Zdravím, prosím o preventivní kontrolu pc
Logfile of random's system information tool 1.09 (written by random/random)
Run by roverider at 2013-07-12 18:23:31
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 6 GB (9%) free of 64 GB
Total RAM: 3984 MB (17% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:23:42, on 12.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal
Running processes:
C:\Users\roverider\AppData\Local\Akamai\netsession_win.exe
C:\Users\roverider\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\QIP 2012\qip.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\roverider.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [gbrspcontrol] "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\roverider\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [ShowBatteryBar] "C:\Program Files\BatteryBar\ShowBatteryBar.exe" show
O4 - HKCU\..\Run: [Infium] "C:\Program Files (x86)\QIP 2012\qip.exe" /autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Start GeekBuddy.lnk = C:\Program Files (x86)\COMODO\GeekBuddy\launcher.exe
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} (DellSystemLite.Scanner) - http://support.dell.com/systemprofiler/ ... emLite.CAB
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions Inc. - C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Credential Vault Host Control Service - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
O23 - Service: Credential Vault Host Storage - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EmbassyService - Unknown owner - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GeekBuddyRSP Service (GeekBuddyRSP) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\STacSV64.exe
O23 - Service: NTRU TSS v1.2.1.37 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
O23 - Service: TdmService - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: Wave Authentication Manager Service - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WvPCR - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe
--
End of file - 10430 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\STacSV64.exe
C:\Windows\System32\spoolsv.exe
"C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe"
"C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\AESTSr64.exe
"C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe"
"C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -service
"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-f02aac24-e174-4028-a685-b30d9bfb423f -SystemEventPortName:HostProcess-f414908c-f960-4dcd-94ec-ab348a8e925c -IoCancelEventPortName:HostProcess-dc57494d-0398-46ba-b0e2-23c422c2696d -NonStateChangingEventPortName:HostProcess-40a0f0bf-df1f-45e6-81a2-02b6769ed534 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a407126c-684c-458f-b77f-bb75877e48c5 -DeviceGroupId:
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c0d2bb8a-ac1b-40d7-9f46-0b5eaf0bb229 -SystemEventPortName:HostProcess-1d788b8a-7905-4891-a17e-bee282d70105 -IoCancelEventPortName:HostProcess-77759058-fe62-4d91-b2ba-c523c6adfe33 -NonStateChangingEventPortName:HostProcess-1df09508-9c65-4227-9ad8-63b7894803aa -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d6695175-2d8c-4188-ba14-e3834e289beb -DeviceGroupId:
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Common Files\SPBA\upeksvr.exe"
C:\Windows\system32\svchost.exe -k WindowsMobile
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
"C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe"
"C:\Program Files\DellTPad\Apoint.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Windows\WindowsMobile\wmdc.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\DellTPad\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\Program Files\DellTPad\HidFind.exe"
"Apntex.exe"
\??\C:\Windows\system32\conhost.exe "3475212961125437455949843003-650877202-1270270556-1538785866-1934728993-1248692182
"C:\Users\roverider\AppData\Local\Akamai\netsession_win.exe"
"C:/Users/roverider/AppData/Local/Akamai/netsession_win.exe" --client
"C:\Program Files (x86)\QIP 2012\qip.exe" /autorun
"C:\Program Files (x86)\Winamp\winampa.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
"C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
"C:\Program Files (x86)\COMODO\GeekBuddy\unit_manager.exe"
"C:\Program Files (x86)\COMODO\GeekBuddy\unit" "\"C:/Program Files (x86)/COMODO/GeekBuddy/lps-cspm\""
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
C:\Windows\system32\WLANExt.exe 31279424
\??\C:\Windows\system32\conhost.exe "831422406-355566422-353197342-1465882360-1412554354-1159417361899723361586723908
"C:\Program Files (x86)\Opera\opera.exe"
"C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe" /o /eo /l /b /id 5528
"C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe" --channel=5008.0037F35C.529718902 --type=renderer /o /eo /l /b /id 5528
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe13_ Global\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Users\roverider\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\roverider\AppData\Roaming\Mozilla\Firefox\Profiles\hxfyhywt.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33]
"Description"=
"Path"=C:\Windows\SysWOW64\npdeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
npwachk.dll
C:\Users\roverider\AppData\Roaming\Mozilla\Firefox\Profiles\hxfyhywt.default\extensions\
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-09-17 329520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-09-17 59184]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2012-11-08 9577680]
"TdmNotify"=C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe [2011-12-08 381296]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2011-01-04 592240]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-03-09 487424]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-11-14 163360]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-11-14 387616]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-11-14 418336]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"=C:\Users\roverider\AppData\Local\Akamai\netsession_win.exe [2013-06-05 4489472]
"ShowBatteryBar"=C:\Program Files\BatteryBar\ShowBatteryBar.exe [2009-05-28 89600]
"Infium"=C:\Program Files (x86)\QIP 2012\qip.exe [2012-03-23 7351760]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2012-06-28 74752]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2011-03-07 89456]
