Poprosím o kontrolu

Zpráva

luky3004 · #1 Příspěvek od **luky3004** » 11 črc 2013 08:50

Dobrý deň. Dnes ráno sa mi začal strašne prehrievať PC, nič nerobím, ale aktivita grafiky je na 90%... väčšinou bola nízka a zrazu je vysoká, tak dávam to na vírus a pre to si chcem dať skontrolovať PC:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Luky at 2013-07-11 09:49:23
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 54 GB (53%) free of 102 GB
Total RAM: 8154 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:49:25, on 11. 7. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16611)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
D:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
C:\Windows\inf\msogiau\msogiau.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Luky.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Pomocník pri prihlasovaní v konte Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NtVdmSrv] C:\Windows\inf\ntvdm.vbe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HTCMonitorService - Nero AG - D:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11585 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"D:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
adb fork-server server
C:\Windows\system32\viakaraokesrv.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2436
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe" Restart start ccc
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\inf\msogiau\msogiau.exe -o stratum+tcp://mint.bitminter.com:3333 -u trinkrapek_chuck01 -p pioneer123
\??\C:\Windows\system32\conhost.exe "-1761786142-117397281774175596-2719587483178118121278824460-2019782040-1493535301
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3180.0.426750883\1142831846" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,20 --gpu-vendor-id=0x1002 --gpu-device-id=0x68ba --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=9.12.0.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyPadding channel:stable/InstantExtended/Padding2 channel:stable/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_75/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3180.2.902081327\1748062038" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyPadding channel:stable/InstantExtended/Padding2 channel:stable/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_75/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3180.5.1483700326\1522674743" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3180.6.464956805\1277208990" --lang=sk --ignored=" --type=renderer " /prefetch:-632637702
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Luky\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore1ce7a8c21cac1dc.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14 6307960]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14 4531320]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-03-21 6330568]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-06-21 19875432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autodesk Sync]
C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2013-02-05 1081224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2013-06-28 2255184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2012-09-12 4272640]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2012-01-12 5028464]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-11-29 284440]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-01-05 291608]
"NBAgent"=C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [2011-09-20 1493288]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"NtVdmSrv"=C:\Windows\inf\ntvdm.vbe [2013-06-20 1219]
"LogMeIn Hamachi Ui"=D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2013-06-28 2255184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2013-07-11 09:49:23 ----D---- C:\rsit
2013-07-10 22:49:43 ----D---- C:\Users\Luky\AppData\Roaming\Hamachi
2013-07-10 19:37:42 ----D---- C:\Program Files (x86)\TeamViewer
2013-06-15 13:18:41 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-06-15 13:18:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-06-15 13:18:41 ----A---- C:\Windows\system32\urlmon.dll
2013-06-15 13:18:40 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-06-15 13:18:40 ----A---- C:\Windows\system32\ieui.dll
2013-06-15 13:18:40 ----A---- C:\Windows\system32\iertutil.dll
2013-06-15 13:18:39 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-06-15 13:18:39 ----A---- C:\Windows\system32\ieframe.dll
2013-06-15 13:18:38 ----A---- C:\Windows\system32\mshtml.dll
2013-06-15 13:18:36 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-06-12 21:41:25 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-06-12 21:41:25 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-06-12 21:41:25 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-06-12 21:41:25 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-06-12 21:41:25 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-06-12 21:41:25 ----A---- C:\Windows\system32\iesysprep.dll
2013-06-12 21:41:25 ----A---- C:\Windows\system32\iesetup.dll
2013-06-12 21:41:25 ----A---- C:\Windows\system32\iernonce.dll
2013-06-12 21:41:25 ----A---- C:\Windows\system32\ie4uinit.exe
2013-06-12 21:41:24 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-06-12 21:41:24 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-06-12 21:41:24 ----A---- C:\Windows\system32\msfeeds.dll
2013-06-12 21:41:24 ----A---- C:\Windows\system32\jscript.dll
2013-06-12 21:41:23 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-06-12 21:41:23 ----A---- C:\Windows\system32\jscript9.dll
2013-06-12 21:41:22 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-06-12 21:41:22 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-06-12 21:41:22 ----A---- C:\Windows\system32\jsproxy.dll
2013-06-12 21:41:21 ----A---- C:\Windows\system32\wininet.dll
2013-06-12 17:50:20 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-06-12 17:50:20 ----A---- C:\Windows\system32\win32spl.dll
2013-06-12 17:50:20 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-06-12 17:50:18 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2013-06-12 17:50:18 ----A---- C:\Windows\system32\cryptdlg.dll
2013-06-12 17:50:15 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-06-12 17:50:15 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-06-12 17:50:12 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-06-12 17:50:12 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-06-12 17:50:12 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-06-12 17:50:12 ----A---- C:\Windows\SYSWOW64\certutil.exe
2013-06-12 17:50:12 ----A---- C:\Windows\SYSWOW64\certenc.dll
2013-06-12 17:50:12 ----A---- C:\Windows\system32\cryptsvc.dll
2013-06-12 17:50:12 ----A---- C:\Windows\system32\cryptnet.dll
2013-06-12 17:50:12 ----A---- C:\Windows\system32\crypt32.dll
2013-06-12 17:50:12 ----A---- C:\Windows\system32\certutil.exe
2013-06-12 17:50:12 ----A---- C:\Windows\system32\certenc.dll
2013-06-12 17:50:08 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-06-12 17:50:08 ----A---- C:\Windows\system32\d3d11.dll

======List of files/folders modified in the last 1 month======

2013-07-11 09:49:25 ----D---- C:\Program Files\trend micro
2013-07-11 09:49:24 ----D---- C:\Windows\Temp
2013-07-11 09:48:43 ----D---- C:\Users\Luky\AppData\Roaming\Skype
2013-07-11 09:44:32 ----D---- C:\Windows\System32
2013-07-11 09:44:32 ----D---- C:\Windows\inf
2013-07-11 09:44:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-07-11 09:41:19 ----A---- C:\Windows\SYSWOW64\log.txt
2013-07-11 09:40:29 ----D---- C:\Windows\system32\config
2013-07-11 09:22:54 ----D---- C:\Users\Luky\AppData\Roaming\vlc
2013-07-11 08:40:14 ----D---- C:\Windows\SysWOW64
2013-07-11 08:39:35 ----D---- C:\Windows\Prefetch
2013-07-10 22:55:43 ----SHD---- C:\Windows\Installer
2013-07-10 22:55:38 ----D---- C:\Windows\system32\drivers
2013-07-10 22:55:33 ----SHD---- C:\System Volume Information
2013-07-10 22:42:38 ----D---- C:\Temp
2013-07-10 21:07:05 ----RD---- C:\Program Files (x86)\Skype
2013-07-10 21:07:05 ----D---- C:\ProgramData\Skype
2013-07-10 19:38:14 ----D---- C:\Users\Luky\AppData\Roaming\TeamViewer
2013-07-10 19:38:02 ----D---- C:\Windows\system32\Tasks
2013-07-10 19:37:47 ----RSD---- C:\Windows\Fonts
2013-07-10 19:37:42 ----RD---- C:\Program Files (x86)
2013-07-09 17:36:57 ----D---- C:\Users\Luky\AppData\Roaming\uTorrent
2013-07-09 08:31:31 ----D---- C:\Windows
2013-07-08 12:06:14 ----D---- C:\Windows\system32\catroot2
2013-07-07 19:38:39 ----D---- C:\Windows\system32\DriverStore
2013-07-07 19:38:39 ----D---- C:\Windows\system32\catroot
2013-07-06 23:02:32 ----D---- C:\Windows\Tasks
2013-07-04 11:33:44 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-27 19:45:37 ----D---- C:\Windows\rescache
2013-06-27 19:30:28 ----RSD---- C:\Windows\assembly
2013-06-27 19:30:28 ----D---- C:\Windows\Microsoft.NET
2013-06-27 14:06:40 ----D---- C:\Windows\winsxs
2013-06-27 14:06:09 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-06-15 18:59:13 ----D---- C:\Windows\debug
2013-06-15 18:54:26 ----D---- C:\Program Files\Internet Explorer
2013-06-15 18:54:26 ----D---- C:\Program Files (x86)\Internet Explorer
2013-06-13 19:37:29 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-06-13 19:37:29 ----D---- C:\Windows\SYSWOW64\en-US
2013-06-13 19:37:29 ----D---- C:\Windows\system32\sk-SK
2013-06-13 19:37:29 ----D---- C:\Windows\system32\en-US
2013-06-12 21:41:45 ----A---- C:\Windows\system32\MRT.exe
2013-06-12 18:56:14 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-02-14 58416]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-11-29 568600]
R0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-01-05 16152]
R0 NBVol;Nero Backup Volume Filter Driver; C:\Windows\system32\DRIVERS\NBVol.sys [2011-07-13 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver; C:\Windows\system32\DRIVERS\NBVolUp.sys [2011-07-13 15920]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2011-11-02 21616]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-02-09 283200]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-02-14 213416]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-01-10 150616]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-01-10 59440]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-01-10 190232]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-12-19 11278336]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-12-19 552960]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2012-01-06 59392]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2012-01-06 84608]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-01-05 355096]
R3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-01-05 786200]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-08-12 104560]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2012-01-10 2184816]
S3 ezplay;VSO Software ezplay; C:\Windows\System32\Drivers\ezplay.sys [2013-03-29 118400]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-09-12 57856]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-12-19 240640]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-03-21 1341664]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-06-28 2470736]
R2 HTCMonitorService;HTCMonitorService; D:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [2013-01-29 87368]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-29 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-08 607456]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2011-12-16 161560]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-12-16 277784]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-09-23 641832]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-05-14 3289208]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-07-08 4153184]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-12-16 363800]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2012-01-10 27760]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
S2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-12-13 12288]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-19 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-21 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12 256904]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-04-18 1471352]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-09-12 1512448]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-19 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-07-03 117144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-19 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#2 Příspěvek od **Mc_Murphy** » 11 črc 2013 08:57

Zdravím.

