07-04 13:45:17 ----A---- C:\AdwCleaner[R6].txt
2013-07-04 13:44:31 ----A---- C:\AdwCleaner[R5].txt
2013-07-04 13:44:17 ----A---- C:\AdwCleaner[R4].txt
2013-07-04 13:42:44 ----A---- C:\AdwCleaner[R3].txt
2013-07-04 11:57:50 ----A---- C:\AdwCleaner[R2].txt
2013-07-04 11:57:25 ----A---- C:\AdwCleaner[R1].txt
2013-07-04 11:28:29 ----D---- C:\ProgramData\eSafe
2013-07-04 11:26:15 ----D---- C:\Users\Monty\AppData\Roaming\eIntaller
2013-07-04 11:01:05 ----D---- C:\PCShareManagerUpload
2013-07-04 07:12:59 ----D---- C:\Program Files\Common Files\Symantec Shared
2013-07-04 07:12:59 ----A---- C:\Windows\system32\drivers\SYMEVENT64x86.SYS
2013-07-04 07:12:14 ----D---- C:\Windows\system32\drivers\NISx64
2013-07-04 07:12:12 ----D---- C:\Program Files (x86)\Norton Internet Security
2013-07-03 21:56:50 ----D---- C:\ProgramData\OviInstallerCache
2013-07-02 20:50:12 ----D---- C:\Program Files (x86)\MyFree Codec
2013-07-02 20:29:32 ----D---- C:\Users\Monty\AppData\Roaming\Samsung
2013-07-02 20:23:02 ----A---- C:\Windows\SYSWOW64\Redemption.dll
2013-07-02 20:22:24 ----A---- C:\Windows\SYSWOW64\dgderapi.dll
2013-07-02 20:21:48 ----D---- C:\ProgramData\Samsung
2013-07-02 20:21:48 ----D---- C:\Program Files (x86)\Samsung

======List of files/folders modified in the last 1 month======

2013-07-06 09:19:11 ----D---- C:\Windows\Prefetch
2013-07-06 09:19:08 ----D---- C:\Program Files\trend micro
2013-07-06 09:18:57 ----D---- C:\Windows\Temp
2013-07-05 19:32:15 ----D---- C:\Users\Monty\AppData\Roaming\Skype
2013-07-04 18:40:16 ----A---- C:\Windows\wininit.ini
2013-07-04 18:40:12 ----RD---- C:\Program Files (x86)
2013-07-04 18:32:50 ----D---- C:\Windows\system32\config
2013-07-04 15:42:46 ----SHD---- C:\Windows\Installer
2013-07-04 15:37:42 ----D---- C:\Windows\Tasks
2013-07-04 14:03:11 ----D---- C:\ProgramData\Spybot - Search & Destroy
2013-07-04 13:54:47 ----D---- C:\Windows\system32\Tasks
2013-07-04 13:44:57 ----D---- C:\Windows\inf
2013-07-04 13:44:56 ----D---- C:\Windows
2013-07-04 13:38:18 ----SHD---- C:\System Volume Information
2013-07-04 13:37:28 ----A---- C:\Windows\SYSWOW64\log.txt
2013-07-04 13:21:31 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-07-04 13:21:21 ----D---- C:\Windows\system32\catroot2
2013-07-04 11:28:29 ----HD---- C:\ProgramData
2013-07-04 11:27:53 ----A---- C:\Windows\SYSWOW64\msvcp100.dll
2013-07-04 11:01:05 ----D---- C:\Windows\SysWOW64
2013-07-04 07:23:08 ----D---- C:\ProgramData\Norton
2013-07-04 07:12:59 ----D---- C:\Windows\system32\drivers
2013-07-04 07:12:59 ----D---- C:\Program Files\Common Files
2013-07-04 07:12:02 ----D---- C:\Program Files (x86)\NortonInstaller
2013-07-04 07:09:32 ----D---- C:\Windows\system32\catroot
2013-07-04 07:08:25 ----D---- C:\ProgramData\NortonInstaller
2013-07-03 23:56:25 ----D---- C:\Program Files (x86)\Nokia
2013-07-03 23:50:35 ----D---- C:\Windows\system32\wfp
2013-07-03 23:50:35 ----D---- C:\Program Files (x86)\PC Connectivity Solution
2013-07-03 23:50:32 ----D---- C:\Windows\system32\wbem
2013-07-03 23:48:57 ----D---- C:\Windows\system32\DriverStore
2013-07-03 23:48:56 ----D---- C:\Windows\System32
2013-07-03 23:48:55 ----D---- C:\Windows\system32\drivers\UMDF
2013-07-03 23:48:54 ----D---- C:\Windows\system32\drivers\etc
2013-07-03 23:48:46 ----D---- C:\ProgramData\Nokia
2013-07-03 23:48:46 ----D---- C:\ProgramData\IObit
2013-07-03 23:48:09 ----D---- C:\Windows\registration
2013-07-03 23:48:07 ----DC---- C:\Windows\system32\DRVSTORE
2013-07-03 23:46:44 ----D---- C:\Program Files (x86)\Common Files
2013-07-03 22:00:55 ----D---- C:\Users\Monty\AppData\Roaming\Nokia
2013-07-03 21:24:10 ----D---- C:\Users\Monty\AppData\Roaming\Nokia Suite
2013-07-03 18:43:23 ----D---- C:\Users\Monty\AppData\Roaming\ICQ
2013-07-02 20:24:54 ----D---- C:\Windows\Microsoft.NET
2013-07-02 15:30:50 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-07-02 12:11:27 ----D---- C:\Windows\system32\NDF
2013-07-02 09:12:43 ----D---- C:\Program Files\Symantec
2013-07-01 16:38:40 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-06-19 14:16:50 ----D---- C:\Windows\system32\drivers\NSTx64
2013-06-12 19:54:45 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-06-11 22:09:29 ----D---- C:\ProgramData\Skype
2013-06-11 22:09:23 ----RD---- C:\Program Files (x86)\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-04-26 557848]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS [2013-05-20 493656]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS [2013-05-22 1139800]
R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [2013-05-20 1393240]
R1 ccSet_NIS;Norton Internet Security Settings Manager; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [2013-04-15 169048]
R1 ccSet_NST;Norton Identity Safe Settings Manager; C:\Windows\system32\drivers\NSTx64\7DD04000.00A\ccSetx64.sys [2013-04-16 169048]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2013-07-01 484512]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20130705.001\IDSvia64.sys [2013-07-03 513184]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [2013-03-04 36952]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [2013-03-04 224416]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\system32\drivers\NISx64\1404000.028\SYMNETS.SYS [2013-04-24 433752]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-05-08 9259520]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-05-08 301568]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-06-14 36000]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-04-21 2727424]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-06-14 330400]
R3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2011-06-14 110240]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-06-14 30368]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-06-14 167072]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-06-14 68256]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-06-14 280992]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-06-14 496800]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2012-08-03 40432]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-07-01 138912]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2011-04-15 12228128]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130705.017\ENG64.SYS [2013-07-01 126040]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130705.017\EX64.SYS [2013-07-01 2098776]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-01-27 425064]
R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSP64.SYS [2013-05-15 796760]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2011-06-08 528384]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2013-07-04 177312]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-06-10 1451056]
S2 thdudf;TOSHIBA UDF2.5 Reader File System Driver; C:\Windows\system32\DRIVERS\thdudf.sys []
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-06-04 103448]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-06-11 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-06-11 27136]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 PCASp60;PCASp60 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp60.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-27 26112]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-02-15 335464]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-06-04 203672]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-06-11 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-21 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-06-11 9216]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S4 IObitUnlocker;IObitUnlocker; \??\C:\Program Files (x86)\IObit(UNLOCKER)\IObit Unlocker\IObitUnlocker.sys [2011-08-26 35256]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-05-08 203776]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-06-14 138400]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-06-14 97952]
R2 DSClockSyncTime;DS Clock Synchronization Service www.dualitysoft.com; C:\Program Files\DS Clock\dsetime.exe [2009-11-19 62264]
R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232]
R2 FPLService;TrueSuiteService; C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-05-06 263496]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-08-10 197536]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-04-08 26680]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-30 13592]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-02-19 2372096]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 NCO;Norton Identity Safe; C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe [2013-05-21 144368]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
R2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [2013-05-20 144368]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [2006-12-19 81920]
R2 SamsungAllShare;Samsung AllShare PC Service; C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\WiselinkPro.exe [2011-02-18 7233952]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2011-06-08 301568]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2013-03-22 93072]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-09 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-27 116648]
S2 SimpleSlideShowServer;SimpleSlideShowServer; C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [2011-02-18 22464]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12 256904]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-27 116648]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-10-03 725400]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-01-17 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-09 51648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

-----------------EOF-----------------
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu logu:Qvo6,delta-search

#3 Příspěvek od Márty84 »

Zdravim :)

:arrow: Pokud ho tam jeste mate, odinstalujte Spybot - Search & Destroy.

:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Prohledat a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

Vidim, ze jste ho pouzil uz mockrat, ale chci videt aktualni log.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
monty1
Návštěvník
Návštěvník
Příspěvky: 116
Registrován: 03 kvě 2007 16:59

Re: Prosím o kontrolu logu:Qvo6,delta-search

#4 Příspěvek od monty1 »

Spybot uninstal
adwcleaner hází--line 3646 error:variable used without being declared
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu logu:Qvo6,delta-search

#5 Příspěvek od Márty84 »

Zkuste stahnout jiny, treba zde http://www.stahuj.centrum.cz/utility_a_ ... dwcleaner/ . Pokud to nepujde, zkuste jeste v nouzovem rezimu. Kdyby ani to neslo, napiste, pujdem na to jinak.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
monty1
Návštěvník
Návštěvník
Příspěvky: 116
Registrován: 03 kvě 2007 16:59

Re: Prosím o kontrolu logu:Qvo6,delta-search

#6 Příspěvek od monty1 »

Stáhnul jsem jiný ale ten se nespustí bez aktualizace na nej.verzi.
V nouz.režimu stejná hláška
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu logu:Qvo6,delta-search

#7 Příspěvek od Márty84 »

:arrow: Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
monty1
Návštěvník
Návštěvník
Příspěvky: 116
Registrován: 03 kvě 2007 16:59

Re: Prosím o kontrolu logu:Qvo6,delta-search

#8 Příspěvek od monty1 »

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.07.06.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Monty :: MONTY-HP [administrátor]

Ochrana: Povolena

6.7.2013 11:01:40
mbam-log-2013-07-06 (11-01-40).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 413069
Uplynulý čas: 1 hodin, 36 minut, 49 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu logu:Qvo6,delta-search

#9 Příspěvek od Márty84 »

:arrow: MBAM zase odinstalujte.


:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
monty1
Návštěvník
Návštěvník
Příspěvky: 116
Registrován: 03 kvě 2007 16:59

Re: Prosím o kontrolu logu:Qvo6,delta-search

#10 Příspěvek od monty1 »

Cannot create file C:\users\monty\desktop\cmd.bat.
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu logu:Qvo6,delta-search

#11 Příspěvek od Márty84 »

Obcas se to stane, ze OTL tuhle chybku vyhodi :roll:

Spustte ho podle stejneho navodu jeste jednou, ale s timto upravenym skriptem

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
monty1
Návštěvník
Návštěvník
Příspěvky: 116
Registrován: 03 kvě 2007 16:59

Re: Prosím o kontrolu logu:Qvo6,delta-search

#12 Příspěvek od monty1 »

OTL logfile created on: 6.7.2013 14:16:30 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Monty\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,95 Gb Total Physical Memory | 1,32 Gb Available Physical Memory | 33,42% Memory free
7,90 Gb Paging File | 5,07 Gb Available in Paging File | 64,17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 444,52 Gb Total Space | 346,51 Gb Free Space | 77,95% Space Free | Partition Type: NTFS
Drive D: | 17,07 Gb Total Space | 1,84 Gb Free Space | 10,78% Space Free | Partition Type: NTFS
Drive E: | 3,96 Gb Total Space | 1,08 Gb Free Space | 27,32% Space Free | Partition Type: FAT32
Drive G: | 931,51 Gb Total Space | 689,54 Gb Free Space | 74,02% Space Free | Partition Type: NTFS

Computer Name: MONTY-HP | User Name: Monty | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.07.06 13:44:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Monty\Desktop\OTL.exe
PRC - [2013.07.04 09:16:47 | 000,386,112 | ---- | M] (Wsys Co., Ltd.) -- C:\ProgramData\eSafe\eGdpSvc.exe
PRC - [2013.06.15 03:28:44 | 000,825,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013.05.23 15:17:00 | 001,106,288 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2013.05.21 06:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccsvchst.exe
PRC - [2013.05.20 22:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
PRC - [2013.05.10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.03.22 06:07:18 | 000,093,072 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012.10.26 10:53:00 | 000,139,792 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2012.08.10 15:48:50 | 000,197,536 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2012.01.10 16:16:10 | 000,491,040 | ---- | M] () -- C:\Program Files (x86)\Seznam.cz\bin\postak.exe
PRC - [2011.06.14 18:19:42 | 000,138,400 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011.05.06 00:06:46 | 000,263,496 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
PRC - [2011.05.06 00:06:28 | 000,653,128 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
PRC - [2011.05.06 00:06:02 | 000,142,664 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
PRC - [2011.04.30 01:32:54 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.04.30 01:32:50 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011.04.08 12:01:16 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2011.02.24 01:10:24 | 000,212,944 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
PRC - [2011.02.18 16:30:32 | 007,233,952 | ---- | M] () -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\WiselinkPro.exe
PRC - [2011.02.18 16:30:26 | 000,428,088 | ---- | M] () -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\http_ss_win_pro.exe
PRC - [2011.02.01 23:41:24 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.02.01 23:41:20 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.01.27 12:38:04 | 000,318,520 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2010.04.23 12:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010.04.23 12:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2009.11.19 23:39:16 | 000,062,264 | ---- | M] (Duality Software) -- C:\Program Files\DS Clock\dsetime.exe
PRC - [2009.04.15 12:46:26 | 001,903,104 | ---- | M] (Codyssey) -- C:\Program Files (x86)\Codyssey(FREERASER)\Freeraser\Freeraser.exe
PRC - [2006.12.19 11:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\SysWOW64\IoctlSvc.exe


========== Modules (No Company Name) ==========

MOD - [2013.06.15 03:28:42 | 000,393,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppgooglenaclpluginchrome.dll
MOD - [2013.06.15 03:28:41 | 013,140,432 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
MOD - [2013.06.15 03:28:40 | 004,051,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll
MOD - [2013.06.15 03:27:51 | 000,599,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\libglesv2.dll
MOD - [2013.06.15 03:27:50 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\libegl.dll
MOD - [2013.06.15 03:27:48 | 001,597,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ffmpegsumo.dll
MOD - [2013.05.30 08:04:04 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\e818fbdb44667fdf48e69d032ed038a9\System.Web.ni.dll
MOD - [2013.05.30 08:03:19 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\5834c2e32926bd93a32a395ca46ba54b\System.Windows.Forms.ni.dll
MOD - [2013.05.30 08:03:12 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\3f2469c7ac53b46894068958e799c173\System.Configuration.ni.dll
MOD - [2013.05.30 08:03:02 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\8a1c2834b299dfb22eb106d719f0f63c\WindowsBase.ni.dll
MOD - [2013.01.19 16:23:10 | 000,492,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\6444e15b421a8ff83f052aab3c6e6948\IAStorUtil.ni.dll
MOD - [2013.01.19 16:23:10 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\6fd278018f0cf369362fc810f8aefcb5\IAStorCommon.ni.dll
MOD - [2013.01.17 09:38:57 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e95c75bede9a6ba6654d3a5e56da7e86\System.Runtime.Remoting.ni.dll
MOD - [2013.01.17 09:38:28 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8f045547dc39be38a6c3348b524b5d96\System.Drawing.ni.dll
MOD - [2013.01.17 09:38:23 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\39cb017c2a46136cf3ca8a877d4fa741\System.Xml.ni.dll
MOD - [2013.01.17 09:37:57 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f3bcf05501f25211734e003e40c1fc4d\System.ni.dll
MOD - [2013.01.17 09:37:38 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012.05.30 16:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\wincfi39.dll
MOD - [2012.05.30 08:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\wincfi39.dll
MOD - [2012.01.10 16:16:10 | 000,491,040 | ---- | M] () -- C:\Program Files (x86)\Seznam.cz\bin\postak.exe
MOD - [2012.01.10 14:51:40 | 000,822,816 | ---- | M] () -- C:\Program Files (x86)\Seznam.cz\bin\email.4.dll
MOD - [2012.01.10 14:51:14 | 001,151,520 | ---- | M] () -- C:\Program Files (x86)\Seznam.cz\bin\core.4.dll
MOD - [2011.07.30 08:07:53 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_cs_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.11.13 04:00:59 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.01.30 02:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF


========== Services (SafeList) ==========

SRV:64bit: - [2011.06.08 00:21:54 | 000,301,568 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2011.05.08 12:25:40 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.10.11 02:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2009.11.19 23:39:16 | 000,062,264 | ---- | M] (Duality Software) [Auto | Running] -- C:\Program Files\DS Clock\dsetime.exe -- (DSClockSyncTime)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.07.04 09:16:47 | 000,386,112 | ---- | M] (Wsys Co., Ltd.) [Auto | Running] -- C:\ProgramData\eSafe\eGdpSvc.exe -- (WsysSvc)
SRV - [2013.06.12 19:54:50 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.21 06:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe -- (NCO)
SRV - [2013.05.20 22:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe -- (NIS)
SRV - [2013.05.10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.03.22 06:07:18 | 000,093,072 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2013.02.28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.10.03 16:51:04 | 000,725,400 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.09.27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012.08.10 15:48:50 | 000,197,536 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2012.07.09 01:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2011.06.14 18:19:42 | 000,138,400 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011.06.14 18:18:06 | 000,097,952 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2011.05.06 00:06:46 | 000,263,496 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe -- (FPLService)
SRV - [2011.04.30 01:32:54 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011.04.08 12:01:16 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2011.02.24 01:10:24 | 000,212,944 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service)
SRV - [2011.02.19 00:37:00 | 002,372,096 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011.02.18 16:30:32 | 007,233,952 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\WiselinkPro.exe -- (SamsungAllShare)
SRV - [2011.02.18 16:30:22 | 000,022,464 | ---- | M] (Samsung Electronics) [Auto | Stopped] -- C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer)
SRV - [2011.02.01 23:41:24 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.02.01 23:41:20 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.10.12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006.12.19 11:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Auto | Running] -- C:\Windows\SysWOW64\IoctlSvc.exe -- (PLFlash DeviceIoControl Service)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2013.07.04 07:12:59 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013.06.04 09:15:02 | 000,103,448 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013.06.04 09:15:00 | 000,203,672 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2013.05.22 23:25:28 | 001,139,800 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2013.05.20 23:02:00 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\SymDS64.sys -- (SymDS)
DRV:64bit: - [2013.05.15 23:02:14 | 000,796,760 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013.04.24 18:43:56 | 000,433,752 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symnets.sys -- (SymNetS)
DRV:64bit: - [2013.04.16 04:41:14 | 000,169,048 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NSTx64\7DD04000.00A\ccsetx64.sys -- (ccSet_NST)
DRV:64bit: - [2013.04.15 20:41:14 | 000,169,048 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\ccSetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2013.03.04 19:40:08 | 000,224,416 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\Ironx64.sys -- (SymIRON)
DRV:64bit: - [2013.03.04 19:21:36 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2012.08.03 18:49:18 | 000,040,432 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2012.06.27 16:18:52 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012.06.11 15:17:44 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2012.06.11 15:17:44 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2012.06.11 15:17:44 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2012.06.11 15:17:44 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.07.30 08:24:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.07.30 08:24:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.06.14 18:18:32 | 000,496,800 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011.06.14 18:18:32 | 000,280,992 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011.06.14 18:18:30 | 000,167,072 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011.06.14 18:18:30 | 000,068,256 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011.06.14 18:18:30 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011.06.14 18:18:30 | 000,030,368 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011.06.14 18:18:28 | 000,330,400 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011.06.14 18:18:28 | 000,110,240 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2011.06.10 04:19:54 | 001,451,056 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.06.08 00:21:58 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011.05.08 12:58:06 | 009,259,520 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.05.08 11:50:14 | 000,301,568 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.04.26 12:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.04.21 21:17:10 | 002,727,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011.04.15 21:08:26 | 012,228,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2011.02.15 21:37:00 | 000,335,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011.01.27 07:35:26 | 000,425,064 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.11.21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.10.20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.10.15 11:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009.06.10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009.06.10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 22:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013.07.03 15:09:36 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20130705.001\IDSviA64.sys -- (IDSVia64)
DRV - [2013.07.01 01:00:00 | 002,098,776 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130705.023\ex64.sys -- (NAVEX15)
DRV - [2013.07.01 01:00:00 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013.07.01 01:00:00 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013.07.01 01:00:00 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130705.023\eng64.sys -- (NAVENG)
DRV - [2013.05.20 22:41:34 | 001,393,240 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20130702.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012.01.10 11:18:18 | 000,066,944 | ---- | M] (TOSHIBA Corporation) [File_System | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\thdudf.sys -- (thdudf)
DRV - [2011.08.26 16:11:26 | 000,035,256 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files (x86)\IObit(UNLOCKER)\IObit Unlocker\IObitUnlocker.sys -- (IObitUnlocker)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1372929995
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_m ... 1372929995
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE:64bit: - HKLM\..\SearchScopes\{2E2523CE-E607-481C-BB3D-A5F90EB09D8B}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.qvo6.com/web/?utm_source= ... ts=3473461
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://cs.wikipedia.org/wiki/Special:Se ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1372929995
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_m ... 1372929995
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\..\SearchScopes\{2E2523CE-E607-481C-BB3D-A5F90EB09D8B}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://cs.wikipedia.org/wiki/Special:Se ... earchTerms}