"gbrspcontrol"=C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2013-04-17 1851088]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Start GeekBuddy.lnk - C:\Program Files (x86)\COMODO\GeekBuddy\launcher.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\Windows\system32\guard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-11-14 272384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\spba]
C:\Program Files\Common Files\SPBA\homefus2.dll [2010-09-15 2305872]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
wvauth
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 3 months======
2013-07-12 18:23:31 ----D---- C:\rsit
2013-07-12 18:23:31 ----D---- C:\Program Files\trend micro
2013-07-12 18:05:18 ----D---- C:\Program Files\CCleaner
2013-07-11 03:06:04 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-07-11 03:06:04 ----A---- C:\Windows\system32\ieui.dll
2013-07-11 03:06:03 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-07-11 03:06:03 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-07-11 03:06:03 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-07-11 03:06:03 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-07-11 03:06:03 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-07-11 03:06:03 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-11 03:06:03 ----A---- C:\Windows\system32\iesysprep.dll
2013-07-11 03:06:03 ----A---- C:\Windows\system32\iesetup.dll
2013-07-11 03:06:03 ----A---- C:\Windows\system32\iertutil.dll
2013-07-11 03:06:03 ----A---- C:\Windows\system32\iernonce.dll
2013-07-11 03:06:03 ----A---- C:\Windows\system32\ie4uinit.exe
2013-07-11 03:06:02 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-07-11 03:06:02 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-07-11 03:06:02 ----A---- C:\Windows\system32\msfeeds.dll
2013-07-11 03:06:02 ----A---- C:\Windows\system32\jscript.dll
2013-07-11 03:06:01 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-07-11 03:06:01 ----A---- C:\Windows\system32\jscript9.dll
2013-07-11 03:06:00 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-07-11 03:06:00 ----A---- C:\Windows\system32\urlmon.dll
2013-07-11 03:05:58 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-07-11 03:05:58 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-07-11 03:05:58 ----A---- C:\Windows\system32\wininet.dll
2013-07-11 03:05:58 ----A---- C:\Windows\system32\jsproxy.dll
2013-07-11 03:05:56 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-07-11 03:05:54 ----A---- C:\Windows\system32\ieframe.dll
2013-07-11 03:05:53 ----A---- C:\Windows\system32\mshtml.dll
2013-07-11 03:05:50 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-07-10 11:16:45 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-07-10 11:16:45 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-07-10 11:16:45 ----A---- C:\Windows\system32\qedit.dll
2013-07-10 11:16:44 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-07-10 11:16:32 ----A---- C:\Windows\system32\win32k.sys
2013-07-10 11:16:19 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-07-10 11:16:19 ----A---- C:\Windows\system32\DWrite.dll
2013-07-02 21:50:37 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-06-27 16:33:47 ----D---- C:\Program Files (x86)\digestIT 2004
2013-06-27 16:15:08 ----D---- C:\Program Files (x86)\Mozilla Firefox.bak
2013-06-18 13:26:44 ----D---- C:\Program Files (x86)\Medieval Software
2013-06-17 19:54:16 ----D---- C:\Users\roverider\AppData\Roaming\Opera Software
2013-06-17 19:54:11 ----D---- C:\Program Files (x86)\Opera Next
2013-06-12 10:53:14 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-06-12 10:53:14 ----A---- C:\Windows\system32\win32spl.dll
2013-06-12 10:53:14 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-06-12 10:53:11 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2013-06-12 10:53:11 ----A---- C:\Windows\system32\cryptdlg.dll
2013-06-12 10:53:04 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-06-12 10:53:04 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-06-12 10:52:55 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-06-12 10:52:55 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-06-12 10:52:55 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-06-12 10:52:55 ----A---- C:\Windows\SYSWOW64\certutil.exe
2013-06-12 10:52:55 ----A---- C:\Windows\SYSWOW64\certenc.dll
2013-06-12 10:52:55 ----A---- C:\Windows\system32\cryptsvc.dll
2013-06-12 10:52:55 ----A---- C:\Windows\system32\cryptnet.dll
2013-06-12 10:52:55 ----A---- C:\Windows\system32\crypt32.dll
2013-06-12 10:52:55 ----A---- C:\Windows\system32\certutil.exe
2013-06-12 10:52:55 ----A---- C:\Windows\system32\certenc.dll
2013-06-12 10:52:47 ----A---- C:\Windows\system32\d3d11.dll
2013-06-12 10:52:46 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-05-31 12:57:56 ----D---- C:\Users\roverider\AppData\Roaming\AnyPic JPG to PDF Converter
2013-05-31 12:57:56 ----D---- C:\Program Files (x86)\AnyPic JPG to PDF Converter
2013-05-24 22:01:49 ----D---- C:\vid
2013-05-16 16:12:34 ----D---- C:\Windows\rescache
2013-05-15 14:07:36 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2013-05-15 14:07:36 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-05-15 14:07:36 ----A---- C:\Windows\system32\cdd.dll
2013-05-15 14:07:28 ----A---- C:\Windows\system32\shell32.dll
2013-05-15 14:07:27 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-05-15 14:07:27 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-05-15 14:07:27 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-05-15 14:07:27 ----A---- C:\Windows\system32\shdocvw.dll
2013-05-15 14:07:27 ----A---- C:\Windows\system32\consent.exe
2013-05-15 14:07:27 ----A---- C:\Windows\system32\authui.dll
2013-05-15 14:07:27 ----A---- C:\Windows\system32\appinfo.dll
2013-05-15 14:07:22 ----A---- C:\Windows\system32\wwansvc.dll
2013-05-15 14:07:22 ----A---- C:\Windows\system32\wwanprotdim.dll
2013-05-14 10:05:30 ----D---- C:\Users\roverider\AppData\Roaming\Ashampoo
2013-05-14 10:05:21 ----D---- C:\ProgramData\Ashampoo
2013-05-14 10:05:19 ----D---- C:\Program Files (x86)\Ashampoo
2013-05-13 17:58:02 ----D---- C:\Users\roverider\AppData\Roaming\Wireshark
2013-05-13 12:55:59 ----D---- C:\Program Files (x86)\WinPcap
2013-05-13 12:55:28 ----D---- C:\Program Files\Wireshark
2013-05-13 12:29:45 ----A---- C:\wepkeys.txt
2013-05-13 12:11:36 ----D---- C:\Program Files (x86)\SecurityXploded
2013-05-08 00:45:02 ----A---- C:\CAPTURE.TXT