Ano, je to zavirované, gratuluji.

Po poslední zkušenosti s Tebou - ten ESET Smart Security asi nebude moc legální, co?!

luky3004 · #3 Příspěvek od **luky3004** » 11 črc 2013 08:59

Ale je legálny, zakúpený

#4 Příspěvek od **Mc_Murphy** » 11 črc 2013 10:33

Ty netrpělivé popoháněcí příspěvky jsem Ti umazal. Ještě jeden a skončíš tu. My jsme tu zdarma ve svém volném čase. Jestli někam pospícháš, zaplať si technika, který Ti to udělá okamžitě na počkání.

Následující soubory otestuj na stránkách VirusTotal.

C:\Windows\inf\msogiau\msogiau.exe
Klikni na [Choose File].
Soubor nehledej, jen vlož cestu souboru, který chci otestovat.
Klikni na [Scan it!].
Pokud na Tebe vyskočí obrazovka podobná té, co je níže, klikni na [Reanalyse]!
Výsledek analýzy mi sem vlož (jako odkaz).

Potom stáhni OTL z tohoto odkazu a ulož jej na Plochu.

Pokud používáš operační systém Windows Vista či Windows 7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
Zaškrtni okénko Pro všechny uživatele.
Zaškrtni okénko Kontrola na havěť "LOP".
Zaškrtni okénko Kontrola na havěť "Purity".
Stáři souborů změň z 30 dnů na 7 dnů!!
Do spodního okénka Vlastní skenování/opravy vlož tento script (pouze zelená písmenka v bílém poli!):

Kód: Vybrat vše

CREATERESTOREPOINT
netsvc
drivers32
savembr:0
/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
%userprofile%\Plocha\*.*
%userprofile%\Desktop\*.*
%ALLUSERSPROFILE%\Plocha\*.*
%ALLUSERSPROFILE%\Desktop\*.*
*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*AutoKMS* /s
*KMSEmulator* /s
*minodlogin* /s
*tnod* /s
*RemoveWAT* /s
*TemDono* /s
*activator* /s
*serial* /s
*w7lxe* /s
*AutoRearm* /s
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s
%SystemDrive%\PhysicalMBR.bin /md5

Klikni na tlačítko [Prohledat].
Po dokončení skenu se objeví logy OTL.txt a Extras.txt, oba mi sem vlož.
Logy se nevejdou do jednoho, rozděl je tedy do více příspěvků.

luky3004 · #5 Příspěvek od **luky3004** » 11 črc 2013 10:43

https://www.virustotal.com/cs/file/26c7 ... 373535709/

luky3004 · #6 Příspěvek od **luky3004** » 11 črc 2013 11:06

OTL Extras logfile created on: 11. 7. 2013 11:46:13 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Luky\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

7,96 Gb Total Physical Memory | 6,33 Gb Available Physical Memory | 79,50% Memory free
15,92 Gb Paging File | 14,08 Gb Available in Paging File | 88,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 99,90 Gb Total Space | 53,35 Gb Free Space | 53,40% Space Free | Partition Type: NTFS
Drive D: | 365,76 Gb Total Space | 224,81 Gb Free Space | 61,46% Space Free | Partition Type: NTFS