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-4053761563-1308773097-1894922761-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1372929995
IE - HKU\S-1-5-21-4053761563-1308773097-1894922761-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKU\S-1-5-21-4053761563-1308773097-1894922761-1000\..\SearchScopes,DefaultScope = {6390691C-739F-49C7-B946-1BDE44850E2A}
IE - HKU\S-1-5-21-4053761563-1308773097-1894922761-1000\..\SearchScopes\{6390691C-739F-49C7-B946-1BDE44850E2A}: "URL" = http://www.google.com/search?q={searchT ... utEncoding?}
IE - HKU\S-1-5-21-4053761563-1308773097-1894922761-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F04D2D30-776C-4d02-8627-8E4385ECA58D}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.3.0.26\coFFPlgn\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\IPSFFPlgn\ [2013.07.04 07:13:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\coFFPlgn\ [2013.07.06 10:44:47 | 000,000,000 | ---D | M]

[2012.11.28 02:28:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Monty\AppData\Roaming\Mozilla\Extensions
[2012.11.28 02:28:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Monty\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.cz/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll
CHR - plugin: Norton Identity Safe (Enabled) = C:\Users\Monty\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.0.10_0\npcoplgn.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U21 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: WildTangent Games App V2 Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll
CHR - Extension: AdBlock = C:\Users\Monty\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0\
CHR - Extension: Norton Identity Protection = C:\Users\Monty\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.0.10_0\
CHR - Extension: AdBlock = C:\Users\Monty\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0\
CHR - Extension: Norton Identity Protection = C:\Users\Monty\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.0.10_0\

O1 HOSTS File: ([2013.07.06 09:51:25 | 000,000,938 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-4053761563-1308773097-1894922761-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4053761563-1308773097-1894922761-1000..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-4053761563-1308773097-1894922761-1000..\Run: [DS Clock] C:\Program Files\DS Clock\DSClock.exe (Duality Software)
O4 - HKU\S-1-5-21-4053761563-1308773097-1894922761-1000..\Run: [Freeraser] C:\Program Files (x86)\Codyssey(FREERASER)\Freeraser\Freeraser.exe (Codyssey)
O4 - HKU\S-1-5-21-4053761563-1308773097-1894922761-1000..\Run: [Seznam Postak] C:\Program Files (x86)\Seznam.cz\bin\postak.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKU\S-1-5-21-4053761563-1308773097-1894922761-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-4053761563-1308773097-1894922761-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3941FFE0-BA2F-489C-A30F-467A9EBBE393}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BFA18997-11F0-4293-BDCE-4499CC014175}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O28 - HKLM ShellExecuteHooks: UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.11.29 02:20:31 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.07.06 13:44:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Monty\Desktop\OTL.exe
[2013.07.06 09:19:03 | 000,000,000 | ---D | C] -- C:\rsit
[2013.07.04 11:29:47 | 000,000,000 | ---D | C] -- C:\Users\Monty\Documents\My Videos
[2013.07.04 11:28:29 | 000,000,000 | ---D | C] -- C:\ProgramData\eSafe
[2013.07.04 11:01:05 | 000,000,000 | ---D | C] -- C:\PCShareManagerUpload
[2013.07.04 10:37:51 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2013.07.04 07:12:59 | 000,177,312 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013.07.04 07:12:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2013.07.04 07:12:22 | 001,139,800 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1404000.028\SymEFA64.sys
[2013.07.04 07:12:22 | 000,796,760 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1404000.028\srtsp64.sys
[2013.07.04 07:12:22 | 000,493,656 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1404000.028\SymDS64.sys
[2013.07.04 07:12:22 | 000,433,752 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symnets.sys
[2013.07.04 07:12:22 | 000,224,416 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1404000.028\Ironx64.sys
[2013.07.04 07:12:22 | 000,169,048 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1404000.028\ccSetx64.sys
[2013.07.04 07:12:22 | 000,036,952 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1404000.028\srtspx64.sys
[2013.07.04 07:12:22 | 000,023,448 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1404000.028\SymELAM.sys
[2013.07.04 07:12:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64
[2013.07.04 07:12:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64\1404000.028
[2013.07.04 07:12:12 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
[2013.07.04 07:12:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Internet Security
[2013.07.03 21:56:50 | 000,000,000 | ---D | C] -- C:\ProgramData\OviInstallerCache
[2013.07.03 21:15:20 | 000,000,000 | ---D | C] -- C:\Users\Monty\Documents\Nokia Suite
[2013.07.02 20:50:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
[2013.07.02 20:50:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyFree Codec
[2013.07.02 20:49:20 | 000,000,000 | ---D | C] -- C:\Users\Monty\Documents\SelfMV
[2013.07.02 20:29:38 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log
[2013.07.02 20:29:34 | 000,000,000 | ---D | C] -- C:\Users\Monty\AppData\Local\Samsung
[2013.07.02 20:29:32 | 000,000,000 | ---D | C] -- C:\Users\Monty\AppData\Roaming\Samsung
[2013.07.02 20:29:27 | 000,000,000 | ---D | C] -- C:\Users\Monty\Documents\samsung
[2013.07.02 20:23:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
[2013.07.02 20:23:02 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\SysWow64\Redemption.dll
[2013.07.02 20:22:24 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\SysWow64\dgderapi.dll
[2013.07.02 20:21:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2013.07.02 20:21:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung
[2013.07.02 15:32:35 | 000,000,000 | -HSD | C] -- C:\Users\Monty\Phone Browser
[2012.12.31 12:28:00 | 000,905,728 | ---- | C] (Share-rapid.com) -- C:\Program Files (x86)\SRDownloader.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========
Nahoru
monty1
Návštěvník
Návštěvník
Příspěvky: 116
Registrován: 03 kvě 2007 16:59

Re: Prosím o kontrolu logu:Qvo6,delta-search

#13 Příspěvek od monty1 »