2013-05-08 00:00:49 ----A---- C:\hypertrm.exe
2013-05-08 00:00:41 ----A---- C:\hypertrm.dll
2013-05-07 23:56:15 ----A---- C:\putty.exe
2013-05-06 16:03:00 ----D---- C:\Users\roverider\AppData\Roaming\Arduino
2013-05-01 09:23:54 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-05-01 09:23:48 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-05-01 09:23:48 ----A---- C:\Windows\system32\elshyph.dll
2013-05-01 09:23:47 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-05-01 09:23:46 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-05-01 09:23:46 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-05-01 09:23:45 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-05-01 09:23:45 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-05-01 09:23:45 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-05-01 09:23:44 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-05-01 09:23:44 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-05-01 09:23:43 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-05-01 09:23:43 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-05-01 09:23:42 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-05-01 09:23:42 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-05-01 09:23:41 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-05-01 09:23:41 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-05-01 09:23:40 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-05-01 09:23:40 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-05-01 09:23:40 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-05-01 09:23:40 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-05-01 09:23:39 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-05-01 09:23:39 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-05-01 09:23:36 ----A---- C:\Windows\SYSWOW64\url.dll
2013-05-01 09:23:36 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-05-01 09:23:36 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-05-01 09:23:36 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-05-01 09:23:36 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-05-01 09:23:35 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-05-01 09:23:35 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-05-01 09:23:34 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-05-01 09:23:28 ----A---- C:\Windows\system32\wextract.exe
2013-05-01 09:23:28 ----A---- C:\Windows\system32\webcheck.dll
2013-05-01 09:23:28 ----A---- C:\Windows\system32\vbscript.dll
2013-05-01 09:23:28 ----A---- C:\Windows\system32\url.dll
2013-05-01 09:23:28 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-05-01 09:23:28 ----A---- C:\Windows\system32\pngfilt.dll
2013-05-01 09:23:28 ----A---- C:\Windows\system32\occache.dll
2013-05-01 09:23:28 ----A---- C:\Windows\system32\msrating.dll
2013-05-01 09:23:28 ----A---- C:\Windows\system32\msls31.dll
2013-05-01 09:23:28 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-05-01 09:23:28 ----A---- C:\Windows\system32\mshtmler.dll
2013-05-01 09:23:28 ----A---- C:\Windows\system32\mshtmled.dll
2013-05-01 09:23:28 ----A---- C:\Windows\system32\mshta.exe
2013-05-01 09:23:28 ----A---- C:\Windows\system32\msfeedssync.exe
2013-05-01 09:23:28 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-05-01 09:23:28 ----A---- C:\Windows\system32\licmgr10.dll
2013-05-01 09:23:28 ----A---- C:\Windows\system32\inseng.dll
2013-05-01 09:23:28 ----A---- C:\Windows\system32\imgutil.dll
2013-05-01 09:23:28 ----A---- C:\Windows\system32\iexpress.exe
2013-05-01 09:23:28 ----A---- C:\Windows\system32\ieUnatt.exe
2013-05-01 09:23:28 ----A---- C:\Windows\system32\iepeers.dll
2013-05-01 09:23:28 ----A---- C:\Windows\system32\iedkcs32.dll
2013-05-01 09:23:28 ----A---- C:\Windows\system32\ieapfltr.dll
2013-05-01 09:23:28 ----A---- C:\Windows\system32\ieapfltr.dat
2013-05-01 09:23:28 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-05-01 09:23:28 ----A---- C:\Windows\system32\icardie.dll
2013-05-01 09:23:28 ----A---- C:\Windows\system32\dxtrans.dll
2013-05-01 09:23:28 ----A---- C:\Windows\system32\dxtmsft.dll
2013-04-24 17:50:03 ----D---- C:\Program Files\GIMP 2
2013-04-24 09:03:05 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-04-17 00:23:25 ----A---- C:\Windows\capture.INI
2013-04-16 13:09:55 ----A---- C:\Windows\ODBC.INI
2013-04-16 12:38:03 ----A---- C:\Windows\SYSWOW64\sscsdk32.dll
2013-04-16 12:38:03 ----A---- C:\Windows\SYSWOW64\sbtrvd32.dll
2013-04-16 12:38:03 ----A---- C:\Windows\SYSWOW64\s2sqlprs.dll
2013-04-16 12:38:02 ----A---- C:\Windows\SYSWOW64\s2dtconv.dll
2013-04-16 12:38:02 ----A---- C:\Windows\SYSWOW64\p2sodbc.dll
2013-04-16 12:38:02 ----A---- C:\Windows\SYSWOW64\p2smon.dll
2013-04-16 12:38:02 ----A---- C:\Windows\SYSWOW64\p2sevt.dll
2013-04-16 12:38:02 ----A---- C:\Windows\SYSWOW64\p2irdao.dll
2013-04-16 12:38:02 ----A---- C:\Windows\SYSWOW64\p2ctdao.dll
2013-04-16 12:38:02 ----A---- C:\Windows\SYSWOW64\p2bdao.dll
2013-04-16 12:38:02 ----A---- C:\Windows\SYSWOW64\p2bbnd.dll
2013-04-16 12:38:02 ----A---- C:\Windows\SYSWOW64\orant71.dll
2013-04-16 12:38:02 ----A---- C:\Windows\SYSWOW64\ODBCTL32.DLL
2013-04-16 12:38:01 ----A---- C:\Windows\SYSWOW64\ociw32.dll
2013-04-16 12:38:01 ----A---- C:\Windows\SYSWOW64\ntwdblib.dll
2013-04-16 12:38:01 ----A---- C:\Windows\SYSWOW64\mxintl30.dll
2013-04-16 12:38:01 ----A---- C:\Windows\SYSWOW64\msjt3032.dll
2013-04-16 12:38:01 ----A---- C:\Windows\SYSWOW64\msjet35.dll
2013-04-16 12:38:01 ----A---- C:\Windows\SYSWOW64\mitmin30.dll
2013-04-16 12:38:01 ----A---- C:\Windows\SYSWOW64\mitmdl30.dll
2013-04-16 12:38:01 ----A---- C:\Windows\SYSWOW64\midlin30.dll
2013-04-16 12:38:01 ----A---- C:\Windows\SYSWOW64\midlg30.dll
2013-04-16 12:38:01 ----A---- C:\Windows\SYSWOW64\MFCANS32.DLL
2013-04-16 12:38:00 ----A---- C:\Windows\SYSWOW64\lfwpg60n.dll
2013-04-16 12:38:00 ----A---- C:\Windows\SYSWOW64\lfwmf60n.dll
2013-04-16 12:38:00 ----A---- C:\Windows\SYSWOW64\lftif60n.dll
2013-04-16 12:38:00 ----A---- C:\Windows\SYSWOW64\lftga60n.dll
2013-04-16 12:38:00 ----A---- C:\Windows\SYSWOW64\lfpsd60n.dll
2013-04-16 12:37:59 ----A---- C:\Windows\SYSWOW64\lfpng60n.dll
2013-04-16 12:37:59 ----A---- C:\Windows\SYSWOW64\lfpcx60n.dll
2013-04-16 12:37:59 ----A---- C:\Windows\SYSWOW64\lfpct60n.dll
2013-04-16 12:37:59 ----A---- C:\Windows\SYSWOW64\lfmsp60n.dll
2013-04-16 12:37:59 ----A---- C:\Windows\SYSWOW64\lfmac60n.dll