Computer Name: LUKY-PC | User Name: Luky | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.hlp [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1555986410-628754144-322215014-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03EDDEE8-D85D-401F-803D-78C86898AF21}" = rport=137 | protocol=17 | dir=out | app=system |
"{20C4720B-84C1-46D0-985F-9580EA5D4ECD}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{455C248A-0BEC-44D9-B2C3-5C1024E069D1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{4E156863-A454-4C88-AA3D-6732EB19A888}" = rport=138 | protocol=17 | dir=out | app=system |
"{7BD69AC7-2541-4FEF-9F25-B088D9C8C204}" = rport=445 | protocol=6 | dir=out | app=system |
"{80D4915C-293B-4DCE-87A4-B7A7F736E3C5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B1FE704F-9FE8-4A88-BDF5-BDEE7466B436}" = lport=138 | protocol=17 | dir=in | app=system |
"{C2640739-3EDD-4E69-9617-315718CDB07D}" = lport=50248 | protocol=6 | dir=in | name=autodesk content service |
"{CD1FFBC7-3AC4-4CFA-8C68-A5A27CFBB9F8}" = rport=139 | protocol=6 | dir=out | app=system |
"{CD311AC3-5053-4CD4-8B22-7B003D5B7BCC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D248BA81-D298-4FD4-BDEE-85B41653D732}" = lport=445 | protocol=6 | dir=in | app=system |
"{DE49667E-5C8F-4C2F-84A0-71A91853D401}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{EA5D25CB-56A1-41B0-96B9-E48B195D911B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F1EB0CBE-D403-4EF3-8E24-4862E7E1B943}" = lport=137 | protocol=17 | dir=in | app=system |
"{F3BF86B2-AAAF-478E-A6D1-EFE58855A8BE}" = lport=139 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{046DB352-517D-4BBF-9F0C-232F4DE6B4BB}" = protocol=58 | dir=in | app=system |
"{07822741-16C4-4DBC-A518-D2C728627122}" = protocol=6 | dir=in | app=d:\instalacky\utorrent\utorrent.exe |
"{0924486F-F130-488C-87F3-AD2A44726360}" = dir=in | app=d:\program files (x86)\vso\blindwrite\7\ezplay.exe |
"{14A20717-BFD5-446D-91B3-6C2B0A8FD6FF}" = dir=in | app=d:\program files\lavalys\everest ultimate edition\everest.exe |
"{1A7DA586-BB54-420E-B7FB-AE4914A1470C}" = dir=in | app=d:\program files (x86)\autodesk\autocad architecture 2012\acad.exe |
"{2E99BCB8-EE4A-45D6-8DD5-3138AB9756DF}" = dir=in | app=d:\program files (x86)\htc\htc sync manager\htcsyncmanager.exe |
"{30D09536-086A-4A51-88B8-1C46CF56FA1E}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{431C77AA-F182-4224-AB32-B634A6EB8C44}" = dir=in | app=d:\program files (x86)\vso\blindwrite\7\bb.exe |
"{48288B82-BE65-4AD3-B0B8-5D98D362D98A}" = dir=in | app=d:\program files (x86)\vso\blindwrite\7\pcsetup.exe |
"{4831EB16-9C40-428E-861D-2455F265C64F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{4FB7ADDD-CE71-4216-B150-C708B78DD604}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5413AAAA-DEE0-4F72-A17E-57462DF0630B}" = dir=in | app=d:\program files (x86)\vso\blindwrite\7\bw.exe |
"{55E79069-506D-4DC4-9777-69727B76E3F0}" = protocol=6 | dir=in | app=d:\program files (x86)\konami\pro evolution soccer 2013\pes2013.exe |
"{57DB1359-1387-43CA-B9A9-41BEBDCEA105}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{580AEA01-7EFC-41B5-B07C-8EFB6259A910}" = protocol=17 | dir=in | app=d:\program files (x86)\ea sports\fifa 13\game\fifa13.exe |
"{5E9FB1DB-7752-4359-99E3-AE0F5F6B6C74}" = protocol=6 | dir=in | app=d:\program files (x86)\ea sports\fifa 13\game\fifa13.exe |
"{672304FC-A40A-4E01-A75F-EAB9533415C0}" = protocol=6 | dir=in | app=d:\program files\electronic arts\need for speed(tm) hot pursuit\launcher.exe |
"{679E05F9-1CD5-466A-897F-DA240AB94D91}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{81658D18-62AB-4595-BD09-B6582D83984F}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{830361C7-745F-452B-AAE6-14DC0C4F34AD}" = dir=in | app=d:\program files (x86)\autodesk\autocad 2014\acad.exe |
"{8FBCF9F0-A4CA-4876-A46C-B30FDC4DA55D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{905CB3E7-7D8C-4DF1-B4EB-966AE1E1E4DA}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{959A3A20-4F99-49A4-901F-9501B1BD9994}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{976A35D3-A19C-494A-89F2-941850E305A5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A3979F0F-5273-4D2D-9BBB-71D028EB9B1C}" = dir=in | app=d:\program files\focus home interactive\cities xl 2012\citiesxl_2012.exe |
"{A4C59E1F-6731-4A00-9149-37CDAACA566F}" = protocol=17 | dir=in | app=d:\program files\electronic arts\need for speed(tm) hot pursuit\launcher.exe |
"{B54CD095-889D-4DED-915F-7619D868BA1A}" = protocol=17 | dir=in | app=d:\instalacky\utorrent\utorrent.exe |
"{BCBA8122-AC39-4BED-BAC3-E7C4D164FED7}" = dir=out | app=d:\program files (x86)\euro truck simulator 2\bin\win_x86\eurotrucks2.exe |
"{D402F178-CC56-45EC-BABE-C8929DE1DF65}" = dir=in | app=c:\users\luky\appdata\local\microsoft\skydrive\skydrive.exe |
"{D7A99EF6-3C7B-4B64-BA61-5BCEF6B23B43}" = protocol=6 | dir=in | app=d:\program files\konami\pro evolution soccer 2013\pes2013.exe |
"{DC6520C3-D347-487D-ACF8-3263054E08DE}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{E28EC196-B22C-4EDD-852C-E8F5BA1BCCF4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E6BE1A5F-227D-4965-AD68-4C70DDA60F91}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E8419A12-76A5-496A-8A77-0CABFE99C3F0}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{E84746EB-2FEF-48AE-8DCA-7D6C0A9FAEDE}" = dir=in | app=d:\program files (x86)\euro truck simulator 2\bin\win_x86\eurotrucks2.exe |
"{F09359D6-1BD3-4A94-9CD5-6D9AFB4FE1B7}" = protocol=17 | dir=in | app=d:\program files (x86)\konami\pro evolution soccer 2013\pes2013.exe |
"{FC4121F1-8656-4750-A35F-CA8C1AAF8EEA}" = dir=in | app=d:\program files (x86)\htc\htc sync manager\htcsyncmanager.exe |
"{FFDD53AE-1ABA-4318-9F5A-D925B45BADCA}" = protocol=17 | dir=in | app=d:\program files\konami\pro evolution soccer 2013\pes2013.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0407893F-352C-B182-E04A-A8C3333DA29B}" = AMD Drag and Drop Transcoding
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{31ABA3F2-0000-1033-0102-111D43815377}" = Autodesk ReCap
"{31ABA3F2-0010-1033-0102-111D43815377}" = Autodesk ReCap Language Pack-English
"{4975DE61-6BF6-B9BC-1FDE-C04C5EC78E4C}" = AMD Media Foundation Decoders
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}" = Autodesk 360
"{5783F2D7-A004-0409-0102-0060B0CE6BBA}" = AutoCAD Architecture 2012 - English
"{5783F2D7-A004-0409-1102-0060B0CE6BBA}" = AutoCAD Architecture 2012 Language Pack - English
"{5783F2D7-D001-0000-0102-0060B0CE6BBA}" = AutoCAD 2014 - English
"{5783F2D7-D001-0405-1102-0060B0CE6BBA}" = AutoCAD 2014 Language Pack – Čeština (Czech)
"{5783F2D7-D001-0405-2102-0060B0CE6BBA}" = AutoCAD 2014 – Čeština (Czech)
"{5783F2D7-D001-0409-1102-0060B0CE6BBA}" = AutoCAD 2014 Language Pack - English
"{5783F2D7-D001-0409-2102-0060B0CE6BBA}" = AutoCAD 2014 - English
"{5E03A267-415E-5383-FA8F-3CE4145663B9}" = AMD Catalyst Install Manager
"{5F611ADA-B98C-4DBB-ADDE-414F08457ECF}" = Windows Live Family Safety
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6199B534-A1B6-46ED-873B-97B0ECF8F81E}" = Intel® Trusted Connect Service Client
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89EE4A30-080F-2C95-6F78-C98D18FBD74D}" = AMD Accelerated Video Transcoding
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-041B-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovak) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9CF11D16-ECEB-90A5-A028-CA9E068D848B}" = ccc-utility64
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D600D357-5CB9-4DE9-8FD4-14E208BD1970}" = Nero Backup Drivers
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F0235BC5-889C-442D-B831-7F894E5C9AD1}" = ESET Smart Security
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"{FFF5619F-6669-4EC5-A85E-9994F70A9E5D}" = Autodesk Inventor Fusion 2012
"{FFF7F80F-929E-497F-A112-B070DE816128}" = Autodesk Inventor Fusion 2012 Language Pack
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Windows Driver Package - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
"AutoCAD 2014 - English" = Autodesk AutoCAD 2014 - English
"AutoCAD 2014 Language Pack – Čeština (Czech)" = Autodesk AutoCAD 2014 Language Pack – Čeština (Czech)
"AutoCAD Architecture 2012 - English" = AutoCAD Architecture 2012 - English
"AutoCAD Architecture 2012 - English SP 1" = AutoCAD Architecture 2012 - English SP 1
"Autodesk Inventor Fusion 2012" = Autodesk Inventor Fusion 2012
"Autodesk ReCap" = Autodesk ReCap
"European Bus Simulator 2012_is1" = European Bus Simulator 2012
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{017F8447-2A1D-0DDB-B5D7-CA2BFACE2886}" = CCC Help French
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{054E9A1C-3EA2-C657-E787-FD8DCF5C3D3B}" = CCC Help Czech
"{0713D1F9-DD77-42C1-8C7D-54D479E2E743}" = Nero SoundTrax 11
"{08208143-777D-4A06-BB54-71BF0AD1BB70}" = IPTInstaller
"{0ACC2993-2058-4BE7-9A92-9DCDAA9B3412}" = LogMeIn Hamachi
"{0D7A4289-99CF-4B8D-B812-86BE50A54552}" = Nero Video 11
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{14CCAED2-5140-44F3-991D-DA9AC7C9A3AB}_is1" = AntikVirtualSTB 10.1.7
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1DE2BD51-0300-772D-5E18-F337D95D5687}" = CCC Help German
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{224E8FEB-5C1F-077F-6FC5-602AC1AE644D}" = CCC Help Danish
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{254F7574-53A7-43D1-BC4D-B1E894AEE175}" = Windows Live Writer
"{275E9C49-C72F-D754-DEB7-77F10A9C00D8}" = CCC Help Japanese
"{2CA7225D-CB12-462A-9DD1-50319E158BA5}" = Nero 11 PiP Effects Basic
"{30049739-BE95-6591-B504-E6D7057D49CC}" = CCC Help Spanish
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{390757AA-8830-43DC-AEE0-4E5B6F8439EB}" = Nero SoundTrax 11 Help (CHM)
"{3B418709-D688-4E3A-BE0E-7D71FA84C948}" = Nero 11 PiP Effects 1
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.1102.1
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EFA2DDC-D374-4A3B-B81C-ADF9A21DE88C}" = Watchtower Library 2012 - v slovenčine
"{3F1EB155-F96E-EB7B-2EF2-7375490E0FA9}" = CCC Help English
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{4382FC76-8100-4951-8658-31834E625E88}" = Nero 11 Video Transitions 1
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4B023D7B-9E67-795D-FB31-B5E1F6DCA451}" = CCC Help Italian
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4CEEE5D0-F905-4688-B9F9-ECC710507796}" = HTC Driver Installer
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
"{5002C5B1-B688-474A-AB3A-9B65DBD38FF9}" = HTC Sync Manager
"{50849B2C-097E-47A5-A076-6F11A939E093}" = Windows Live Mail
"{51BF3210-B825-4092-8E0D-66D689916E02}" = Autodesk Material Library Base Resolution Image Library 2014
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{55C2143E-FBA5-442F-9AFA-726FF068F39D}" = Nero CoverDesigner 11 Help (CHM)
"{55F6C486-8C75-2A72-DAFE-CE78A624C9F7}" = CCC Help Russian
"{56232E3D-7EA9-45E0-A371-26CD80510AF7}" = Windows Live UX Platform Language Pack
"{57F80ECF-E27C-4EEE-AB58-E971BACE2639}" = Nero Recode 11 Help (CHM)
"{5A212B2D-140D-46F4-B625-2D1CA5A00594}" = Nero 11 Kwik Themes Basic
"{5AF23993-7152-1620-E43F-1B4542FB4F84}" = CCC Help Thai
"{5E98FDD6-3672-4DBE-AB8B-2C9A0BED1382}" = Nero 11 Disc Menus 3
"{62F029AB-85F2-0000-866A-9FC0DD99DDBC}" = Autodesk Content Service
"{62F029AB-85F2-0001-866A-9FC0DD99DDBC}" = Autodesk Content Service Language Pack
"{63326924-3CAF-C858-3A8F-8598C87019D7}" = Catalyst Control Center
"{63822E89-11AA-F8EC-D433-F72A85799EC0}" = CCC Help Greek
"{644E9589-F73A-49A4-AC61-A953B9DE5669}" = SketchUp Import for AutoCAD 2014
"{644F4910-E812-49AD-93EC-86828CB81A0D}" = PC Connectivity Solution
"{644F9B19-A462-499C-BF4D-300ABC2A28B1}" = Autodesk Material Library 2014
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65420DC9-306E-4371-905F-F4DC3B418E52}" = Autodesk Material Library Base Resolution Image Library 2012
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66361420-4905-AEB8-17AE-172FDD164A7E}" = CCC Help Polish
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}" = Nero BackItUp 11 Help (CHM)
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7211F448-F865-4D37-B905-24D84E6C3E5E}" = Windows Live Writer Resources
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{769F2A4B-84A3-9486-ADD2-9E5AB4B4E1E3}" = Catalyst Control Center InstallProxy
"{7DF2B5EE-2C16-4E86-9C71-8678068AD805}" = Nero 11 Disc Menus 2
"{7E35AD35-5FE0-4DB5-80C5-13353CEEDC56}_is1" = XviD MPEG-4 Video Codec rev.1.3.0
"{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}" = Nero WaveEditor 11
"{8146445E-B14D-4CBA-AB9A-728CF166DAC9}" = Windows Live Messenger
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit
"{8502F597-4852-48BB-99E5-824AC4C057F0}" = Windows Live Family Safety
"{8773DD1C-5FB2-95B5-5A93-0EFEAC900A4D}" = CCC Help Norwegian
"{8A470330-70B2-49AD-86AF-79885EF9898A}" = FARO LS 1.1.501.0 (64bit)
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8CCBB0BF-9CC1-1A65-BB93-56012A460EE6}" = CCC Help Portuguese
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}" = Autodesk Material Library 2012
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_HOMESTUDENTR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_HOMESTUDENTR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_HOMESTUDENTR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_HOMESTUDENTR_{0AD4BB83-13B4-4C9D-9BAC-7F64E0B2D5D7}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-041B-1000-0000000FF1CE}_HOMESTUDENTR_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_HOMESTUDENTR_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-041B-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2007
"{90120000-00A1-041B-0000-0000000FF1CE}_HOMESTUDENTR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9093B0D5-EA59-4C9E-A2E3-CC130138DFCD}" = Fotogaléria
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AE850A4-B89D-4875-A159-B1B64D717EFB}" = OMSI - Der Omnibussimulator
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9EDF46F0-2D4E-4C00-B2B6-0660666E9F60}" = Movie Maker
"{9FC86590-AC98-4845-80D4-3EB37B51947B}" = Nero 11
"{A0A3CE05-96CB-52E9-434E-074F3BB7807E}" = CCC Help Turkish
"{A0F34849-D9AB-46DD-B1BE-BB0DB60B1FE8}" = Nero 11 Disc Menus 1
"{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}" = FIFA 13
"{A2CDC001-F8B3-4C64-9E74-2E3FA0FAC9D9}" = Nero 11 Video Samples
"{A4F6BE36-4826-45BA-A396-04F265A3B61D}" = Nero 11 Kwik Themes 2
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9C64319-932F-D02B-B14C-FFFC3EC49E77}" = CCC Help Chinese Standard
"{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}" = Nero BackItUp 11
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Czech
"{ACD6B383-EC5B-4000-A455-CCB308B447FE}" = Nero 11 Kwik Themes 4
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B160A672-F326-4414-9BB0-A056C61B357C}" = Nero 11 Cliparts
"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11
"{B1F69AF3-B5B5-4CA5-ADC5-8A738EB6E574}" = Nero 11 Kwik Themes 1
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM)
"{BA499CC0-12C0-4BA5-9007-76844B721158}" = Nero 11 Kwik Themes 3
"{BE814218-3919-4EA3-868A-2F60BC135CB4}" = Nero Kwik Media
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{C070121A-C8C5-4D52-9A7D-D240631BD433}" = Autodesk App Manager
"{C09DB932-7619-7B56-30E3-C0454811D6D7}" = CCC Help Korean
"{C22A4697-BD77-ACB1-744F-1FD0A0BFF798}" = CCC Help Swedish
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C4D82144-B2D5-4A0E-A470-16F13EBC5BCB}" = Windows Live Essentials
"{C67BC332-A59A-4D40-977F-664F60AB21D8}" = Photo Common
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CCE210DF-7EEF-4A76-A63C-3EB091FDB992}" = welcome
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}" = Nero Express 11 Help (CHM)
"{D4B457B2-260F-C561-CA87-703BD3B724CA}" = Catalyst Control Center Graphics Previews Common
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{D6CDB506-297D-AE70-0EF6-DE5185F961BE}" = CCC Help Chinese Traditional
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E10AAE4A-98B8-420A-BD93-E0520C23D624}" = Nero Express 11
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}" = Nero 11 Effects Basic
"{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}" = Nero WaveEditor 11 Help (CHM)
"{ECFD508E-68A2-91B2-46DD-1D03D783D94B}" = Catalyst Control Center Localization All
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EDE361D5-35A5-DA7D-3462-C3DABD24029B}" = CCC Help Hungarian
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F1E7DD6A-AE2D-D706-BEB3-937F76CA6AE9}" = CCC Help Finnish
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F2B5A2A7-2DF9-4361-8BD5-362714528B51}" = NHL® 09
"{F3743A2C-5D5F-4456-8F98-5DF36A954C50}" = Nero 11 Image Samples
"{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}" = Nero 11 Disc Menus Basic
"{F56F54DD-BCB2-1221-2CB7-E983A5CF9D15}" = CCC Help Dutch
"{F69FB940-5031-4FE8-AFAD-085802D0BF63}" = Nero Recode 11
"{F732FEDA-7713-4428-934B-EF83B8DD65D0}" = Autodesk Featured Apps
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FA9FBAB9-BDE2-49D8-A9F5-F520D20DD53B}" = Pravidlá cestnej premávky
"{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}" = Nero Video 11 Help (CHM)
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FF351DFF-5C83-4D1B-B4FE-838D6E8ACF45}_is1" = LocoMania
"{FF44BCE5-5A18-4051-85F0-BC172D7B4695}" = Nero CoverDesigner 11
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Autodesk Content Service" = Autodesk Content Service
"Fraps" = Fraps (remove only)
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mozilla Firefox 22.0 (x86 sk)" = Mozilla Firefox 22.0 (x86 sk)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OpenAL" = OpenAL
"TeamViewer 8" = TeamViewer 8
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.5
"WinLiveSuite" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1555986410-628754144-322215014-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SkyDriveSetup.exe" = Microsoft SkyDrive
"Slovnaft Extraliga Patch 11" = Slovnaft Extraliga Patch 11
"Slovnaft Extraliga Patch 11 - Mantinely, Aréna, Časomiera" = Slovnaft Extraliga Patch 11 - Mantinely, Aréna, Časomiera