[2013.07.06 14:18:02 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.07.06 13:51:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.07.06 13:44:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Monty\Desktop\OTL.exe
[2013.07.06 13:42:00 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.07.06 10:52:13 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.06 10:52:13 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.06 10:43:33 | 000,000,434 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2013.07.06 10:41:50 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.07.06 10:41:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.06 10:41:25 | 3180,220,416 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.06 10:35:56 | 000,650,027 | ---- | M] () -- C:\Users\Monty\Desktop\adwcleaner.exe
[2013.07.06 09:51:25 | 000,000,938 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.07.06 09:18:15 | 000,935,175 | ---- | M] () -- C:\Users\Monty\Desktop\RSITx64.exe
[2013.07.06 08:55:34 | 000,001,575 | ---- | M] () -- C:\Users\Monty\Desktop\iexplore – zástupce.lnk
[2013.07.05 21:42:31 | 000,002,310 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.07.04 18:40:16 | 000,003,086 | ---- | M] () -- C:\Windows\wininit.ini
[2013.07.04 11:29:17 | 000,002,029 | ---- | M] () -- C:\Users\Public\Desktop\Samsung AllShare.lnk
[2013.07.04 11:27:53 | 000,420,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp100.dll
[2013.07.04 07:13:16 | 001,497,725 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\Cat.DB
[2013.07.04 07:12:59 | 000,177,312 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013.07.04 07:12:59 | 000,007,631 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013.07.04 07:12:59 | 000,000,854 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2013.07.03 06:21:46 | 013,454,676 | ---- | M] () -- C:\Users\Monty\Desktop\GT-I9300_UM_Open_Jellybean_Cze_Rev.1.3_130213_Screen.pdf
[2013.07.02 20:49:31 | 000,003,584 | ---- | M] () -- C:\Users\Monty\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.07.02 20:26:00 | 000,002,006 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
[2013.07.02 20:26:00 | 000,001,996 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2013.07.02 15:30:50 | 001,582,262 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.07.02 15:30:50 | 000,668,376 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.07.02 15:30:50 | 000,653,724 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.07.02 15:30:50 | 000,141,004 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.07.02 15:30:50 | 000,121,596 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.06.19 14:06:20 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForMonty.job
[2013.06.12 19:54:45 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.06.12 19:54:45 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.06.10 19:29:52 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\isolate.ini
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.07.06 13:51:27 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.07.06 10:35:55 | 000,650,027 | ---- | C] () -- C:\Users\Monty\Desktop\adwcleaner.exe
[2013.07.06 09:18:15 | 000,935,175 | ---- | C] () -- C:\Users\Monty\Desktop\RSITx64.exe
[2013.07.04 15:37:42 | 000,000,952 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.07.04 15:37:40 | 000,000,948 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.07.04 11:29:17 | 000,002,029 | ---- | C] () -- C:\Users\Public\Desktop\Samsung AllShare.lnk
[2013.07.04 07:25:41 | 000,014,818 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\VT20130115.021
[2013.07.04 07:13:00 | 001,497,725 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\Cat.DB
[2013.07.04 07:12:59 | 000,007,631 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013.07.04 07:12:59 | 000,000,854 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2013.07.04 07:12:14 | 000,014,818 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\SymVTcer.dat
[2013.07.04 07:12:14 | 000,009,670 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\SymELAM64.cat
[2013.07.04 07:12:14 | 000,008,067 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symnet64.cat
[2013.07.04 07:12:14 | 000,008,067 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\srtsp64.cat
[2013.07.04 07:12:14 | 000,008,063 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\SymDS64.cat
[2013.07.04 07:12:14 | 000,007,667 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\ccsetx64.cat
[2013.07.04 07:12:14 | 000,007,593 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\iron.cat
[2013.07.04 07:12:14 | 000,007,589 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\srtspx64.cat
[2013.07.04 07:12:14 | 000,007,587 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\SymEFA64.cat
[2013.07.04 07:12:14 | 000,003,434 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\SymEFA.inf
[2013.07.04 07:12:14 | 000,002,852 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\SymDS.inf
[2013.07.04 07:12:14 | 000,001,440 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\SymNet.inf
[2013.07.04 07:12:14 | 000,001,437 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\srtsp64.inf
[2013.07.04 07:12:14 | 000,001,420 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\srtspx64.inf
[2013.07.04 07:12:14 | 000,000,996 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symELAM.inf
[2013.07.04 07:12:14 | 000,000,853 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\ccSetx64.inf
[2013.07.04 07:12:14 | 000,000,767 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\Iron.inf
[2013.07.04 07:12:14 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\isolate.ini
[2013.07.03 06:21:45 | 013,454,676 | ---- | C] () -- C:\Users\Monty\Desktop\GT-I9300_UM_Open_Jellybean_Cze_Rev.1.3_130213_Screen.pdf
[2013.07.02 20:49:31 | 000,003,584 | ---- | C] () -- C:\Users\Monty\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.07.02 20:26:00 | 000,002,006 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
[2013.07.02 20:26:00 | 000,001,996 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2013.05.22 20:43:52 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2013.05.22 20:43:48 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2013.05.22 20:43:48 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2013.05.22 20:43:48 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2013.05.22 20:43:48 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2013.04.09 18:54:47 | 000,054,272 | ---- | C] () -- C:\Users\Monty\AppData\Local\NIS
[2013.01.17 00:12:22 | 000,003,086 | ---- | C] () -- C:\Windows\wininit.ini
[2013.01.03 18:02:08 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012.12.31 12:35:30 | 000,037,441 | ---- | C] () -- C:\Users\Monty\AppData\Local\SRDownloader.err
[2012.12.31 12:30:23 | 000,001,168 | ---- | C] () -- C:\Users\Monty\AppData\Local\SRDownloader.nast
[2012.12.26 15:41:58 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2012.12.25 12:55:31 | 000,000,543 | ---- | C] () -- C:\Users\Monty\AppData\Roaming\All CPU MeterV3_Settings.ini
[2012.12.21 17:38:52 | 000,073,216 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012.12.12 20:59:48 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2012.12.11 21:52:29 | 000,007,617 | ---- | C] () -- C:\Users\Monty\AppData\Local\resmon.resmoncfg
[2012.12.08 13:29:56 | 001,558,096 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.12.02 13:23:21 | 000,000,074 | ---- | C] () -- C:\Windows\pslabeler3.ini
[2012.12.02 13:23:13 | 000,000,025 | ---- | C] () -- C:\Windows\calcpslab3.ini
[2012.11.28 22:21:22 | 000,000,729 | ---- | C] () -- C:\Users\Monty\AppData\Roaming\EggTimeCounter_Prefs.plist
[2012.11.28 21:57:35 | 000,000,184 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2012.11.28 19:18:06 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini
[2012.03.25 01:56:11 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.03.25 01:44:14 | 000,003,155 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2012.03.25 01:38:28 | 000,000,048 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011.07.29 23:04:07 | 000,000,068 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.03.23 14:56:27 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Audacity
[2012.12.29 19:25:39 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\avidemux
[2013.01.03 16:12:40 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Broad Intelligence
[2012.12.12 22:58:08 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Canon
[2013.01.03 17:23:53 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Digiarty
[2013.01.09 23:09:01 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Duality Software
[2013.05.30 23:11:38 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\DVDVideoSoft
[2013.01.10 00:39:57 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\FolderColorize
[2013.04.11 06:52:46 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\GoforFiles
[2013.07.03 18:43:23 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\ICQ
[2012.11.28 18:52:45 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\IrfanView
[2013.04.09 18:18:53 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Joyvy
[2013.01.03 18:28:22 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Leawo
[2012.12.11 22:54:16 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Namco
[2013.07.03 22:00:55 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Nokia
[2013.07.03 21:24:10 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Nokia Suite
[2012.12.28 16:55:28 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\PC Suite
[2012.12.26 18:44:27 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Posta
[2013.07.04 11:29:20 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Samsung
[2013.01.29 14:53:53 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Seznam.cz
[2012.12.06 11:44:21 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\SpinTop Games
[2013.01.31 15:38:39 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Stereoscopic Player
[2012.11.27 20:38:37 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Synaptics
[2013.01.03 18:03:12 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\tiger-k
[2012.11.28 02:28:26 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\TomTom
[2012.12.15 02:19:55 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\TuneUp Software
[2013.05.06 07:45:15 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Tyre
[2012.12.01 17:30:10 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\VitySoft
[2012.11.29 23:49:55 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\WildTangent
[2012.12.25 22:15:31 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Windows Live Writer
[2012.12.03 20:00:19 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\xrecode2
[2012.11.28 21:00:48 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Zoner
[2012.12.11 22:38:52 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\_MDLogs

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,540 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013.03.17 14:33:26 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.04.20 06:58:44 | 000,000,332 | ---- | C] () -- C:\Windows\Tasks\HPCeeScheduleForMonty.job
[2013.07.04 15:37:40 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.07.04 15:37:42 | 000,000,952 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.07.30 08:21:52 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.07.30 08:21:52 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.07.30 08:21:52 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.07.30 08:21:52 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.07.30 08:21:52 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.07.30 08:21:52 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012.08.22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2012.03.25 11:34:23 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2012.03.25 11:34:23 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2011.07.30 08:22:05 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=CB6A53EF141CC3DA32DA54F7E75D301B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21687_none_118505f696597a9d\tcpip.sys
[2011.07.30 08:22:05 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=DC08410DB2D0CC542DACAC7A90E6CB7A -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17582_none_10f667b97d405c20\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.11.28 21:27:44 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Adobe
[2013.05.26 15:25:13 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Atheros
[2012.11.27 20:39:41 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\ATI
[2013.03.23 14:56:27 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Audacity
[2012.12.29 19:25:39 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\avidemux
[2013.01.03 16:12:40 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Broad Intelligence
[2012.12.12 22:58:08 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Canon
[2012.11.29 20:43:19 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\CyberLink
[2013.01.03 17:23:53 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Digiarty
[2013.01.09 23:09:01 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Duality Software
[2013.01.03 16:01:52 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\dvdcss
[2013.05.30 23:11:38 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\DVDVideoSoft
[2013.01.10 00:39:57 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\FolderColorize
[2013.04.11 06:52:46 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\GoforFiles
[2013.04.18 17:37:57 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Hewlett-Packard
[2013.04.20 06:53:58 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\hpqlog
[2013.07.03 18:43:23 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\ICQ
[2012.12.02 13:43:24 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Identities
[2013.01.18 11:06:49 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\InstallShield
[2012.11.27 20:38:40 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Intel Corporation
[2012.11.28 18:52:45 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\IrfanView
[2013.04.09 18:18:53 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Joyvy
[2013.01.03 18:28:22 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Leawo
[2012.11.27 23:46:56 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Macromedia
[2012.11.28 18:47:02 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Malwarebytes
[2012.03.25 11:31:35 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Media Center Programs
[2013.07.06 10:15:49 | 000,000,000 | --SD | M] -- C:\Users\Monty\AppData\Roaming\Microsoft
[2012.11.28 02:28:29 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Mozilla
[2012.12.11 22:54:16 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Namco
[2012.11.28 19:25:24 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Nero
[2013.07.03 22:00:55 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Nokia
[2013.07.03 21:24:10 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Nokia Suite
[2012.12.28 16:55:28 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\PC Suite
[2012.12.26 18:44:27 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Posta
[2013.07.04 11:29:20 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Samsung
[2013.01.29 14:53:53 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Seznam.cz
[2013.07.05 19:32:15 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Skype
[2013.02.12 18:13:13 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\skypePM
[2012.12.06 11:44:21 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\SpinTop Games
[2013.01.31 15:38:39 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Stereoscopic Player
[2012.11.27 20:24:17 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Symantec
[2012.11.27 20:38:37 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Synaptics
[2013.01.03 18:03:12 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\tiger-k
[2012.11.28 02:28:26 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\TomTom
[2012.12.15 02:19:55 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\TuneUp Software
[2013.05.06 07:45:15 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Tyre
[2012.12.01 17:30:10 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\VitySoft
[2012.11.29 23:49:55 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\WildTangent
[2012.12.25 22:15:31 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Windows Live Writer
[2012.11.27 22:29:34 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\WinRAR
[2012.12.03 20:00:19 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\xrecode2
[2012.11.28 21:00:48 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Zoner
[2012.12.11 22:38:52 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\_MDLogs

< %APPDATA%\*.exe /s >
[2013.05.23 15:17:02 | 000,604,528 | ---- | M] (ml) -- C:\Users\Monty\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2013.05.23 15:17:02 | 000,604,528 | ---- | M] (ml) -- C:\Users\Monty\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe
[2006.12.01 10:13:48 | 000,040,960 | ---- | M] () -- C:\Users\Monty\AppData\Roaming\Tyre\appstop.exe
[2012.11.09 17:22:00 | 000,041,472 | ---- | M] () -- C:\Users\Monty\AppData\Roaming\Tyre\gpx2itn.exe
[2013.05.05 19:38:49 | 002,584,148 | ---- | M] ('t Schrijverke ) -- C:\Users\Monty\AppData\Roaming\Tyre\TyreSetup.exe
[2013.05.26 12:37:37 | 000,311,416 | ---- | M] (WildTangent, Inc.) -- C:\Users\Monty\AppData\Roaming\WildTangent\Updater\GameConsole\GameConsole-4.0.26.43-to-4.0.26.54.exe
[2012.11.29 03:52:32 | 000,049,824 | ---- | M] (WildTangent) -- C:\Users\Monty\AppData\Roaming\WildTangent\Updater\GameConsole\Park-{922c49d0-ba6f-4080-ae1e-e8714b224d06}.exe
[2012.11.28 22:10:37 | 000,000,172 | ---- | M] () -- C:\Users\Monty\AppData\Roaming\WildTangent\WildTangent Games\App\DPConfig\InstallTouchpoints-hp.exe_filedata
[2012.11.29 03:52:32 | 000,572,064 | ---- | M] (WildTangent, Inc.) -- C:\Users\Monty\AppData\Roaming\WildTangent\WildTangent Games\App\Update\Updater.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2013.07.06 13:51:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.07.06 10:41:50 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.07.06 13:42:00 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.06.19 14:06:20 | 000,000,332 | ---- | M] () -- C:\Windows\Tasks\HPCeeScheduleForMonty.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.07.06 10:43:09 | 000,001,878 | ---- | M] () -- C:\Windows\system32\http_ss.log
[2013.07.04 11:01:05 | 000,000,074 | ---- | M] () -- C:\Windows\system32\log.log
[2013.07.06 10:46:52 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt
[2013.07.04 11:27:53 | 000,420,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcp100.dll