2013-04-16 12:37:59 ----A---- C:\Windows\SYSWOW64\lffax60n.dll
2013-04-16 12:37:59 ----A---- C:\Windows\SYSWOW64\lfeps60n.dll
2013-04-16 12:37:59 ----A---- C:\Windows\SYSWOW64\lfcmp60n.dll
2013-04-16 12:37:59 ----A---- C:\Windows\SYSWOW64\lfbmp60n.dll
2013-04-16 12:37:59 ----A---- C:\Windows\SYSWOW64\implode.dll
2013-04-16 12:37:59 ----A---- C:\Windows\SYSWOW64\crxlat32.dll
2013-04-16 12:37:59 ----A---- C:\Windows\SYSWOW64\crwrap32.dll
2013-04-16 12:37:59 ----A---- C:\Windows\SYSWOW64\crviewer.dll
2013-04-16 12:37:58 ----A---- C:\Windows\SYSWOW64\crutl13.dll
2013-04-16 12:37:58 ----A---- C:\Windows\SYSWOW64\crsyb13.dll
2013-04-16 12:37:58 ----A---- C:\Windows\SYSWOW64\crpe32.dll
2013-04-16 12:37:58 ----A---- C:\Windows\SYSWOW64\crpaig32.dll
2013-04-16 12:37:58 ----A---- C:\Windows\SYSWOW64\cror813.dll
2013-04-16 12:37:58 ----A---- C:\Windows\SYSWOW64\cror713.dll
2013-04-16 12:37:58 ----A---- C:\Windows\SYSWOW64\crgup13.dll
2013-04-16 12:37:58 ----A---- C:\Windows\SYSWOW64\crflt13.dll
2013-04-16 12:37:57 ----A---- C:\Windows\SYSWOW64\crdb213.dll
2013-04-16 12:37:57 ----A---- C:\Windows\SYSWOW64\crbas13.dll
2013-04-16 12:37:57 ----A---- C:\Windows\SYSWOW64\craxdrt.dll
2013-04-16 12:37:57 ----A---- C:\Windows\SYSWOW64\cpeaut32.dll
2013-04-16 12:37:57 ----A---- C:\Windows\SYSWOW64\c2supprt.dll
2013-04-16 12:37:11 ----D---- C:\Windows\Crystal
2013-04-16 12:37:11 ----D---- C:\Program Files\Orcad
2013-04-16 12:34:39 ----A---- C:\Windows\IsUninst.exe
======List of files/folders modified in the last 3 months======
2013-07-12 18:23:31 ----RD---- C:\Program Files
2013-07-12 18:22:19 ----D---- C:\Windows\inf
2013-07-12 18:22:19 ----D---- C:\Windows
2013-07-12 18:13:51 ----D---- C:\Users\roverider\AppData\Roaming\Winamp
2013-07-12 18:13:51 ----D---- C:\Users\roverider\AppData\Roaming\Media Player Classic
2013-07-12 18:13:38 ----D---- C:\Windows\Panther
2013-07-12 18:13:37 ----D---- C:\Windows\Temp
2013-07-12 18:13:37 ----D---- C:\Windows\Logs
2013-07-12 18:13:37 ----D---- C:\Windows\debug
2013-07-12 18:05:20 ----D---- C:\Windows\system32\Tasks
2013-07-12 12:00:01 ----D---- C:\Windows\Microsoft.NET
2013-07-12 11:59:41 ----RSD---- C:\Windows\assembly
2013-07-12 02:52:29 ----D---- C:\Windows\system32\config
2013-07-12 02:51:32 ----D---- C:\Program Files (x86)\The KMPlayer
2013-07-12 02:26:23 ----D---- C:\Windows\System32
2013-07-12 02:26:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-07-12 02:21:24 ----D---- C:\Windows\winsxs
2013-07-12 02:20:51 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-12 02:20:17 ----D---- C:\Windows\SysWOW64
2013-07-12 02:20:17 ----D---- C:\Program Files\Windows Journal
2013-07-12 02:20:17 ----D---- C:\Program Files\Windows Defender
2013-07-12 02:20:17 ----D---- C:\Program Files\Internet Explorer
2013-07-12 02:20:17 ----D---- C:\Program Files (x86)\Windows Defender
2013-07-12 02:20:17 ----D---- C:\Program Files (x86)\Internet Explorer
2013-07-11 03:14:16 ----SHD---- C:\Windows\Installer
2013-07-11 03:07:06 ----A---- C:\Windows\system32\MRT.exe
2013-07-11 03:06:13 ----D---- C:\Windows\system32\catroot2
2013-07-11 03:06:13 ----D---- C:\Windows\system32\catroot
2013-07-11 03:00:23 ----SHD---- C:\System Volume Information
2013-07-08 02:52:23 ----RD---- C:\Program Files (x86)
2013-07-08 02:43:41 ----D---- C:\Program Files (x86)\Opera
2013-07-06 22:46:43 ----D---- C:\Users\roverider\AppData\Roaming\vlc
2013-07-03 01:02:20 ----D---- C:\Windows\system32\NDF
2013-06-22 04:53:09 ----D---- C:\Program Files (x86)\JDownloader
2013-06-13 03:07:42 ----D---- C:\Windows\SYSWOW64\en-US
2013-06-13 03:07:42 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-06-13 03:07:42 ----D---- C:\Windows\system32\en-US
2013-06-13 03:07:42 ----D---- C:\Windows\system32\drivers
2013-06-13 03:07:42 ----D---- C:\Windows\system32\cs-CZ
2013-06-12 10:58:38 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-06-06 10:30:04 ----D---- C:\Program Files (x86)\SpeedFan
2013-05-16 10:39:54 ----D---- C:\Windows\AppPatch
2013-05-14 10:05:21 ----HD---- C:\ProgramData
2013-05-08 00:00:24 ----D---- C:\Program Files\Windows NT
2013-05-06 16:26:58 ----D---- C:\Windows\system32\DriverStore
2013-05-01 13:45:42 ----D---- C:\Windows\SYSWOW64\migration
2013-05-01 13:45:42 ----D---- C:\Windows\system32\migration
2013-05-01 13:45:42 ----D---- C:\Windows\PolicyDefinitions
2013-04-25 21:03:24 ----SD---- C:\Users\roverider\AppData\Roaming\Microsoft
2013-04-21 23:01:48 ----A---- C:\Users\roverider\AppData\Roaming\LTspiceIV.ini
2013-04-19 03:18:45 ----D---- C:\Program Files (x86)\Common Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PBADRV;PBADRV; C:\Windows\system32\DRIVERS\PBADRV.sys [2012-09-17 32240]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2012-11-08 22736]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2012-11-08 584056]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2012-11-08 38144]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-17 40816]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2012-11-08 94288]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2008-11-05 67584]
R3 acpials;Filtr zařízení ALS Sensor; C:\Windows\system32\DRIVERS\acpials.sys [2009-07-14 9728]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x64; C:\Windows\system32\DRIVERS\Apfiltr.sys [2011-01-05 343160]
R3 cvusbdrv;Dell ControlVault; C:\Windows\System32\Drivers\cvusbdrv.sys [2012-03-19 45672]
R3 e1yexpress;Ovladač gigabitových síťových připojení Intel(R); C:\Windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-11-14 10629408]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2010-03-15 145408]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2010-07-14 7821312]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-03-09 505856]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 36352]
R3 WinUsb;Ovladač WinUSB; C:\Windows\system32\drivers\WinUSB.sys [2010-11-20 41984]
S1 CFRMD;CFRMD; C:\Windows\system32\DRIVERS\CFRMD.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 cpudrv64;cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-06-02 17864]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RTCore64;RTCore64; \??\C:\Program Files (x86)\RMClock\RTCore64.sys [2008-09-08 14352]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 19968]
S3 usbser;USB RS-232 Emulation Driver; C:\Windows\system32\DRIVERS\usbser.sys [2010-11-20 32768]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\AESTSr64.exe [2009-03-03 89600]