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11. 7. 2013 3:44:32 | Computer Name = Luky-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 11. 7. 2013 3:44:32 | Computer Name = Luky-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 11. 7. 2013 3:56:03 | Computer Name = Luky-PC | Source = Autodesk Content Service | ID = 0
Description = Service cannot be started. Connect.Exceptions.IndexingServiceException:
IndexingServiceErrCodes:129:UnexpectedDatabase at Connect.MetaStore.MetaStorage.Initialize()

at Connect.IVault.IVault.OnStart(String[] args) at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object
state)

Error - 11. 7. 2013 3:56:59 | Computer Name = Luky-PC | Source = WinMgmt | ID = 10
Description =

Error - 11. 7. 2013 4:00:45 | Computer Name = Luky-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 11. 7. 2013 4:00:45 | Computer Name = Luky-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 11. 7. 2013 5:38:46 | Computer Name = Luky-PC | Source = Autodesk Content Service | ID = 0
Description = Service cannot be started. Connect.Exceptions.IndexingServiceException:
IndexingServiceErrCodes:129:UnexpectedDatabase at Connect.MetaStore.MetaStorage.Initialize()

at Connect.IVault.IVault.OnStart(String[] args) at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object
state)

Error - 11. 7. 2013 5:40:28 | Computer Name = Luky-PC | Source = WinMgmt | ID = 10
Description =

Error - 11. 7. 2013 5:43:34 | Computer Name = Luky-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 11. 7. 2013 5:43:34 | Computer Name = Luky-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

[ System Events ]
Error - 7. 4. 2013 15:27:07 | Computer Name = Luky-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 21:24:13 on ?7. ?4. ?2013 was unexpected.

Error - 13. 4. 2013 16:20:17 | Computer Name = Luky-PC | Source = Service Control Manager | ID = 7030
Description = Služba ServiceLayer je označená ako interaktívna služba. Systém je
však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne
nebude pracovať správne.

Error - 20. 4. 2013 14:30:54 | Computer Name = Luky-PC | Source = bowser | ID = 8003
Description =

Error - 20. 4. 2013 14:40:41 | Computer Name = Luky-PC | Source = bowser | ID = 8003
Description =

Error - 20. 4. 2013 14:43:02 | Computer Name = Luky-PC | Source = bowser | ID = 8003
Description =

Error - 21. 4. 2013 3:30:44 | Computer Name = Luky-PC | Source = Service Control Manager | ID = 7009
Description = Počas čakania na pripojenie služby Autodesk Content Service bol dosiahnutý
časový limit (30000 ms).

Error - 21. 4. 2013 3:30:44 | Computer Name = Luky-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Autodesk Content Service zlyhalo kvôli nasledujúcej
chybe: %%1053

Error - 22. 4. 2013 15:24:28 | Computer Name = Luky-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR3.

Error - 24. 4. 2013 3:56:11 | Computer Name = Luky-PC | Source = Service Control Manager | ID = 7031
Description = Služba Microsoft .NET Framework NGEN v4.0.30319_X64 sa neočakávane
ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 120000 ms bude vykonaná
nasledujúca opravná akcia: Reštartovať službu.

Error - 27. 4. 2013 11:28:29 | Computer Name = Luky-PC | Source = bowser | ID = 8003
Description =

< End of report >

luky3004 · #7 Příspěvek od **luky3004** » 11 črc 2013 11:09

Ten prvý súbor mal 93800 znakov, čiže nezmestil sa mi sem, prepáčte, dal som ten súbor "OTL.txt" na webovú stránku leteckaposta.cz.