< %SYSTEMDRIVE%\*.exe >

< >

< *crack* /s >
[2008.02.28 21:27:56 | 000,009,858 | ---- | M] () -- \Program Files (x86)\HP Games\Farm Frenzy\wtmui_es\Data\Sounds\bear_crack_cat.ogg
[2008.02.28 21:27:54 | 000,014,005 | ---- | M] () -- \Program Files (x86)\HP Games\Farm Frenzy\wtmui_es\Data\Sounds\bear_crack_cow.ogg
[2008.02.28 21:27:54 | 000,009,910 | ---- | M] () -- \Program Files (x86)\HP Games\Farm Frenzy\wtmui_es\Data\Sounds\bear_crack_goose.ogg
[2008.02.28 21:27:54 | 000,044,166 | ---- | M] () -- \Program Files (x86)\HP Games\Farm Frenzy\wtmui_es\Data\Sounds\bear_crack_product.ogg
[2008.02.28 21:27:56 | 000,015,006 | ---- | M] () -- \Program Files (x86)\HP Games\Farm Frenzy\wtmui_es\Data\Sounds\bear_crack_sheep.ogg
[2008.02.28 21:27:56 | 000,009,858 | ---- | M] () -- \Program Files (x86)\HP Games\Farm Frenzy\wtmui_it\Data\Sounds\bear_crack_cat.ogg
[2008.02.28 21:27:54 | 000,014,005 | ---- | M] () -- \Program Files (x86)\HP Games\Farm Frenzy\wtmui_it\Data\Sounds\bear_crack_cow.ogg
[2008.02.28 21:27:54 | 000,009,910 | ---- | M] () -- \Program Files (x86)\HP Games\Farm Frenzy\wtmui_it\Data\Sounds\bear_crack_goose.ogg
[2008.02.28 21:27:54 | 000,044,166 | ---- | M] () -- \Program Files (x86)\HP Games\Farm Frenzy\wtmui_it\Data\Sounds\bear_crack_product.ogg
[2008.02.28 21:27:56 | 000,015,006 | ---- | M] () -- \Program Files (x86)\HP Games\Farm Frenzy\wtmui_it\Data\Sounds\bear_crack_sheep.ogg
[2012.12.01 17:36:59 | 000,005,369 | ---- | M] () -- \Users\Monty\AppData\Roaming\VitySoft\FRD\plugins\crackle.frp

< *keygen* /s >
[2007.04.24 23:06:14 | 000,064,000 | ---- | M] () -- \Users\Monty\Documents\Tom-aktivátor aj\Tomtom\Tomtom Home 2.5\nový aktivátor\Easytools_CZ_pro_PNA\Easytools_CZ_pro PNA\Progs\keygen6.exe
[2009.11.02 21:12:20 | 000,062,464 | ---- | M] () -- \Users\Monty\Documents\Tom-aktivátor aj\Tomtom\Tomtom Home 2.5\nový aktivátor\Easytools_CZ_pro_PNA\Easytools_CZ_pro PNA\Progs\tt8_keygen2.exe

< *AntiWPA* /s >

< *loader* /s >
[2012.12.31 12:28:02 | 000,905,728 | ---- | M] () -- \Program Files (x86)\SRDownloader.exe
[2010.03.24 20:12:34 | 000,249,680 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.03.24 20:12:34 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2008.06.24 14:45:14 | 000,111,912 | ---- | M] () -- \Program Files (x86)\Common Files\Nero\Shared\NSCLoader.dll
[2012.10.26 10:54:20 | 000,127,504 | ---- | M] () -- \Program Files (x86)\CyberLink\YouCam\Koan\pyloader.dll
[2012.10.22 17:30:36 | 000,021,001 | ---- | M] () -- \Program Files (x86)\CyberLink\YouCam\subsys\Uploader\PyUploader.kc
[2012.10.22 17:30:36 | 000,224,368 | ---- | M] () -- \Program Files (x86)\CyberLink\YouCam\subsys\Uploader\_PyUploader.pyd
[2012.10.26 10:54:08 | 000,171,024 | ---- | M] () -- \Program Files (x86)\CyberLink\YouCam\subsys\YouCam\CES_3DLoaderC3S.dll
[2012.10.26 10:54:16 | 002,528,784 | ---- | M] () -- \Program Files (x86)\CyberLink\YouCam\subsys\YouCam\CES_3DLoaderFBX.dll
[2011.06.27 17:08:58 | 000,053,248 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Setup\ContentDownloader.exe
[2011.02.23 18:12:16 | 000,005,974 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Setup\ContentDownloader.exe.config
[2010.10.15 17:58:50 | 000,001,012 | ---- | M] () -- \Program Files (x86)\HP Games\onplay\downloader_bg_400.gif
[2012.12.10 21:17:26 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7.7\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2012.12.10 21:17:26 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7.7\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2012.12.10 21:17:25 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7.7\imApp\theme\MUICoreLib\xtraLoader.swf
[2012.04.20 11:29:39 | 000,002,886 | ---- | M] () -- \Program Files (x86)\ICQ7.7\Xtraz\icq\content\babylon_feed\preloader01_b.swf
[2012.12.10 21:19:23 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.7\Xtraz\icq\content\profile_lightboxs\preloader.html
[2011.03.17 15:44:48 | 001,009,664 | ---- | M] () -- \Program Files (x86)\IObit(UNLOCKER)\IObit Unlocker\Freeware\UnLock_FreeSoftwareDownloader.exe
[2011.07.05 10:03:46 | 000,004,386 | ---- | M] () -- \Program Files (x86)\Leawo(AVI na 3D)\Total Media Converter Ultimate\res\skin_en\get_downloader.png
[2012.06.26 13:36:20 | 000,002,560 | ---- | M] () -- \Program Files (x86)\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2013.05.23 15:13:44 | 000,069,120 | ---- | M] () -- \Program Files (x86)\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2013.07.04 10:39:53 | 000,266,128 | ---- | M] () -- \Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\GT-I9300\BinaryLoaderMgr.exe
[2013.07.04 10:39:54 | 000,247,704 | ---- | M] () -- \Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\GT-I9300\DeviceDownloader.dll
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2012.05.21 23:56:04 | 000,002,196 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\GamePlay_Loader.html
[2012.07.19 01:18:28 | 000,000,598 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\EULA\images\downloader_bg_400.gif
[2012.05.21 23:56:04 | 000,009,085 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\Scripts\gameplay_loader.js
[2010.11.03 23:17:00 | 000,002,355 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\Skins\default\gameplay_loader.css
[2010.03.24 20:35:48 | 000,370,512 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.03.24 20:35:48 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012.06.09 20:19:38 | 000,055,296 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2012.10.18 18:48:18 | 000,430,080 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 16:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Facebook\ZPSPluginLoader.exe
[2012.10.18 18:47:30 | 000,442,368 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 16:12:42 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Flickr\ZPSPluginLoader.exe
[2012.10.18 18:48:44 | 000,194,560 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Picasa\ZPSPicasaUploader.exe
[2010.04.29 16:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Picasa\ZPSPluginLoader.exe
[2012.10.18 18:56:18 | 000,103,520 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Program32\8bfLoader.exe
[2012.10.18 18:56:32 | 000,017,504 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Program32\WICLoader.exe
[2012.10.18 18:57:26 | 000,020,064 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Program64\WICLoader.exe
[2008.02.04 13:32:50 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\Nero8\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2008.02.04 13:32:50 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\Nero8\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.31 15:53:04 | 000,037,441 | ---- | M] () -- \Users\Monty\AppData\Local\SRDownloader.err
[2013.01.26 12:11:15 | 000,001,168 | ---- | M] () -- \Users\Monty\AppData\Local\SRDownloader.nast
[2013.07.05 09:11:58 | 000,109,448 | ---- | M] () -- \Users\Monty\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DYI9ABVQ\AdLoader-b3e321cab5fbc3c4ed10b513bb467bae.min[1].js
[2013.07.05 09:11:58 | 000,001,511 | ---- | M] () -- \Users\Monty\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEYC2MO8\AdLoader[1].htm
[2013.07.03 21:53:30 | 000,019,497 | ---- | M] () -- \Users\Monty\AppData\Local\Temp\UninstallRes\ClientPackage\Images\uninstall\loader.gif
[2012.12.31 16:42:08 | 000,001,339 | ---- | M] () -- \Users\Monty\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\SRDownloader.exe.lnk
[2012.12.19 12:04:16 | 000,030,608 | ---- | M] () -- \Users\Monty\AppData\Roaming\Seznam.cz\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2013.05.23 19:23:56 | 000,000,024 | ---- | M] () -- \Users\Monty\Documents\TomTom\HOME\Backup\ONE XL\Backup01\InternalMemory\bootloaderversion.txt
[2012.09.22 12:23:38 | 000,000,024 | ---- | M] () -- \Users\Monty\Documents\TomTom\Záloha 23.5 2013\bootloaderversion.txt
[2012.12.14 21:05:09 | 000,916,616 | ---- | M] () -- \Users\Public\Downloads\Norton\{NIS202019-SHPD-FSD31014}\NISDownloader.exe
[2013.04.08 19:51:57 | 000,916,648 | ---- | M] () -- \Users\Public\Downloads\Norton\{NIS202122-SHPD-FSD31014}\NISDownloader.exe
[2013.07.04 07:01:44 | 001,019,408 | ---- | M] () -- \Users\Public\Downloads\Norton\{NIS204040-SHPD-FSD33017}\NISDownloader.exe
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.10.04 10:12:02 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2012.10.17 19:32:58 | 000,009,622 | ---- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2012.10.04 10:12:02 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2012.10.17 19:32:58 | 000,009,622 | ---- | M] () -- \Windows\SysWOW64\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.30 08:08:27 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2011.07.30 08:08:27 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2011.07.30 08:08:27 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2011.07.30 08:08:27 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2011.07.30 08:08:27 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.07.30 08:19:16 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.07.30 08:19:16 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.07.30 08:19:16 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.07.30 08:19:16 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.07.30 08:19:16 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011.07.30 08:05:05 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.07.30 08:19:12 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.07.30 08:19:12 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >
[2013.05.30 20:59:03 | 000,000,184 | ---- | M] () -- \Windows\AutoKMS.ini
[1 \Windows\*.tmp files -> \Windows\*.tmp -> ]