R2 CLPSLauncher;COMODO LPS Launcher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [2013-04-17 70344]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2012-11-08 2828408]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2012-03-19 1043872]
R2 Credential Vault Host Storage;Credential Vault Host Storage; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2012-03-19 36768]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EmbassyService;EmbassyService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [2012-01-17 218504]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2010-07-19 1429776]
R2 GeekBuddyRSP;GeekBuddyRSP Service; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2013-04-17 1851088]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-06-22 625816]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-07-19 838928]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\STacSV64.exe [2010-03-09 244736]
R2 TdmService;TdmService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe [2011-12-08 4146032]
R2 Wave Authentication Manager Service;Wave Authentication Manager Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [2012-01-05 1679872]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
S2 tcsd_win32.exe;NTRU TSS v1.2.1.37 TCS; C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [2011-10-08 1637888]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12 256904]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-06-27 117144]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520]
S3 SecureStorageService;SecureStorageService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe [2011-11-11 2167176]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-09-18 1255736]
S3 WvPCR;WvPCR; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe [2012-01-16 198144]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o preventivní kontrolu pc
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o preventivní kontrolu pc
Zdravim 
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o preventivní kontrolu pc
Bohužel se během testu objeví hláška "Cannot create file: C:\Users\roveride\Desktop\cmd.bat."
Žádné logy to nezobrazí ani se neobjeví na ploše ani nikde jinde.
zkoušel jsem to i s kompletně vypnutým antivirem (Comodo)
Žádné logy to nezobrazí ani se neobjeví na ploše ani nikde jinde.
zkoušel jsem to i s kompletně vypnutým antivirem (Comodo)
Re: Prosím o preventivní kontrolu pc
Obcas se to stane, ze OTL tuhle chybku vyhodi 
Spustte ho podle stejneho navodu jeste jednou, ale s timto upravenym skriptem
Spustte ho podle stejneho navodu jeste jednou, ale s timto upravenym skriptem
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /sPokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o preventivní kontrolu pc
Kód: Vybrat vše
OTL logfile created on: 13.7.2013 19:20:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\roverider\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,89 Gb Total Physical Memory | 2,39 Gb Available Physical Memory | 61,38% Memory free
7,78 Gb Paging File | 6,18 Gb Available in Paging File | 79,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 62,86 Gb Total Space | 1,43 Gb Free Space | 2,27% Space Free | Partition Type: NTFS
Drive D: | 48,83 Gb Total Space | 0,18 Gb Free Space | 0,37% Space Free | Partition Type: NTFS
Computer Name: ZYXEL | User Name: roverider | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2013.07.13 15:22:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\roverider\Desktop\OTL.exe
PRC - [2013.07.02 21:50:44 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013.06.05 01:01:52 | 004,489,472 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\roverider\AppData\Local\Akamai\netsession_win.exe
PRC - [2013.04.17 13:27:24 | 001,851,088 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
PRC - [2013.04.17 11:57:08 | 000,207,560 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\COMODO\GeekBuddy\unit_manager.exe
PRC - [2013.04.17 11:57:08 | 000,194,760 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\COMODO\GeekBuddy\unit.exe
PRC - [2013.04.17 11:57:08 | 000,070,344 | ---- | M] (Comodo Security Solutions Inc.) -- C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.06.28 17:40:52 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2012.06.22 10:32:12 | 000,625,816 | ---- | M] (Pandora.TV) -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2013.07.02 21:50:43 | 003,285,912 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
[color=#E56717]========== Services (SafeList) ==========[/color]
SRV:[b]64bit:[/b] - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2012.11.08 01:37:39 | 002,828,408 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:[b]64bit:[/b] - [2012.03.19 16:34:06 | 001,043,872 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe -- (Credential Vault Host Control Service)
SRV:[b]64bit:[/b] - [2012.03.19 16:34:06 | 000,036,768 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe -- (Credential Vault Host Storage)
SRV:[b]64bit:[/b] - [2012.01.17 07:45:16 | 000,218,504 | ---- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe -- (EmbassyService)
SRV:[b]64bit:[/b] - [2012.01.16 15:29:58 | 000,198,144 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe -- (WvPCR)
SRV:[b]64bit:[/b] - [2012.01.05 15:02:14 | 001,679,872 | ---- | M] (Wave Systems Corp.) [Auto | Running] -- C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe -- (Wave Authentication Manager Service)
SRV:[b]64bit:[/b] - [2011.12.08 10:45:42 | 004,146,032 | ---- | M] (Wave Systems Corp.) [Auto | Running] -- C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe -- (TdmService)
SRV:[b]64bit:[/b] - [2011.11.11 14:42:14 | 002,167,176 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)
SRV:[b]64bit:[/b] - [2010.07.19 18:08:30 | 001,429,776 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:[b]64bit:[/b] - [2010.07.19 17:46:54 | 000,838,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:[b]64bit:[/b] - [2010.03.09 23:56:02 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\stacsv64.exe -- (STacSV)
SRV:[b]64bit:[/b] - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:[b]64bit:[/b] - [2009.03.03 02:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\AESTSr64.exe -- (AESTFilters)
SRV - [2013.06.27 16:15:12 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.06.12 10:58:39 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.04.17 13:27:24 | 001,851,088 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe -- (GeekBuddyRSP)