Kód: Vybrat vše

http://leteckaposta.cz/548688837

#8 Příspěvek od **Mc_Murphy** » 11 črc 2013 12:45

Mc_Murphy píše:
Logy se nevejdou do jednoho, rozděl je tedy do více příspěvků.

luky3004 · #9 Příspěvek od **luky3004** » 11 črc 2013 12:49

OTL logfile created on: 11. 7. 2013 11:46:13 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Luky\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

7,96 Gb Total Physical Memory | 6,33 Gb Available Physical Memory | 79,50% Memory free
15,92 Gb Paging File | 14,08 Gb Available in Paging File | 88,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 99,90 Gb Total Space | 53,35 Gb Free Space | 53,40% Space Free | Partition Type: NTFS
Drive D: | 365,76 Gb Total Space | 224,81 Gb Free Space | 61,46% Space Free | Partition Type: NTFS

Computer Name: LUKY-PC | User Name: Luky | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013/07/11 11:43:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Luky\Desktop\OTL.exe
PRC - [2013/07/08 13:09:10 | 004,153,184 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013/07/03 07:10:29 | 000,846,288 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/06/28 14:02:06 | 002,255,184 | ---- | M] (LogMeIn Inc.) -- D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2013/06/07 13:45:00 | 000,568,334 | --S- | M] () -- C:\Windows\inf\msogiau\msogiau.exe
PRC - [2013/05/17 12:23:42 | 000,169,312 | ---- | M] () -- D:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
PRC - [2013/05/14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/03/21 15:19:46 | 001,341,664 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2013/01/29 21:05:44 | 000,087,368 | ---- | M] (Nero AG) -- D:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
PRC - [2012/12/07 18:27:50 | 000,167,424 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2012/01/05 13:59:50 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2011/12/16 13:30:40 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011/12/16 13:30:38 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011/12/16 12:02:56 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2011/11/29 21:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/11/29 21:04:54 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/09/23 18:37:42 | 000,641,832 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe

========== Modules (No Company Name) ==========

MOD - [2013/07/03 07:10:26 | 000,396,240 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\ppgooglenaclpluginchrome.dll
MOD - [2013/07/03 07:10:23 | 004,052,944 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\pdf.dll
MOD - [2013/07/03 07:09:27 | 000,601,552 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\libglesv2.dll
MOD - [2013/07/03 07:09:26 | 000,123,344 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\libegl.dll
MOD - [2013/07/03 07:09:23 | 001,597,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\ffmpegsumo.dll
MOD - [2013/06/27 15:11:05 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b6eb138c3c9be780acb767c1bef572c1\System.Runtime.Remoting.ni.dll
MOD - [2013/06/14 15:00:47 | 013,140,872 | ---- | M] () -- C:\Users\Luky\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.225\pepflashplayer.dll
MOD - [2013/06/07 13:45:00 | 000,568,334 | --S- | M] () -- C:\Windows\inf\msogiau\msogiau.exe
MOD - [2013/06/07 13:45:00 | 000,279,955 | --S- | M] () -- C:\Windows\inf\msogiau\libidn-11.dll
MOD - [2013/06/07 13:45:00 | 000,084,992 | --S- | M] () -- C:\Windows\inf\msogiau\zlib1.dll
MOD - [2013/05/17 12:23:42 | 000,169,312 | ---- | M] () -- D:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
MOD - [2013/05/16 14:22:41 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll
MOD - [2013/05/16 14:22:26 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll
MOD - [2013/05/16 14:22:23 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll
MOD - [2013/04/16 17:22:20 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\389a1832a3da11e1b409cd6ae60cb9fa\IAStorCommon.ni.dll
MOD - [2013/04/16 17:22:18 | 000,487,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\7ffdaee3a54ffd1a5e3b008a5bde5ecf\IAStorUtil.ni.dll
MOD - [2013/04/16 17:22:12 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/04/16 17:21:51 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/04/16 17:21:48 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/04/16 17:21:43 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013/04/18 15:52:07 | 001,471,352 | ---- | M] (Flexera Software LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2013/03/21 15:19:46 | 001,341,664 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2012/12/19 21:56:00 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/01/10 16:09:50 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV:64bit: - [2011/12/08 17:38:24 | 000,607,456 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2010/04/06 17:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/07/08 13:09:10 | 004,153,184 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013/07/03 21:41:03 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/06/28 14:02:04 | 002,470,736 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2013/06/21 09:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/06/12 18:56:14 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/01/29 21:05:44 | 000,087,368 | ---- | M] (Nero AG) [Auto | Running] -- D:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe -- (HTCMonitorService)
SRV - [2012/12/13 17:37:26 | 000,012,288 | ---- | M] (Autodesk, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2012/12/07 18:27:50 | 000,167,424 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2012/06/11 11:33:26 | 000,724,376 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011/12/16 13:30:40 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/12/16 13:30:38 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011/12/16 12:02:56 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2011/11/29 21:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/09/23 18:37:42 | 000,641,832 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/03/29 17:34:28 | 000,118,400 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ezplay.sys -- (ezplay)
DRV:64bit: - [2013/02/14 13:21:06 | 000,058,416 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2013/02/14 13:21:04 | 000,213,416 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2013/02/09 20:26:42 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013/01/10 10:25:22 | 000,190,232 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2013/01/10 10:25:22 | 000,059,440 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2013/01/10 10:25:20 | 000,150,616 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2012/12/19 22:48:48 | 011,278,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/12/19 21:32:54 | 000,552,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/11/06 13:11:52 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/09/12 16:20:04 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/08/23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/17 19:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/11 11:33:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/10 16:09:44 | 002,184,816 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2012/01/09 17:28:20 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2012/01/06 10:59:48 | 000,084,608 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2012/01/06 10:59:48 | 000,059,392 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2012/01/05 13:58:48 | 000,786,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/01/05 13:58:48 | 000,355,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/01/05 13:58:48 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2011/11/29 20:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/11/02 11:48:26 | 000,021,616 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2011/08/12 00:54:16 | 000,104,560 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2011/07/13 13:59:54 | 000,072,240 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVol.sys -- (NBVol)
DRV:64bit: - [2011/07/13 13:59:54 | 000,015,920 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVolUp.sys -- (NBVolUp)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/06/25 17:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2009/11/02 12:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1555986410-628754144-322215014-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-1555986410-628754144-322215014-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-1555986410-628754144-322215014-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.sk/?ocid=iehp
IE - HKU\S-1-5-21-1555986410-628754144-322215014-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sk-SK
IE - HKU\S-1-5-21-1555986410-628754144-322215014-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7D 4E EF 89 FD 22 CE 01 [binary data]
IE - HKU\S-1-5-21-1555986410-628754144-322215014-1000\..\SearchScopes,DefaultScope = {19451C74-C9F6-4411-8CD3-8BFA85A19EA0}
IE - HKU\S-1-5-21-1555986410-628754144-322215014-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
IE - HKU\S-1-5-21-1555986410-628754144-322215014-1000\..\SearchScopes\{19451C74-C9F6-4411-8CD3-8BFA85A19EA0}: "URL" = http://www.bing.com/search?q={searchTer ... R1&pc=SPLH
IE - HKU\S-1-5-21-1555986410-628754144-322215014-1000\..\SearchScopes\{243C8358-1860-42b0-BB2A-E458C1738AEA}: "URL" = http://www.google.com/cse?cx=partner-pu ... earchTerms}
IE - HKU\S-1-5-21-1555986410-628754144-322215014-1000\..\SearchScopes\{F8EE310B-9AE9-4e0a-A292-94D3F0383DC9}: "URL" = http://search.yahoo.com/search?p={searc ... ype=IEBDSV
IE - HKU\S-1-5-21-1555986410-628754144-322215014-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD [2013/05/13 15:12:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: D:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: D:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: D:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013/05/13 15:12:27 | 000,000,000 | ---D | M]

[2013/01/05 13:40:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Luky\AppData\Roaming\mozilla\Extensions
[2013/02/17 20:22:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Luky\AppData\Roaming\mozilla\Firefox\Profiles\5mckt0zj.default\extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.sk/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - Extension: Disk Google = C:\Users\Luky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: H\u013Eada\u0165 v Google = C:\Users\Luky\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Skype Click to Call = C:\Users\Luky\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0\
CHR - Extension: Gmail = C:\Users\Luky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/02/17 13:49:24 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [NtVdmSrv] C:\Windows\inf\ntvdm.vbe ()
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\.DEFAULT..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4 - HKU\S-1-5-18..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\S-1-5-21-1555986410-628754144-322215014-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O7 - HKU\S-1-5-21-1555986410-628754144-322215014-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AE69A79E-4BF2-4EF6-8FFE-3BD9632AE944}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{210648c9-49e3-11e2-9f16-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{210648c9-49e3-11e2-9f16-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Run.exe
O33 - MountPoints2\{426f3206-49f3-11e2-9a8c-902b34108d08}\Shell - "" = AutoRun
O33 - MountPoints2\{426f3206-49f3-11e2-9a8c-902b34108d08}\Shell\AutoRun\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{426f3206-49f3-11e2-9a8c-902b34108d08}\Shell\configure\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{426f3206-49f3-11e2-9a8c-902b34108d08}\Shell\install\command - "" = F:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013/07/11 11:43:17 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Luky\Desktop\OTL.exe
[2013/07/11 09:49:23 | 000,000,000 | ---D | C] -- C:\rsit
[2013/07/10 22:55:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2013/07/10 22:49:43 | 000,000,000 | ---D | C] -- C:\Users\Luky\AppData\Roaming\Hamachi
[2013/07/10 19:37:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2013/03/29 17:34:28 | 000,118,400 | ---- | C] (VSO Software) -- C:\Users\Luky\AppData\Roaming\ezplay.sys
[2013/03/29 17:34:28 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Luky\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 7 Days ==========

[2013/07/11 11:47:34 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013/07/11 11:46:08 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/11 11:46:08 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/11 11:43:35 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/07/11 11:43:35 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/07/11 11:43:34 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/07/11 11:43:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Luky\Desktop\OTL.exe
[2013/07/11 11:38:51 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1ce7a8c21cac1dc.job
[2013/07/11 11:38:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/07/11 11:38:33 | 2117,562,367 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/11 10:07:00 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/11 09:56:05 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/07/11 09:53:11 | 000,007,966 | ---- | M] () -- C:\Users\Luky\Documents\cc_20130711_095308.reg
[2013/07/11 08:40:14 | 000,789,096 | ---- | M] () -- C:\Windows\SysWow64\phatk121016Juniperv2w128l4.bin
[2013/07/11 08:40:03 | 000,000,000 | ---- | M] () -- C:\Users\Luky\regbcm
[2013/07/11 08:38:24 | 000,386,688 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/07/10 19:37:46 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013/07/08 21:55:40 | 000,002,828 | ---- | M] () -- C:\Users\Luky\AppData\Local\config.dat