< *activator* /s >

< *serial* /s >
[2013.01.24 20:09:36 | 000,434,264 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20125.0\System.Runtime.Serialization.dll
[2013.05.25 21:54:30 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20125.0\System.Runtime.Serialization.ni.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011.07.30 08:08:02 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011.07.30 08:08:02 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2011.07.30 08:07:51 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.01.17 09:38:34 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\eb4fa29ea9ab56d453b36696edbe6423\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.01.17 09:47:33 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\fde22ad3592f537464b769ae693152aa\System.Runtime.Serialization.ni.dll
[2013.01.17 09:46:56 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\32072ac29ee7bc9e2ccab4fb8aa46d54\System.Runtime.Serialization.ni.dll
[2013.01.17 09:41:10 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\8e03b29f6562f1b7ce14fa3337d9cee2\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.01.19 16:27:51 | 000,304,640 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\04839b2872960ef907d53a47537489d3\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.01.19 16:27:51 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\04839b2872960ef907d53a47537489d3\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2013.01.19 16:27:51 | 002,785,280 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\5c4a765df1f320d8a263679d33fc45a4\System.Runtime.Serialization.ni.dll
[2013.01.19 16:27:51 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\5c4a765df1f320d8a263679d33fc45a4\System.Runtime.Serialization.ni.dll.aux
[2013.01.19 16:29:12 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\bdd71090224c9e8b7d4ea0f940e7a822\System.Xml.Serialization.ni.dll
[2013.01.19 16:29:12 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\bdd71090224c9e8b7d4ea0f940e7a822\System.Xml.Serialization.ni.dll.aux
[2013.01.19 17:13:05 | 000,373,248 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\49760fe82994fbfd3995272c128f94c8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.01.19 17:13:05 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\49760fe82994fbfd3995272c128f94c8\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2013.01.19 17:13:04 | 003,599,872 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\d5815e9193ed3c2361585bb697f9c81c\System.Runtime.Serialization.ni.dll
[2013.01.19 17:13:04 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\d5815e9193ed3c2361585bb697f9c81c\System.Runtime.Serialization.ni.dll.aux
[2013.01.19 17:15:27 | 000,028,672 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\522ab96fd18691393f2a10ba921f2388\System.Xml.Serialization.ni.dll
[2013.01.19 17:15:27 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\522ab96fd18691393f2a10ba921f2388\System.Xml.Serialization.ni.dll.aux
[2012.07.09 03:42:12 | 000,027,760 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.07.09 01:40:10 | 000,132,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.07.09 01:40:08 | 000,022,024 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2012.07.09 01:40:08 | 000,022,048 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2012.07.09 03:42:12 | 000,113,704 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2012.07.09 01:40:08 | 000,022,016 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2012.07.09 01:40:08 | 001,050,096 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.07.09 01:40:08 | 000,036,320 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2012.07.09 01:40:08 | 000,022,496 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011.07.30 08:07:52 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2012.07.09 01:40:08 | 001,050,096 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2012.07.09 01:40:10 | 000,132,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2012.07.09 01:40:08 | 000,022,024 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2012.07.09 01:40:08 | 000,022,048 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2012.07.09 01:40:08 | 000,022,016 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2012.07.09 01:40:08 | 000,036,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2012.07.09 01:40:08 | 000,022,496 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2012.07.09 03:42:12 | 000,027,760 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.07.09 03:42:12 | 000,113,704 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011.07.30 08:07:48 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2012.07.09 01:40:08 | 001,050,096 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2012.07.09 01:40:10 | 000,132,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2012.07.09 01:40:08 | 000,022,024 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2012.07.09 01:40:08 | 000,022,048 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2012.07.09 01:40:08 | 000,022,016 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2012.07.09 01:40:08 | 000,036,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2012.07.09 01:40:08 | 000,022,496 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2012.09.27 22:44:46 | 000,027,824 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.07.09 03:42:12 | 000,113,704 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2011.07.30 08:07:42 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2011.07.30 08:07:42 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2011.07.30 08:07:48 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2011.07.30 08:07:53 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2011.07.30 08:08:02 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2011.07.30 08:07:54 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2011.07.30 08:19:16 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.07.30 08:19:16 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2011.07.30 08:08:27 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2011.07.30 08:08:27 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.07.30 08:19:12 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.07.30 08:19:12 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010.11.21 05:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 20:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012.10.05 20:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2010.11.21 05:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 20:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012.10.05 20:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2010.11.21 05:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2011.07.30 08:06:32 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 21:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2010.11.21 05:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2010.11.21 05:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2011.07.30 08:07:51 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2011.07.30 08:08:02 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2011.07.30 08:07:52 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.07.30 08:07:42 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2011.07.30 08:08:02 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT

< End of report >
Nahoru
monty1
Návštěvník
Návštěvník
Příspěvky: 116
Registrován: 03 kvě 2007 16:59

Re: Prosím o kontrolu logu:Qvo6,delta-search

#14 Příspěvek od monty1 »

OTL Extras logfile created on: 6.7.2013 14:16:30 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Monty\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,95 Gb Total Physical Memory | 1,32 Gb Available Physical Memory | 33,42% Memory free
7,90 Gb Paging File | 5,07 Gb Available in Paging File | 64,17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 444,52 Gb Total Space | 346,51 Gb Free Space | 77,95% Space Free | Partition Type: NTFS
Drive D: | 17,07 Gb Total Space | 1,84 Gb Free Space | 10,78% Space Free | Partition Type: NTFS
Drive E: | 3,96 Gb Total Space | 1,08 Gb Free Space | 27,32% Space Free | Partition Type: FAT32
Drive G: | 931,51 Gb Total Space | 689,54 Gb Free Space | 74,02% Space Free | Partition Type: NTFS

Computer Name: MONTY-HP | User Name: Monty | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-4053761563-1308773097-1894922761-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03270073-2769-499D-A025-CADCAF500F4D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{1105AC24-3F43-457D-928D-6437779F2910}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{12AA55D8-176B-4F4F-8C85-21B7B81F049D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{192D5021-A3BA-433A-8FFD-93DFFBBA8661}" = lport=138 | protocol=17 | dir=in | app=system |
"{1BCD4CD1-59FD-4D5A-AEDF-6B8BB62DA0D6}" = rport=2869 | protocol=6 | dir=out | app=system |
"{1E64DBD1-5362-46D5-AA66-9308C3297091}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{218EBA2E-B1D9-42E6-BE19-983B657FAE85}" = rport=10243 | protocol=6 | dir=out | app=system |
"{259E3624-E95E-46A1-A02F-B51E8DC18A85}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{321F4EBD-05EB-43B3-AA98-54F5CE9675BD}" = lport=137 | protocol=17 | dir=in | app=system |
"{3E30BD9F-C9EE-408D-9EA3-759DD9569357}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{416F8DDC-B59E-4B74-915D-456A52D8A5A3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{483B39CD-7798-44D4-B884-9B853B215796}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{66396134-6500-4C25-80C2-464791A686A2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{68B1EEFA-172E-44ED-B1FD-70896E384EFB}" = rport=137 | protocol=17 | dir=out | app=system |
"{6AA3D28E-E0B9-442F-8B75-FB29B3F9910B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{6C2AF07F-B01B-41A3-BF9B-AB2E04EF4F8D}" = rport=138 | protocol=17 | dir=out | app=system |
"{7BE7291B-7A4C-4981-B0B5-00E76EDC137D}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{7D4358A5-1D57-4C8E-A4BA-D459E6B4A25C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7DA61B5C-72A0-45AF-9626-85C496D879D7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{801D0F9D-AFFE-456D-8284-2A34BDF7F7E5}" = rport=139 | protocol=6 | dir=out | app=system |
"{81A22BA0-39B7-43C2-8E48-F05CB95E64B6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{838016DD-8F3D-418B-9F94-10A3A2EDE423}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A0289B0C-2170-45E9-8FC4-D54FB1795BA6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A255C6E7-4373-4AEF-9936-EF77ABDD4588}" = rport=445 | protocol=6 | dir=out | app=system |
"{A3A528FD-8F18-4AFD-B327-FD690EB1EB68}" = lport=139 | protocol=6 | dir=in | app=system |
"{A66D35FF-A7DB-419C-8006-C1B213E6421D}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{C49DA439-5F4C-4DDF-A435-822E0F613676}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{C75D14AE-194E-4DF2-B041-F0F2075740E3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EEA65B39-FC4C-4001-AD7B-67094D28F9C4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EF576FA0-E0F7-4FFC-B9BF-BB768C84FFF9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FEAAC1E8-9BDB-43C7-A4BE-F06A8B24528C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{FF4E17D2-5980-4BB0-9CF1-60B6AA65B03C}" = lport=445 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C481E2A-1B99-4933-B413-BD17F399A222}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n10e wireless router utilities\liveupdate.exe |
"{13D0D221-3737-49DA-A60A-C5E54F8C057C}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\wiselinkpro.exe |
"{18363989-23D2-4E59-83AB-331DDAD3A048}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{19CB3482-A588-4555-8296-90611E194892}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{1FD599BF-39DA-4A21-B446-4D0307E6E2FB}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\http_ss_win_pro.exe |
"{219C9985-6C06-4C0E-891E-C4D12955164F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{28996BBB-6E63-411E-994D-20784A792607}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{2FB93290-26BB-45C7-86A1-5F438D47E22F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{353786A2-9CFF-4B5E-A764-D8F1912A50FF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{35C1B1CE-F3EA-4B19-8FA0-D28D7E0860B3}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n10e wireless router utilities\rescue.exe |
"{3B1C9663-7C88-483B-B05A-9E7D3D44E5BC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3C4E5A2C-FCB2-45D3-B20B-45C2AB9BC35A}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\http_ss_win_pro.exe |
"{3EF48628-98DB-432E-B711-DC47ECCF70FC}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{4C80432A-24C2-4CB4-87FA-4A13773C3137}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshareslideshowservice.exe |
"{50E9CF52-E598-45C4-8D70-B92D8E70A37E}" = dir=in | app=c:\windows\system32\ezsharedsvchost.exe |
"{526A4958-4458-4F36-8C84-6EF96BC7BB24}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n10e wireless router utilities\discovery.exe |
"{580EADEE-66C2-41A4-A5A4-CBE2B4389DFE}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\http_ss_win_pro.exe |
"{581E7342-D403-4303-B150-5C4C0ED8F252}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{58361D8A-A160-496F-8ADF-87B24C6576DB}" = dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\http_ss_win_pro.exe |
"{62943CF9-3C06-40CD-9AFE-1C9BB86AA7B9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{69B13792-B44B-4BC3-A417-325F89AF20F4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6F54FED0-5D7B-4610-8E5D-C8A8AEE14480}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{70321A25-CC1A-4BB2-9CCB-A2D85D4733FB}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n10e wireless router utilities\discovery.exe |
"{77B09878-FC51-4A05-A0A0-0C546AFB9760}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7FA0747D-E987-48B6-B597-CBB24E2F7E1F}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n10e wireless router utilities\liveupdate.exe |
"{81D38D98-5165-4C80-8B17-C06780737283}" = protocol=6 | dir=out | app=system |
"{84E84781-EF21-4711-972F-C2778E50EC1A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8558C35F-18F6-42A6-BD5E-A61737B7FD22}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{8D29F31D-F688-4753-A0F1-EA2FCB7D0205}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\wiselinkpro.exe |
"{96993B26-40B8-43A9-91EB-3AF039D1B277}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{97029F6E-73AE-4730-9DA6-26CD0B0C74A6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A48C9F1D-592D-4CF7-A2FE-DBF70C9A4DA2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A5B99BF3-A55B-4B4B-A3A2-84FDDCE19B9A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{A5CA8FF3-AF3F-46E5-8EA6-20BD243B7930}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{A74D1827-7E14-4980-846B-6561496A762A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{A893525F-66BF-4FFD-87EC-ABC93E1E7122}" = dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\wiselinkpro.exe |
"{A8CE5636-1115-4092-A133-6B7FCE441B5A}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{B9B25713-21F7-41F0-98AC-2661B0C6C6F9}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\http_ss_win_pro.exe |
"{BD63FFC7-CA57-479B-B2D4-C9BCBA7350D4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C416B0DB-8176-4FD1-AFDC-216E31721A7B}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n10e wireless router utilities\qiswizard.exe |
"{C7A18F89-3A96-4808-8045-88580B8E7F57}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\wiselinkpro.exe |
"{CC238CC5-3DF9-4FC1-81A4-07BC48B63D46}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{CCCA49D0-8FF6-4B93-B998-39A55ACA1181}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{CD648C32-C716-4DC2-92E5-B3787D47995C}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{CE94D443-8F2F-4D69-88F6-53D094A07202}" = dir=in | app=c:\program files (x86)\easybits for kids\ezdesktop.exe |
"{D950B269-A05C-4466-856B-B50E9BE1E6D7}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshareagent.exe |
"{DB82521D-380B-479A-8ED9-9B8FA0BF27E4}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DBA91DB9-2298-4EA1-AC37-9CF18A15F0BA}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{DF52BF6E-D72C-41F1-9D81-BE0030839640}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n10e wireless router utilities\rescue.exe |
"{E5C84E93-DFB5-490A-8753-CF6473A98BF6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E6202F44-52E6-4273-92E1-024599BBE066}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{EDA8AB51-44A1-4AF3-95B0-18953A18ED04}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\wiselinkpro.exe |
"{EF66BA44-18E7-45F4-919B-1618D71F02FB}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshare.exe |
"{F250F44B-4C2B-4556-BD91-F0234748C0F2}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{F33757AA-B75B-4E15-869D-0BBE675FF080}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n10e wireless router utilities\qiswizard.exe |
"{F4A00009-BAD7-44D7-945A-638B0F9B379B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FCD5E61E-C07E-447D-86E7-F39A1C1FF1F8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FDA32D6E-871F-4A73-A307-579AE9F023E9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FECC7146-B1F2-45DA-8524-073D1C3810DD}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{054EF02F-95D8-48F4-9EEB-2F9CE3072ED8}" = AuthenTec TrueAPI
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2100_series" = Canon MG2100 series MP Drivers
"{1730D13B-7517-4321-A88B-64627CF67CDC}_is1" = Logon Screen
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-0015-0405-1000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-1000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2010
"{90140000-0044-0405-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{91140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5 CSY Language Pack
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9CAB2212-0732-4827-8EC4-61D8EF0AA65B}" = HP Launch Box
"{A133E9CD-2879-4F30-87D4-1604AFD5C5CC}_is1" = Folder Colorizer version 1.1.0
"{A4F0DB87-3269-34FE-AFFE-4168FDFA4A22}" = Microsoft .NET Framework 4.5 CSY Language Pack
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9)
"CCleaner" = CCleaner
"DS Clock_is1" = DS Clock
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7)
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"SynTPDeinstKey" = Synaptics TouchPad Driver
"Tyre_is1" = Tyre
"WinRAR archiver" = WinRAR 4.20 (64-bit)
"ZonerPhotoStudio15_CZ_is1" = Zoner Photo Studio 15