SRV - [2013.04.17 11:57:08 | 000,070,344 | ---- | M] (Comodo Security Solutions Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe -- (CLPSLauncher)
SRV - [2013.03.01 03:48:58 | 000,118,520 | ---- | M] (Riverbed Technology, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2012.11.09 12:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.06.22 10:32:12 | 000,625,816 | ---- | M] (Pandora.TV) [Auto | Running] -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe -- (PanService)
SRV - [2011.10.08 22:48:08 | 001,637,888 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.09 23:56:02 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\STacSV64.exe -- (STacSV)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.03.03 02:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\AESTSr64.exe -- (AESTFilters)
SRV - [2007.05.31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV:[b]64bit:[/b] - [2013.03.01 03:49:12 | 000,036,600 | ---- | M] (Riverbed Technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:[b]64bit:[/b] - [2013.02.12 06:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:[b]64bit:[/b] - [2012.11.14 17:57:06 | 010,629,408 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2012.11.08 01:37:57 | 000,022,736 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\cmderd.sys -- (cmderd)
DRV:[b]64bit:[/b] - [2012.09.17 14:19:16 | 000,032,240 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PBADRV.SYS -- (PBADRV)
DRV:[b]64bit:[/b] - [2012.03.19 16:34:14 | 000,045,672 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cvusbdrv.sys -- (cvusbdrv)
DRV:[b]64bit:[/b] - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011.01.15 18:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:[b]64bit:[/b] - [2011.01.05 20:47:12 | 000,343,160 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:[b]64bit:[/b] - [2010.12.17 00:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:[b]64bit:[/b] - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2010.11.20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2010.11.20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2010.07.14 04:42:58 | 007,821,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:[b]64bit:[/b] - [2010.03.15 16:45:28 | 000,145,408 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV:[b]64bit:[/b] - [2010.03.09 23:56:02 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:[b]64bit:[/b] - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009.07.14 02:00:24 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acpials.sys -- (acpials)
DRV:[b]64bit:[/b] - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:[b]64bit:[/b] - [2009.06.10 22:35:02 | 000,281,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1y60x64.sys -- (e1yexpress)
DRV:[b]64bit:[/b] - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2008.11.05 23:25:40 | 000,067,584 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV - [2012.09.03 09:20:00 | 000,037,976 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | System | Stopped] -- C:\Windows\SysWOW64\drivers\CFRMD.sys -- (CFRMD)
DRV - [2011.06.02 11:08:34 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008.09.08 13:05:56 | 000,014,352 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\RMClock\RTCore64.sys -- (RTCore64)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2024753922-1944551006-234841966-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2024753922-1944551006-234841966-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-2024753922-1944551006-234841966-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2024753922-1944551006-234841966-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.15
FF - prefs.js..extensions.enabledAddons: md5rehasher%40phoneixs.es:0.9.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - user.js - File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.07.02 21:50:38 | 000,000,000 | ---D | M]
[2012.09.17 13:43:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\roverider\AppData\Roaming\Mozilla\Extensions
[2013.06.27 16:13:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\roverider\AppData\Roaming\Mozilla\Firefox\Profiles\hxfyhywt.default\extensions
[2013.06.01 18:56:00 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\roverider\AppData\Roaming\Mozilla\Firefox\Profiles\hxfyhywt.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013.06.27 16:13:50 | 000,089,481 | ---- | M] () (No name found) -- C:\Users\roverider\AppData\Roaming\Mozilla\Firefox\Profiles\hxfyhywt.default\extensions\md5rehasher@phoneixs.es.xpi
[2013.05.09 13:48:18 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\roverider\AppData\Roaming\Mozilla\Firefox\Profiles\hxfyhywt.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.07.02 21:50:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.07.02 21:50:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013.07.02 21:50:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013.07.02 21:50:45 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012.06.28 17:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [TdmNotify] C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe (Wave Systems Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [gbrspcontrol] C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2024753922-1944551006-234841966-1000..\Run: [Akamai NetSession Interface] C:\Users\roverider\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-2024753922-1944551006-234841966-1000..\Run: [Infium] C:\Program Files (x86)\QIP 2012\qip.exe (QIP)
O4 - HKU\S-1-5-21-2024753922-1944551006-234841966-1000..\Run: [ShowBatteryBar] C:\Program Files\BatteryBar\ShowBatteryBar.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKU\S-1-5-21-2024753922-1944551006-234841966-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.95.40.132
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B3AD85F6-9047-43CB-8B1B-C201E958F599}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC787432-6745-490B-A1E2-9B9FB7856865}: DhcpNameServer = 10.95.40.132
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\spba: DllName - (C:\Program Files\Common Files\SPBA\homefus2.dll) - C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30:[b]64bit:[/b] - LSA: Authentication Packages - (wvauth) - C:\Windows\SysNative\wvauth.dll (Wave Systems Corp.)