========== Files Created - No Company Name ==========

[2013/07/11 11:47:34 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013/07/11 09:53:10 | 000,007,966 | ---- | C] () -- C:\Users\Luky\Documents\cc_20130711_095308.reg
[2013/07/11 08:40:14 | 000,789,096 | ---- | C] () -- C:\Windows\SysWow64\phatk121016Juniperv2w128l4.bin
[2013/07/11 08:40:03 | 000,000,000 | ---- | C] () -- C:\Users\Luky\regbcm
[2013/07/10 19:37:46 | 000,001,174 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
[2013/07/10 19:37:46 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013/07/06 23:02:32 | 000,000,932 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1ce7a8c21cac1dc.job
[2013/05/12 15:04:10 | 000,000,017 | ---- | C] () -- C:\Users\Luky\AppData\Local\resmon.resmoncfg
[2013/04/17 21:22:57 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2013/04/14 21:25:39 | 000,764,302 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/03/29 17:34:28 | 000,099,384 | ---- | C] () -- C:\Users\Luky\AppData\Roaming\inst.exe
[2013/03/29 17:34:28 | 000,007,859 | ---- | C] () -- C:\Users\Luky\AppData\Roaming\pcouffin.cat
[2013/03/29 17:34:28 | 000,007,833 | ---- | C] () -- C:\Users\Luky\AppData\Roaming\ezplay.cat
[2013/03/29 17:34:28 | 000,001,167 | ---- | C] () -- C:\Users\Luky\AppData\Roaming\pcouffin.inf
[2013/03/29 17:34:28 | 000,001,127 | ---- | C] () -- C:\Users\Luky\AppData\Roaming\ezplay.inf
[2013/03/29 17:34:28 | 000,000,125 | ---- | C] () -- C:\Users\Luky\AppData\Roaming\ezplay.ini
[2013/03/19 22:44:14 | 000,887,296 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013/03/19 22:44:14 | 000,198,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012/12/23 16:10:56 | 000,168,373 | ---- | C] () -- C:\Users\Luky\AppData\Local\SRDownloader.err
[2012/12/22 18:14:45 | 000,001,584 | ---- | C] () -- C:\Users\Luky\AppData\Local\SRDownloader.nast
[2012/12/19 19:18:51 | 000,002,828 | ---- | C] () -- C:\Users\Luky\AppData\Local\config.dat
[2012/12/19 16:28:40 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/12/19 15:59:16 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2012/09/28 03:29:54 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/09/28 03:29:54 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/05/02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011/12/08 17:14:58 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011/09/13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

========== ZeroAccess Check ==========

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/04/18 21:39:10 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\Autodesk
[2012/12/19 21:27:20 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\DAEMON Tools Pro
[2012/12/19 18:03:28 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\ESET
[2012/12/31 15:45:46 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\GHISLER
[2012/12/19 19:27:29 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\HD Tune Pro
[2013/05/29 20:37:28 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\HTC
[2013/05/29 20:37:25 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\HTC Sync
[2012/12/24 18:16:52 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\Jeyo
[2012/12/19 22:41:50 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\Leadertech
[2012/12/21 17:13:29 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\Milestone
[2012/12/24 17:13:59 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\Nokia
[2012/12/24 17:13:58 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\PC Suite
[2012/12/27 12:51:50 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\Splashtop
[2013/01/25 23:04:33 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\SuperEZ Wave Editor
[2013/07/10 19:38:14 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\TeamViewer
[2013/07/09 17:36:57 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\uTorrent
[2013/03/30 10:38:20 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\Vso
[2012/12/19 22:35:42 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\Watchtower
[2013/04/03 18:19:29 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\Windows Live Writer

luky3004 · #10 Příspěvek od **luky3004** » 11 črc 2013 12:49

========== Purity Check ==========

========== Custom Scans ==========

< netsvc >
[2009/07/14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 07:08:49 | 000,032,512 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013/02/18 16:52:47 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013/06/03 12:04:40 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013/07/06 23:02:32 | 000,000,932 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce7a8c21cac1dc.job

< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010/11/21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010/11/21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010/11/21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010/11/21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2010/11/21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012/10/03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013/05/08 08:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2010/11/21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012/08/22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012/03/30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2013/05/08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\SysNative\drivers\tcpip.sys
[2013/05/08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2012/03/30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013/01/03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013/01/04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012/10/03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2012/08/22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< %systemroot%*.* /U /s >
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[11 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[4 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013/03/16 17:34:48 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\Adobe
[2013/05/29 20:37:22 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\Apple Computer
[2012/12/19 16:29:02 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\ATI
[2013/04/18 21:39:10 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\Autodesk
[2012/12/19 21:27:20 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\DAEMON Tools Pro
[2013/04/26 11:56:07 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\dvdcss
[2012/12/19 18:03:28 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\ESET
[2012/12/31 15:45:46 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\GHISLER
[2013/07/10 22:52:18 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\Hamachi
[2012/12/19 19:27:29 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\HD Tune Pro
[2013/05/29 20:37:28 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\HTC
[2013/05/29 20:37:25 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\HTC Sync
[2012/12/19 15:56:44 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\Identities
[2012/12/19 16:00:45 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\InstallShield
[2012/12/19 16:09:28 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\Intel Corporation
[2012/12/24 18:16:52 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\Jeyo
[2012/12/19 22:41:50 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\Leadertech
[2012/12/23 22:49:02 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\Macromedia
[2011/04/12 15:40:51 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\Media Center Programs
[2013/05/24 20:03:26 | 000,000,000 | --SD | M] -- C:\Users\Luky\AppData\Roaming\Microsoft
[2012/12/21 17:13:29 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\Milestone
[2013/01/05 13:40:01 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\Mozilla
[2012/12/31 16:56:16 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\Nero
[2012/12/24 17:13:59 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\Nokia
[2012/12/24 17:13:58 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\PC Suite
[2013/07/11 11:39:57 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\Skype
[2012/12/27 12:51:50 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\Splashtop
[2013/01/25 23:04:33 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\SuperEZ Wave Editor
[2013/07/10 19:38:14 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\TeamViewer
[2013/07/09 17:36:57 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\uTorrent
[2013/07/11 09:22:54 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\vlc
[2013/03/30 10:38:20 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\Vso
[2012/12/19 22:35:42 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\Watchtower
[2013/04/03 18:19:29 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\Windows Live Writer
[2012/12/19 19:27:09 | 000,000,000 | ---D | M] -- C:\Users\Luky\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2013/03/30 10:38:20 | 000,099,384 | ---- | M] () -- C:\Users\Luky\AppData\Roaming\inst.exe
[2013/04/18 15:54:19 | 000,026,622 | R--- | M] () -- C:\Users\Luky\AppData\Roaming\Microsoft\Installer\{644E9589-F73A-49A4-AC61-A953B9DE5669}\ARPPRODUCTICON.EXE
[2013/04/18 15:54:54 | 000,026,622 | R--- | M] () -- C:\Users\Luky\AppData\Roaming\Microsoft\Installer\{C070121A-C8C5-4D52-9A7D-D240631BD433}\ARPPRODUCTICON.EXE
[2013/04/18 15:54:55 | 000,026,622 | R--- | M] () -- C:\Users\Luky\AppData\Roaming\Microsoft\Installer\{F732FEDA-7713-4428-934B-EF83B8DD65D0}\ARPPRODUCTICON.EXE

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2013/07/11 11:56:00 | 000,000,830 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013/07/11 11:38:51 | 000,000,932 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce7a8c21cac1dc.job
[2013/07/11 10:07:00 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013/07/11 11:41:05 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt
[2013/07/11 08:40:14 | 000,789,096 | ---- | M] () -- C:\Windows\system32\phatk121016Juniperv2w128l4.bin

< %SYSTEMDRIVE%\*.exe >

< %userprofile%\Plocha\*.* >

< %userprofile%\Desktop\*.* >
[2013/02/28 22:32:49 | 000,000,716 | ---- | M] () -- C:\Users\Luky\Desktop\CCleaner.lnk
[2013/05/16 14:20:06 | 000,000,282 | -HS- | M] () -- C:\Users\Luky\Desktop\desktop.ini
[2013/01/14 08:00:34 | 000,002,255 | ---- | M] () -- C:\Users\Luky\Desktop\Google Chrome.lnk
[2013/06/24 19:54:56 | 000,287,333 | ---- | M] () -- C:\Users\Luky\Desktop\NHL - PlayOff.xlsx
[2013/07/11 11:43:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Luky\Desktop\OTL.exe
[2012/12/19 16:18:24 | 000,000,363 | ---- | M] () -- C:\Users\Luky\Desktop\Počítač.lnk
[2013/02/28 21:05:25 | 000,000,740 | ---- | M] () -- C:\Users\Luky\Desktop\Total Commander 64 bit.lnk
[2013/03/02 10:39:30 | 000,000,987 | ---- | M] () -- C:\Users\Luky\Desktop\Watchtower Library 2012 - v slovenčine.lnk

< %ALLUSERSPROFILE%\Plocha\*.* >

< %ALLUSERSPROFILE%\Desktop\*.* >

< *crack* /s >
[2001/08/14 14:31:08 | 000,030,054 | ---- | M] () -- \ProgramData\Autodesk\Inventor Fusion 2012\Design Data\surfaces\Cracks.bmp
[2001/08/14 14:31:08 | 000,030,054 | ---- | M] () -- \Users\All Users\Autodesk\Inventor Fusion 2012\Design Data\surfaces\Cracks.bmp