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00476F3E-3C4D-4E02-B8BB-125350157EB9}" = Windows Live Mail
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{04A92BE5-E791-E374-01CB-B88CBFC1E8D1}" = PX Profile Update
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0906982B-A432-4C06-8F01-C01BE1143779}" = Nokia Connectivity Cable Driver
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{25F3EC6C-BB03-4CEB-B36C-E656A9DD149E}" = HP Documentation
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{31CEFF4E-B6D1-46A5-9169-7C67570E7FFA}" = HP SimplePass PE 2011
"{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3A9ECD64-DE00-4779-A89E-C878513B2B37}" = Windows Live Writer Resources
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{42B6C7E0-0DAE-488D-8DAF-838898102F19}" = Windows Live Writer
"{42D10994-A566-495D-A5E7-D0C6B5C6B35C}" = HP Product Detection
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{5036764A-435D-40C9-869C-31085A3D741D}" = HP Setup
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{580CA891-08DB-4B6F-B0C1-DF1D149671D7}" = ASUS RT-N10E Wireless Router Utilities
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D45EF03-E8EE-4355-81C3-F918CBCF1033}" = Nero 8
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{797DC296-ADC5-4A08-8CBC-AEB0D6F4B249}" = Windows Live Essentials
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7EDC2DCF-DF46-46B9-9FA6-07D287D040E3}" = HP Software Framework
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}" = Nokia PC Suite
"{872B1C80-38EC-4A31-A25C-980820593900}" = HP Power Manager
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8B52057C-15DB-433E-957C-E279BC7D07E3}" = HP QuickWeb
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B9B8EE4-2EDB-41C2-AF2E-63E75D37CDDF}" = HP On Screen Display
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A035950F-15BA-41C0-9D8F-165FC0536012}" = Movie Maker
"{A1F39F4E-808A-46EF-A7B7-FB5F151B6915}" = ASUS Wireless Router RT-N10E Manuals
"{A1FBD2B3-6768-472D-BA46-C00EACBCE16C}" = Fotogalerie
"{A5F041A4-812A-47C2-AD53-8893A81019FB}_is1" = Leawo Total Media Converter Ultimate version 5.2.0.1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{ABEF00D0-FCAE-4E47-8D4E-D4AE5FD72B15}" = HP Quick Launch
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.7) MUI
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AFE83615-88BE-47F6-B3E4-A3FEF8B7B57F}_is1" = xrecode II 1.0.0.194
"{BA77F9D2-CD35-41EB-9BC9-769879DFF8A6}" = PC Connectivity Solution
"{C01A86F5-56E7-101F-9BC9-E3F1025EB779}" = Intel(R) Identity Protection Technology 1.1.2.0
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CD046DF7-9A10-4C3F-B2A1-E5A02FFC0476}_is1" = SE-ScreenSavers 1.12.1.80
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{DBCD5E64-7379-4648-9444-8A6558DCB614}" = Recovery Manager
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E18F981B-401C-4D90-BC57-D8903564D558}" = Windows Live UX Platform Language Pack
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E96CAA2A-0244-4A2A-8403-0C3C9534778B}" = ESU for Microsoft Windows 7 SP1
"{EB91007A-0110-42A6-B869-2709955A9B2A}" = Photo Common
"{EC5F4C1B-F838-4CB7-8561-8F809296428B}" = TomTom HOME
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Display Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Audacity_is1" = Audacity 2.0.2
"Avidemux 2.5 (64-bit)" = Avidemux 2.5
"Canon MG2100 series On-screen Manual" = Canon MG2100 series On-screen Manual
"Canon MG3100 series On-screen Manual" = Canon MG3100 series On-screen Manual
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"Digital Clock - 7_is1" = Digital Clock-7 2.02
"DVDStyler_is1" = DVDStyler v2.3.4
"EasyBits Magic Desktop" = Magic Desktop
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"ffdshow_is1" = ffdshow v1.1.3892 [2011-06-20]
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 5.0.22.128
"Freeraser" = Freeraser
"Google Chrome" = Google Chrome
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"IObit Unlocker_is1" = IObit Unlocker
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 8.7.0 (Basic)
"LAME_is1" = LAME v3.99.3 (for Windows)
"MP Navigator EX 5.0" = Canon MP Navigator EX 5.0
"NIS" = Norton Internet Security
"Nokia PC Suite" = Nokia PC Suite
"NST" = Norton Identity Safe
"PhotoFiltre" = PhotoFiltre
"Popisovač CD/DVD 3.0_is1" = Popisovač CD/DVD 3.00
"Pošta a kancelář 3_is1" = Pošta a kancelář 3.7
"Registrace uživatele zařízení Canon MG2100 series" = Registrace uživatele zařízení Canon MG2100 series
"Revo Uninstaller" = Revo Uninstaller 1.94
"Seznam DVD 2011_is1" = Seznam DVD 2011
"szn-software-postak" = Seznam Pošťák 2 (Všichni uživatelé tohoto počítače.)
"The KMPlayer" = The KMPlayer (remove only)
"Tyre_is1" = Tyre
"VIP Access SDK" = VIP Access SDK (1.0.1.2)
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WinX DVD Ripper Platinum_is1" = WinX DVD Ripper Platinum 5.16
"WinX HD Video Converter Deluxe_is1" = WinX HD Video Converter Deluxe 3.10.0
"WTA-00769aef-26ca-4413-b85c-ff75f3eb5869" = Polar Golfer
"WTA-1168bf48-0e65-4547-b786-1e85c75eb346" = Cradle of Rome 2
"WTA-1439dce2-0717-4abb-a8e9-0f75c732a763" = Namco All-Stars: PAC-MAN
"WTA-144f6e00-87a2-492d-8743-6b577d39ff43" = Vacation Quest - The Hawaiian Islands
"WTA-1596514d-56cc-4e10-ba8d-ccd511d5cfb4" = Final Drive: Nitro
"WTA-3187c5a7-405e-4d91-8926-8d9e6ed88999" = Poker Superstars III
"WTA-4a0ac5b0-4d8d-4683-b831-a4a5b8204a4e" = Mah Jong Medley
"WTA-4ddc0f63-6cdc-4092-a781-1580601e5a91" = Farm Frenzy
"WTA-5e92e1e8-ed7c-432e-80fa-49ac11efb46f" = Polar Bowler
"WTA-63a54bc5-5fe6-4445-a29f-9af75b311773" = Plants vs. Zombies - Game of the Year
"WTA-6671b95c-d476-42ea-bd4a-b3893a33cf50" = Agatha Christie - Peril at End House
"WTA-6cc91021-f569-407d-a73c-ed34836520d2" = Jewel Quest: The Sleepless Star - Collector's Edition
"WTA-6fbfcb98-c4f2-4022-936e-9b1a586a751e" = FATE
"WTA-734250ee-77e5-4496-9cd4-fbe9313eab2b" = Blasterball 3
"WTA-73d98e40-90fa-4a47-8e7c-784169bf924b" = Zuma Deluxe
"WTA-78c299f7-abb7-42a2-af4d-381da4a45428" = Bejeweled 3
"WTA-83be4807-64e3-4068-89e1-5ce7094119aa" = Blackhawk Striker 2
"WTA-8b812b0d-d950-4ec3-8e1f-078cc97ba2c5" = Cake Mania
"WTA-99592206-386c-44cb-bf13-510dcfbfd9da" = Virtual Villagers 5 - New Believers
"WTA-b0a85320-73a0-48c6-8277-b858e85a8751" = Chuzzle Deluxe
"WTA-c9e22ec8-9021-49b3-b85f-0a522f9a918b" = Penguins!
"WTA-dea03f19-6ff2-454e-9c4f-ad814b493781" = Bounce Symphony
"WTA-ea7d7b10-02d8-46ab-b49c-4d67a9758e17" = Chronicles of Albian
"WTA-f03e8b03-2fed-4ee7-8c4a-2967027edb28" = Mystery of Mortlake Mansion
"WTA-f7c675c5-a95d-4d97-8754-ef724439c5ed" = Slingo Supreme
"WTA-f8839bfd-d3b5-435e-86f5-4c9fc7058d61" = Governor of Poker 2 Premium Edition