O30 - LSA: Authentication Packages - (wvauth) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{8f39887b-28d1-11e2-8589-0024e8a1756b}\Shell - "" = AutoRun
O33 - MountPoints2\{8f39887b-28d1-11e2-8589-0024e8a1756b}\Shell\AutoRun\command - "" = "G:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:[b]64bit:[/b] msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2013.07.13 15:22:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\roverider\Desktop\OTL.exe
[2013.07.13 11:12:29 | 000,000,000 | ---D | C] -- C:\Users\roverider\Desktop\58k11
[2013.07.12 18:23:31 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.07.12 18:23:31 | 000,000,000 | ---D | C] -- C:\rsit
[2013.07.12 18:05:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.07.12 18:05:18 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.07.11 03:06:04 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.07.11 03:06:04 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.07.11 03:06:03 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.07.11 03:06:03 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.07.11 03:06:03 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.07.11 03:06:03 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.07.11 03:06:03 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.07.11 03:06:03 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.07.11 03:06:03 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.07.11 03:06:03 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.07.11 03:06:03 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.07.11 03:06:02 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.07.11 03:06:02 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.07.11 03:06:02 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.07.11 03:06:01 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.07.10 11:16:45 | 001,887,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013.07.10 11:16:45 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2013.07.10 11:16:45 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2013.07.10 11:16:44 | 001,620,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013.07.10 11:16:19 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.07.02 21:50:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.07.02 18:14:07 | 000,000,000 | ---D | C] -- C:\Users\roverider\Desktop\29,6,2013-open-air
[2013.06.27 16:33:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\digestIT 2004
[2013.06.27 16:15:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox.bak
[2013.06.21 07:57:49 | 000,000,000 | ---D | C] -- C:\Users\roverider\Desktop\Amaro2012
[2013.06.18 13:26:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medieval Software
[2013.06.18 13:26:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Medieval Software
[2013.06.17 19:54:17 | 000,000,000 | ---D | C] -- C:\Users\roverider\AppData\Local\Opera Software
[2013.06.17 19:54:16 | 000,000,000 | ---D | C] -- C:\Users\roverider\AppData\Roaming\Opera Software
[2013.06.17 19:54:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera Next
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2013.07.13 19:21:27 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.07.13 19:15:40 | 001,474,832 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat
[2013.07.13 18:58:05 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.07.13 18:56:05 | 000,065,672 | ---- | M] () -- C:\Users\roverider\Desktop\d6bf87baa3_94035552_o2.jpg
[2013.07.13 16:23:00 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.13 16:23:00 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.13 16:21:52 | 000,755,324 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.07.13 16:21:52 | 000,631,526 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.07.13 16:21:52 | 000,122,148 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.07.13 16:21:52 | 000,008,660 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.07.13 16:21:52 | 000,006,270 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.07.13 16:15:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.13 16:15:40 | 3133,079,552 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.13 15:22:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\roverider\Desktop\OTL.exe
[2013.07.12 18:21:51 | 000,935,175 | ---- | M] () -- C:\Users\roverider\Desktop\RSITx64.exe
[2013.07.12 18:15:37 | 000,089,800 | ---- | M] () -- C:\Users\roverider\Documents\cc_20130712_181511.reg
[2013.07.12 18:05:20 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.07.12 02:21:11 | 000,293,736 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.07.09 23:42:04 | 860,541,472 | ---- | M] () -- C:\Users\roverider\Desktop\Kandahar-Drama-Rusko-2010.avi
[2013.06.27 16:43:56 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.06.18 21:57:24 | 1002,825,689 | ---- | M] () -- C:\Users\roverider\Desktop\woodP4.rar
[2013.06.18 13:26:47 | 000,001,242 | ---- | M] () -- C:\Users\Public\Desktop\Medieval CUE Splitter.lnk
[2013.06.17 19:54:13 | 000,001,168 | ---- | M] () -- C:\Users\Public\Desktop\Opera Next.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2013.07.13 18:56:05 | 000,065,672 | ---- | C] () -- C:\Users\roverider\Desktop\d6bf87baa3_94035552_o2.jpg
[2013.07.13 15:28:25 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.07.12 18:21:50 | 000,935,175 | ---- | C] () -- C:\Users\roverider\Desktop\RSITx64.exe
[2013.07.12 18:15:18 | 000,089,800 | ---- | C] () -- C:\Users\roverider\Documents\cc_20130712_181511.reg
[2013.07.12 18:05:20 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.07.09 10:12:55 | 860,541,472 | ---- | C] () -- C:\Users\roverider\Desktop\Kandahar-Drama-Rusko-2010.avi
[2013.06.27 16:43:56 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.06.18 20:40:06 | 1002,825,689 | ---- | C] () -- C:\Users\roverider\Desktop\woodP4.rar
[2013.06.18 13:26:47 | 000,001,242 | ---- | C] () -- C:\Users\Public\Desktop\Medieval CUE Splitter.lnk
[2013.06.17 19:54:14 | 000,001,168 | ---- | C] () -- C:\Users\Public\Desktop\Opera Next.lnk
[2013.06.17 19:54:14 | 000,001,168 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera Next.lnk
[2013.04.25 15:30:59 | 000,003,491 | ---- | C] () -- C:\Users\roverider\AppData\Local\recently-used.xbel
[2013.04.17 00:23:25 | 000,000,146 | ---- | C] () -- C:\Windows\capture.INI
[2013.04.16 13:09:55 | 000,000,144 | ---- | C] () -- C:\Windows\ODBC.INI
[2013.04.16 12:38:02 | 000,251,904 | ---- | C] () -- C:\Windows\SysWow64\orant71.dll
[2013.04.16 12:38:01 | 000,903,168 | ---- | C] () -- C:\Windows\SysWow64\mitmdl30.dll
[2013.04.16 12:38:00 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\lftif60n.dll
[2013.04.16 12:38:00 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\lfpsd60n.dll