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2010/06/23 13:08:48 | 000,034,500 | ---- | M] () -- \ProgramData\Autodesk\Inventor Fusion 2012\Design Data\Loader2.ani
[2011/09/20 15:43:32 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2012/12/04 18:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012/12/04 18:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012/12/04 18:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2010/06/23 13:08:48 | 000,034,500 | ---- | M] () -- \Users\All Users\Autodesk\Inventor Fusion 2012\Design Data\Loader2.ani
[2011/09/20 15:43:32 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2012/12/04 18:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012/12/04 18:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012/12/04 18:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2013/04/06 22:19:58 | 000,168,373 | ---- | M] () -- \Users\Luky\AppData\Local\SRDownloader.err
[2013/04/06 22:20:05 | 000,001,584 | ---- | M] () -- \Users\Luky\AppData\Local\SRDownloader.nast
[2012/12/19 21:39:08 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2011/02/03 23:43:34 | 000,177,376 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\7D2F3875400A9040102000060BECB6AB\6.7.49\RDF_COMP_AcAutoLoader.arx
[2011/02/19 05:55:26 | 000,027,016 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\7D2F3875400A9040102000060BECB6AB\6.7.49\RDF_COMP_AecLoader.arx.8909A8D4_60AC_4F11_A304_FE07
[2011/02/19 05:55:22 | 000,069,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\7D2F3875400A9040102000060BECB6AB\6.7.49\RDF_COMP_AecsXBaseLoader.dll.C3393392_FDC5_4492_A82
[2011/02/19 05:55:40 | 000,069,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\7D2F3875400A9040102000060BECB6AB\6.7.49\RDF_COMP_AecsXStyleGenLoader.dll.C3393392_FDC5_4492
[2011/02/19 05:55:34 | 000,070,024 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\7D2F3875400A9040102000060BECB6AB\6.7.49\RDF_COMP_AecXArchBaseLoader.dll.C3393392_FDC5_4492_
[2011/02/19 05:55:22 | 000,069,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\7D2F3875400A9040102000060BECB6AB\6.7.49\RDF_COMP_AecXArchDACHBaseLoader.dll.C3393392_FDC5_4
[2011/02/19 05:55:50 | 000,069,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\7D2F3875400A9040102000060BECB6AB\6.7.49\RDF_COMP_AecXBaseLoader.dll.D056253A_3F5D_4025_A381
[2011/02/19 05:55:36 | 000,069,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\7D2F3875400A9040102000060BECB6AB\6.7.49\RDF_COMP_AecXDcContentLoader.dll.C3393392_FDC5_4492
[2011/02/19 05:55:26 | 000,069,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\7D2F3875400A9040102000060BECB6AB\6.7.49\RDF_COMP_AecXDisplayPropsDataLoader.dll.D056253A_3F
[2011/02/19 05:55:40 | 000,069,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\7D2F3875400A9040102000060BECB6AB\6.7.49\RDF_COMP_AecXDtlLoader.dll.D056253A_3F5D_4025_A381_
[2011/02/19 05:55:42 | 000,066,952 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\7D2F3875400A9040102000060BECB6AB\6.7.49\RDF_COMP_AecXDynPropsLoader.dll.D056253A_3F5D_4025_
[2011/02/19 05:55:22 | 000,069,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\7D2F3875400A9040102000060BECB6AB\6.7.49\RDF_COMP_AecXExtendedDataLoader.dll.D056253A_3F5D_4
[2011/02/19 05:55:48 | 000,069,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\7D2F3875400A9040102000060BECB6AB\6.7.49\RDF_COMP_AecXGuiArchLoader.dll.C3393392_FDC5_4492_A
[2011/02/19 05:55:24 | 000,069,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\7D2F3875400A9040102000060BECB6AB\6.7.49\RDF_COMP_AecXGuiBaseLoader.dll.D056253A_3F5D_4025_A
[2011/02/19 05:55:22 | 000,069,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\7D2F3875400A9040102000060BECB6AB\6.7.49\RDF_COMP_AecXGuiMunichLoader.dll.C3393392_FDC5_4492
[2011/02/19 05:56:04 | 000,069,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\7D2F3875400A9040102000060BECB6AB\6.7.49\RDF_COMP_AecXGuiScheduleDataLoader.dll.C3393392_FDC
[2011/02/19 05:55:22 | 000,069,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\7D2F3875400A9040102000060BECB6AB\6.7.49\RDF_COMP_AecXGuiStructureLoader.dll.C3393392_FDC5_4
[2011/02/19 05:55:46 | 000,069,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\7D2F3875400A9040102000060BECB6AB\6.7.49\RDF_COMP_AecXGuiUtilitiesLoader.dll.C3393392_FDC5_4
[2011/02/19 05:55:38 | 000,069,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\7D2F3875400A9040102000060BECB6AB\6.7.49\RDF_COMP_AecXProjectLoader.dll.C3393392_FDC5_4492_A
[2011/02/19 05:55:18 | 000,069,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\7D2F3875400A9040102000060BECB6AB\6.7.49\RDF_COMP_AecXScheduleLoader.dll.C3393392_FDC5_4492_
[2011/02/19 05:55:20 | 000,069,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\7D2F3875400A9040102000060BECB6AB\6.7.49\RDF_COMP_AecXToolClassLoader.dll.D056253A_3F5D_4025
[2011/02/19 05:55:40 | 000,069,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\7D2F3875400A9040102000060BECB6AB\6.7.49\RDF_COMP_AecXUIArchBaseLoader.dll.C3393392_FDC5_449
[2011/02/19 05:55:50 | 000,069,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\7D2F3875400A9040102000060BECB6AB\6.7.49\RDF_COMP_AecXUIBaseLoader.dll.D056253A_3F5D_4025_A3
[2012/11/30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012/11/30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009/07/14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 19:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/04/12 15:30:21 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2011/04/12 15:30:21 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2011/04/12 15:30:21 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2011/04/12 15:30:21 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2011/04/12 15:30:21 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2012/12/19 16:43:07 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012/12/19 16:43:07 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2012/12/19 16:43:07 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2012/12/19 16:43:07 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2012/12/19 16:43:07 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009/07/14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011/04/12 15:29:23 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2010/11/21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011/02/05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/02/05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009/07/14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll

< *AutoKMS* /s >

< *KMSEmulator* /s >

< *minodlogin* /s >

< *tnod* /s >
[2011/01/24 03:35:26 | 000,011,718 | ---- | M] () -- \Users\Luky\AppData\Roaming\Autodesk\ACA 2012\enu\Properties\Autodesk.Aec.DatabaseServices.AnchorEntityToLayoutNode.xml
[2011/01/24 03:35:26 | 000,001,764 | ---- | M] () -- \Users\Luky\AppData\Roaming\Autodesk\ACA 2012\enu\Properties\Autodesk.Aec.DatabaseServices.LayoutNode.xml

< *RemoveWAT* /s >

< *TemDono* /s >

< *activator* /s >

< *serial* /s >
[2011/09/12 10:26:02 | 000,247,080 | R--- | M] () -- \Program Files (x86)\Common Files\Nero\BDCore\boost_serialization-mt.dll
[2011/09/12 10:26:02 | 000,166,696 | R--- | M] () -- \Program Files (x86)\Common Files\Nero\BDCore\boost_wserialization-mt.dll
[2013/01/24 21:09:36 | 000,434,264 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20125.0\System.Runtime.Serialization.dll
[2013/03/14 16:45:31 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20125.0\System.Runtime.Serialization.ni.dll
[2011/09/23 13:22:58 | 000,589,608 | ---- | M] () -- \Program Files (x86)\Nero\KM\SerialHelper.exe
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2008/07/31 20:41:44 | 000,002,502 | ---- | M] () -- \Program Files\Common Files\Autodesk Shared\AdLM\R4\en-US\Webdepot\RTSerialNumberHelp.html
[2011/09/14 17:12:52 | 000,002,594 | ---- | M] () -- \Program Files\Common Files\Autodesk Shared\AdLM\R7\cs-CZ\Webdepot\RTSerialNumberHelp.html
[2011/09/14 17:12:52 | 000,002,594 | ---- | M] () -- \Program Files\Common Files\Autodesk Shared\AdLM\R7\en-US\Webdepot\RTSerialNumberHelp.html
[2013/01/24 23:32:40 | 000,434,264 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20125.0\System.Runtime.Serialization.dll
[2013/03/14 16:45:56 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20125.0\System.Runtime.Serialization.ni.dll
[2012/10/05 12:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2013/06/19 22:28:49 | 000,003,608 | ---- | M] () -- \Users\Luky\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.serialzone.cz_0.localstorage-journal
[2009/06/10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/04/16 17:23:01 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll
[2013/04/16 17:22:11 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\eb4fa29ea9ab56d453b36696edbe6423\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/04/16 17:51:13 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\32072ac29ee7bc9e2ccab4fb8aa46d54\System.Runtime.Serialization.ni.dll
[2013/04/16 17:41:20 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\8e03b29f6562f1b7ce14fa3337d9cee2\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/05/16 18:24:01 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\2609614ca03927f7a99418c74844059b\System.Runtime.Serialization.ni.dll
[2013/04/16 17:25:03 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\77abf1693d291d374b58ffbbfe36d4dd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/04/16 17:39:50 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\058c3947c450591cb81643529cfd5ca7\System.Xml.Serialization.ni.dll
[2013/05/17 13:54:23 | 003,412,992 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\b2b920fd7211cb0a65ebdaf5385e1f0e\System.Runtime.Serialization.ni.dll
[2013/04/17 21:39:04 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\c79d7323e38d906c09917fe1d40b2ad7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/04/17 21:41:38 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\7711bba76f0bf9a22deaa8bb2e09bb16\System.Xml.Serialization.ni.dll
[2013/06/27 14:05:04 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013/06/27 14:05:03 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/06/27 14:05:06 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009/06/10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012/10/05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010/03/18 14:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010/03/18 14:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011/04/06 17:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2009/06/10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012/10/05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010/03/18 14:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010/03/18 14:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011/04/06 17:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2009/07/14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009/07/14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009/06/10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2011/04/12 15:29:55 | 000,005,120 | ---- | M] () -- \Windows\System32\sk-SK\serialui.dll.mui
[2009/07/14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2011/04/12 15:29:55 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\sk-SK\serialui.dll.mui
[2011/04/12 15:29:54 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_d5f23af62a751552\serialui.dll.mui
[2009/07/14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2011/04/12 15:30:00 | 000,010,240 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_64015f894ce7c72a\serial.sys.mui
[2009/07/14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009/06/10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010/11/21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012/10/05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012/10/05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2010/11/21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012/10/05 12:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012/10/05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2012/12/19 16:43:07 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2012/12/19 16:43:07 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2011/04/12 15:30:21 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_d5f23af62a751552_serialui.dll.mui_7d29d2a3
[2009/07/14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2011/04/12 15:30:21 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c_serialui.dll.mui_7d29d2a3
[2009/07/14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009/07/14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011/02/05 19:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011/02/05 15:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009/07/14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010/11/21 05:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012/10/05 20:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012/10/05 20:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2010/11/21 05:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012/10/05 20:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012/10/05 20:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2010/11/21 05:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012/10/05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012/10/05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2011/04/12 15:29:30 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2012/10/05 20:09:41 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_en-us_8f4bb639bfcd9db1.manifest
[2012/10/05 19:57:17 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_en-us_787a117bd97892a9.manifest
[2010/11/21 05:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012/10/05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012/10/05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2010/11/21 05:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012/10/05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012/10/05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009/06/10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012/10/05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012/10/05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2010/11/21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012/10/05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2011/04/12 15:29:55 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c\serialui.dll.mui
[2009/07/14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2010/11/21 05:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012/10/05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