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4053761563-1308773097-1894922761-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 24.6.2013 4:50:11 | Computer Name = Monty-HP | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero8\Nero
Toolkit\DiscSpeed.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku
. Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která
je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 24.6.2013 4:50:12 | Computer Name = Monty-HP | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero8\Nero
PhotoSnap\PhotoSnap.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na
řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti,
která je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 24.6.2013 4:50:12 | Computer Name = Monty-HP | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero8\Nero
PhotoSnap\PhotoSnapViewer.exe se nezdařilo. Chyba v souboru manifestu nebo zásad
na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti,
která je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 24.6.2013 4:52:36 | Computer Name = Monty-HP | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 25.6.2013 14:15:48 | Computer Name = Monty-HP | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero8\Nero
PhotoSnap\PhotoSnapViewer.exe se nezdařilo. Chyba v souboru manifestu nebo zásad
na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti,
která je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 25.6.2013 14:15:48 | Computer Name = Monty-HP | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero8\Nero
PhotoSnap\PhotoSnap.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na
řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti,
která je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 28.6.2013 15:45:48 | Computer Name = Monty-HP | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero8\Nero
Toolkit\DiscSpeed.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku
. Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která
je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 28.6.2013 15:45:49 | Computer Name = Monty-HP | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero8\Nero
PhotoSnap\PhotoSnap.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na
řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti,
která je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 28.6.2013 15:45:50 | Computer Name = Monty-HP | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero8\Nero
PhotoSnap\PhotoSnapViewer.exe se nezdařilo. Chyba v souboru manifestu nebo zásad
na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti,
která je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 28.6.2013 15:48:27 | Computer Name = Monty-HP | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

[ Hewlett-Packard Events ]
Error - 16.1.2013 6:22:59 | Computer Name = Monty-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 16.1.2013 18:16:37 | Computer Name = Monty-HP | Source = HPSFMsgr.exe | ID = 4000
Description = HP Error ID: -2147221164 v System.RuntimeTypeHandle.CreateInstance(RuntimeType
type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle&
ctor, Boolean& bNeedSecurityCheck) v System.RuntimeType.CreateInstanceSlow(Boolean
publicOnly, Boolean fillCache) v System.RuntimeType.CreateInstanceImpl(Boolean
publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) v System.Activator.CreateInstance(Type
type, Boolean nonPublic) v HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed()
StackTrace:
v System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly,
Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck)

v System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache)

v System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks,
Boolean fillCache) v System.Activator.CreateInstance(Type type, Boolean nonPublic)

v HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed() Source: mscorlib

Name:
HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format: cs-CZ RAM: 4043 Ram
Utilization: TargetSite: System.Object CreateInstance(System.RuntimeType, Boolean,
Boolean, Boolean ByRef, System.RuntimeMethodHandle ByRef, Boolean ByRef)

Error - 8.4.2013 14:18:20 | Computer Name = Monty-HP | Source = HPSFMsgr.exe | ID = 4000
Description = HP Error ID: -2147221164 v System.RuntimeTypeHandle.CreateInstance(RuntimeType
type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle&
ctor, Boolean& bNeedSecurityCheck) v System.RuntimeType.CreateInstanceSlow(Boolean
publicOnly, Boolean fillCache) v System.RuntimeType.CreateInstanceImpl(Boolean
publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) v System.Activator.CreateInstance(Type
type, Boolean nonPublic) v HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed()
StackTrace:
v System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly,
Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck)

v System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache)

v System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks,
Boolean fillCache) v System.Activator.CreateInstance(Type type, Boolean nonPublic)

v HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed() Source: mscorlib

Name:
HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format: cs-CZ RAM: 4043 Ram
Utilization: 30 TargetSite: System.Object CreateInstance(System.RuntimeType, Boolean,
Boolean, Boolean ByRef, System.RuntimeMethodHandle ByRef, Boolean ByRef)

Error - 9.4.2013 1:20:21 | Computer Name = Monty-HP | Source = HPSFMsgr.exe | ID = 4000
Description = HP Error ID: -2147221164 v System.RuntimeTypeHandle.CreateInstance(RuntimeType
type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle&
ctor, Boolean& bNeedSecurityCheck) v System.RuntimeType.CreateInstanceSlow(Boolean
publicOnly, Boolean fillCache) v System.RuntimeType.CreateInstanceImpl(Boolean
publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) v System.Activator.CreateInstance(Type
type, Boolean nonPublic) v HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed()
StackTrace:
v System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly,
Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck)

v System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache)

v System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks,
Boolean fillCache) v System.Activator.CreateInstance(Type type, Boolean nonPublic)

v HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed() Source: mscorlib

Name:
HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format: cs-CZ RAM: 4043 Ram
Utilization: 30 TargetSite: System.Object CreateInstance(System.RuntimeType, Boolean,
Boolean, Boolean ByRef, System.RuntimeMethodHandle ByRef, Boolean ByRef)

[ Media Center Events ]
Error - 12.12.2012 14:33:42 | Computer Name = Monty-HP | Source = MCUpdate | ID = 0
Description = 19:33:42 - Chyba při připojování k Internetu 19:33:42 - Nelze kontaktovat
server..

Error - 12.12.2012 14:33:59 | Computer Name = Monty-HP | Source = MCUpdate | ID = 0
Description = 19:33:47 - Chyba při připojování k Internetu 19:33:47 - Nelze kontaktovat
server..

Error - 28.12.2012 5:08:59 | Computer Name = Monty-HP | Source = MCUpdate | ID = 0
Description = 10:08:51 - Chyba při připojování k Internetu 10:08:51 - Nelze kontaktovat
server..

Error - 10.1.2013 13:35:13 | Computer Name = Monty-HP | Source = MCUpdate | ID = 0
Description = 18:35:13 - Chyba při připojování k Internetu 18:35:13 - Nelze kontaktovat
server..

Error - 10.1.2013 13:35:31 | Computer Name = Monty-HP | Source = MCUpdate | ID = 0
Description = 18:35:18 - Chyba při připojování k Internetu 18:35:18 - Nelze kontaktovat
server..

[ System Events ]
Error - 29.3.2013 7:03:37 | Computer Name = Monty-HP | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR8.

Error - 29.3.2013 7:03:38 | Computer Name = Monty-HP | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR8.

Error - 29.3.2013 7:03:38 | Computer Name = Monty-HP | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error - 29.3.2013 15:18:40 | Computer Name = Monty-HP | Source = ipnathlp | ID = 31004
Description =

Error - 29.3.2013 15:18:42 | Computer Name = Monty-HP | Source = ipnathlp | ID = 31004
Description =

Error - 30.3.2013 1:09:31 | Computer Name = Monty-HP | Source = ipnathlp | ID = 31004
Description =

Error - 30.3.2013 1:09:33 | Computer Name = Monty-HP | Source = ipnathlp | ID = 31004
Description =

Error - 30.3.2013 1:09:40 | Computer Name = Monty-HP | Source = ipnathlp | ID = 31004
Description =

Error - 30.3.2013 13:09:31 | Computer Name = Monty-HP | Source = ipnathlp | ID = 31004
Description =

Error - 30.3.2013 18:01:00 | Computer Name = Monty-HP | Source = ipnathlp | ID = 31004
Description =


< End of report >
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu logu:Qvo6,delta-search

#15 Příspěvek od Márty84 »

:!: Vypnete antivir, at nebrani programu v praci!
:arrow: Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]

:services
AdobeARMservice
Nero BackItUp Scheduler 3
gupdate
SkypeUpdate
AdobeFlashPlayerUpdateSvc
GamesAppService
gupdatem
NMIndexingService

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\HPCeeScheduleForMonty.job

:otl
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1372929995
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_m ... 1372929995
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{2E2523CE-E607-481C-BB3D-A5F90EB09D8B}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.qvo6.com/web/?utm_source= ... ts=3473461
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1372929995
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_m ... 1372929995
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{2E2523CE-E607-481C-BB3D-A5F90EB09D8B}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
IE - HKU\S-1-5-21-4053761563-1308773097-1894922761-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1372929995
IE - HKU\S-1-5-21-4053761563-1308773097-1894922761-1000\..\SearchScopes,DefaultScope = {6390691C-739F-49C7-B946-1BDE44850E2A}
O4 - HKLM..\Run: [] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[2013.05.30 20:59:03 | 000,000,184 | ---- | M] () -- \Windows\AutoKMS.ini
@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Freeraser"=-
""=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AllShareAgent] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desk 365] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Iconoid] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate] /64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""=-
"Adobe ARM"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=-
"UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=-
Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“