< *AutoRearm* /s >

< HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s >
"HDAudDeck" = C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r -- [2012/01/12 15:22:08 | 005,028,464 | R--- | M] (VIA)
"IAStorIcon" = C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe -- [2011/11/29 21:04:54 | 000,284,440 | ---- | M] (Intel Corporation)
"USB3MON" = "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" -- [2012/01/05 13:59:50 | 000,291,608 | R--- | M] (Intel Corporation)
"NBAgent" = "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart -- [2011/09/20 14:53:16 | 001,493,288 | ---- | M] (Nero AG)
"Adobe ARM" = "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" -- [2013/04/04 23:06:36 | 000,958,576 | ---- | M] (Adobe Systems Incorporated)
"NtVdmSrv" = C:\Windows\inf\ntvdm.vbe -- [2013/06/20 14:49:20 | 000,001,219 | --S- | M] ()
"LogMeIn Hamachi Ui" = "D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start -- [2013/06/28 14:02:06 | 002,255,184 | ---- | M] (LogMeIn Inc.)

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2013/06/21 09:58:32 | 019,875,432 | R--- | M] (Skype Technologies S.A.)

< HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s >
"HDAudDeck" = C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r -- [2012/01/12 15:22:08 | 005,028,464 | R--- | M] (VIA)
"IAStorIcon" = C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe -- [2011/11/29 21:04:54 | 000,284,440 | ---- | M] (Intel Corporation)
"USB3MON" = "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" -- [2012/01/05 13:59:50 | 000,291,608 | R--- | M] (Intel Corporation)
"NBAgent" = "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart -- [2011/09/20 14:53:16 | 001,493,288 | ---- | M] (Nero AG)
"Adobe ARM" = "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" -- [2013/04/04 23:06:36 | 000,958,576 | ---- | M] (Adobe Systems Incorporated)
"NtVdmSrv" = C:\Windows\inf\ntvdm.vbe -- [2013/06/20 14:49:20 | 000,001,219 | --S- | M] ()
"LogMeIn Hamachi Ui" = "D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start -- [2013/06/28 14:02:06 | 002,255,184 | ---- | M] (LogMeIn Inc.)

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013/07/11 11:47:34 | 000,000,512 | ---- | M] () MD5=CA9CDD8469C5F52BE1B9C7DBEF6FDB21 -- C:\PhysicalMBR.bin

========== Alternate Data Streams ==========

@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT

< End of report >

#11 Příspěvek od **Mc_Murphy** » 11 črc 2013 15:15

Stáhni a nainstaluj Malwarebytes' Anti-Malware (zkráceně MBAM) podle návodu z tohoto topicu.

Proveď aktualizaci virové databáze.
V záložce Kontrolor zvol Úplná kontrola a zaškrtni všechny pevné disky, které máš na počítači.
Předem nic nemaž!!
MBAM mívá občas falešné detekce, proto vlož jeho log do příspěvku a počkej na posouzení!

luky3004 · #12 Příspěvek od **luky3004** » 11 črc 2013 16:17

Malwarebytes Anti-Malware (Skúšobná verzia) 1.75.0.1300
www.malwarebytes.org

Verzia databázy: v2013.07.11.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
Luky :: LUKY-PC [administrátor]

Ochrana: Zapnuté

11. 7. 2013 16:37:11
MBAM-log-2013-07-11 (17-16-37).txt

Typ kontroly: Úplná kontrola (C:\|D:\|)
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 447936
Uplynutý čas: 38 min, 1 sek

Detegované služby pamäte: 1
C:\Windows\inf\msogiau\msogiau.exe (BitcoinMiner) -> 3184 -> Žiadna úloha nevykonaná.

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)

Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 0
(Škodlivé položky neboli zistené)

Detegované súbory: 4
C:\Windows\inf\msogiau\msogiau.exe (BitcoinMiner) -> Žiadna úloha nevykonaná.
D:\Instalacky\AutoCAD 2013\AutoCAD 2013 x64 Multi7\Crack\xf-autocad-kg_x32.exe (RiskWare.Tool.CK) -> Žiadna úloha nevykonaná.
D:\Instalacky\AutoCAD 2013\AutoCAD 2013 x64 Multi7\Crack\xf-autocad-kg_x64.exe (RiskWare.Tool.CK) -> Žiadna úloha nevykonaná.
D:\Program Files (x86)\Autodesk\AutoCAD Architecture 2012\xf-adesk2012x64.exe (Trojan.Agent.ck) -> Žiadna úloha nevykonaná.

(koniec)

luky3004 · #13 Příspěvek od **luky3004** » 11 črc 2013 20:59

Chcem ešte k riešeniu problému povedať, možno to pomôže, že msogiau.exe som našiel ako proces v správcoch úloh a keď som ho vypol (nie vymazal, lebo to ste mi zakázali zatiaľ), tak mi grafika funguje normálne. Dúfam, že ma nevyhodíte za to, len proste som vynaliezavý a tak som na to prišiel.

#14 Příspěvek od **Mc_Murphy** » 12 črc 2013 08:59

Nikdo Tě za to vyhazovat nebude. Jen svými kroky mezi postupy Rádce budeš dělat zmatek a chaos.
Navíc jsi v tomto případě udělal úplně zbytečnou vynalézavou věc, protože o procesu vím a smazal bych ho sám.

P.S.
Mno, zas až tak moc vynalézavý nejsi, když jsem si ten proces dal od Tebe proklepnout na VirusTotal a sám jsi viděl, že je nakažený, že jo?!

Nehledě na to, vynálezče, že pokud jsi proces pouze vypnul, nic jsi vlastně neudělal, protože po restartu by běžel znova.
A v neposlední řadě, proces jako takový může být navázaný na nějakou službu (service), která může daný soubor i po vypnutí a vymazání klidně vrátit zpět - z vlastní zálohy nebo stáhnout z internetu. Odvirovat počítač neznamená vždy jen najít jeden infikovaný soubor a ten pak smáznout.
Takže ne, opravdu jsi nic velkolepého nepředvedl.

Všechny nálezy MBAMu dej smazat a pak MBAM zase odinstaluj, už jej nebudeme potřebovat.

Až to provedeš, stáhni Junkware Removal Tool - http://thisisudax.org/downloads/JRT.exe

Ulož jej nejlépe na Plochu.
Po spuštění se zobrazí licenční podmínky, stiskni libovolnou klávesu.
Proběhne vytvoření zálohy a následně prohledávání.
Proběhne scanováni a pak se objeví log, který bude případně uložen v C:\JRT jako JRT.txt, ten mi sem vlož.

luky3004 · #15 Příspěvek od **luky3004** » 12 črc 2013 11:07

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.0.7 (07.11.2013:1)
OS: Windows 7 Home Premium x64
Ran by Luky on pi 12. 07. 2013 at 12:01:40,07
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\tbcommonutils.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\tbhelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{01221fcc-4bfb-461c-b08c-f6d2df309921}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Users\Luky\AppData\Roaming\splashtop"
Successfully deleted: [Folder] "C:\Users\Luky\appdata\locallow\toolbar4"

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on pi 12. 07. 2013 at 12:05:53,73
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

VIRY.CZ

Poprosím o kontrolu

Poprosím o kontrolu

Re: Poprosím o kontrolu

Re: Poprosím o kontrolu

Re: Poprosím o kontrolu

Re: Poprosím o kontrolu

Re: Poprosím o kontrolu

Re: Poprosím o kontrolu

Re: Poprosím o kontrolu

Re: Poprosím o kontrolu

Re: Poprosím o kontrolu

Re: Poprosím o kontrolu

Re: Poprosím o kontrolu

Re: Poprosím o kontrolu

Re: Poprosím o kontrolu

Re: Poprosím o kontrolu