[2013.04.16 12:38:00 | 000,019,968 | ---- | C] () -- C:\Windows\SysWow64\lftga60n.dll
[2013.04.16 12:38:00 | 000,019,456 | ---- | C] () -- C:\Windows\SysWow64\lfwpg60n.dll
[2013.04.16 12:38:00 | 000,019,456 | ---- | C] () -- C:\Windows\SysWow64\lfwmf60n.dll
[2013.04.16 12:37:59 | 000,176,128 | ---- | C] () -- C:\Windows\SysWow64\lffax60n.dll
[2013.04.16 12:37:59 | 000,141,824 | ---- | C] () -- C:\Windows\SysWow64\lfcmp60n.dll
[2013.04.16 12:37:59 | 000,110,080 | ---- | C] () -- C:\Windows\SysWow64\lfpng60n.dll
[2013.04.16 12:37:59 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\lfpcx60n.dll
[2013.04.16 12:37:59 | 000,022,528 | ---- | C] () -- C:\Windows\SysWow64\lfpct60n.dll
[2013.04.16 12:37:59 | 000,022,528 | ---- | C] () -- C:\Windows\SysWow64\lfeps60n.dll
[2013.04.16 12:37:59 | 000,022,016 | ---- | C] () -- C:\Windows\SysWow64\lfbmp60n.dll
[2013.04.16 12:37:59 | 000,018,944 | ---- | C] ( ) -- C:\Windows\SysWow64\implode.dll
[2013.04.16 12:37:59 | 000,018,432 | ---- | C] () -- C:\Windows\SysWow64\lfmsp60n.dll
[2013.04.16 12:37:59 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\lfmac60n.dll
[2013.03.01 03:47:36 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2012.11.22 19:33:29 | 000,000,176 | ---- | C] () -- C:\Users\roverider\SciTE.session
[2012.11.21 14:07:37 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\pythoncom27.dll
[2012.11.21 14:07:37 | 000,110,080 | ---- | C] () -- C:\Windows\SysWow64\pywintypes27.dll
[2012.11.21 14:07:37 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\pythoncomloader27.dll
[2012.10.04 08:27:58 | 000,004,072 | ---- | C] () -- C:\Users\roverider\AppData\Roaming\LTspiceIV.ini
[2012.09.17 14:20:08 | 000,080,368 | ---- | C] () -- C:\Windows\SysWow64\pbadrvdll.dll
[2012.09.17 14:16:21 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2012.09.17 14:16:21 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2012.09.17 14:16:21 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2011.11.14 10:29:30 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_zh-HK.dll
[2011.11.14 10:29:28 | 000,088,064 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_th.dll
[2011.11.14 10:29:26 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_sl.dll
[2011.11.14 10:29:24 | 000,091,136 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_hr.dll
[2011.11.14 10:29:24 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_sk.dll
[2011.11.14 10:29:20 | 000,089,088 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_tr.dll
[2011.11.14 10:29:18 | 000,092,672 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_ro.dll
[2011.11.14 10:29:16 | 000,092,672 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_pt-BR.dll
[2011.11.14 10:29:14 | 000,092,160 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_hu.dll
[2011.11.14 10:29:12 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_fi.dll
[2011.11.14 10:29:12 | 000,084,992 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_he.dll
[2011.11.14 10:29:10 | 000,097,280 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_el.dll
[2011.11.14 10:29:08 | 000,091,136 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_cs.dll
[2011.11.14 10:29:08 | 000,087,040 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_ar.dll
[2011.11.14 10:29:06 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_zh-CHT.dll
[2011.11.14 10:29:04 | 000,074,240 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_zh-CHS.dll
[2011.11.14 10:29:02 | 000,091,648 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_sv.dll
[2011.11.14 10:29:00 | 000,091,136 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_ru.dll
[2011.11.14 10:28:58 | 000,094,720 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_pt.dll
[2011.11.14 10:28:58 | 000,093,184 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_pl.dll
[2011.11.14 10:28:56 | 000,089,600 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_no.dll
[2011.11.14 10:28:54 | 000,097,792 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_nl.dll
[2011.11.14 10:28:54 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_ko.dll
[2011.11.14 10:28:52 | 000,080,896 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_ja.dll
[2011.11.14 10:28:50 | 000,094,720 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_it.dll
[2011.11.14 10:28:48 | 000,095,232 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_fr.dll
[2011.11.14 10:28:46 | 000,094,720 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_es.dll
[2011.11.14 10:28:44 | 000,095,744 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_de.dll
[2011.11.14 10:28:42 | 000,092,672 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_da.dll
[color=#E56717]========== ZeroAccess Check ==========[/color]
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
[color=#E56717]========== LOP Check ==========[/color]
[2013.05.31 12:57:56 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\AnyPic JPG to PDF Converter
[2013.05.06 16:03:00 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\Arduino
[2013.05.14 10:05:30 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\Ashampoo
[2012.09.17 23:27:45 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\BatteryBar
[2012.10.08 21:01:26 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\CadSoft
[2012.10.24 18:56:19 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\GHISLER
[2012.09.26 18:46:49 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\OpenOffice.org
[2012.09.17 13:29:02 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\Opera
[2013.06.17 19:54:16 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\Opera Software
[2012.09.17 16:21:52 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\QIP
[2013.02.11 19:39:30 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\scope
[2012.09.17 14:19:15 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\Wave Systems Corp
[2013.05.13 17:58:02 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\Wireshark
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Custom Scans ==========[/color]
[color=#A23BEC]< >[/color]
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,023,556 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.10.24 17:28:54 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[color=#A23BEC]< >[/color]
[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[color=#A23BEC]< MD5 for: AUTOCHK.EXE >[/color]
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[color=#A23BEC]< MD5 for: HAL.DLL >[/color]
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
[color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
[color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color]
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
[color=#A23BEC]< MD5 for: TCPIP.SYS >[/color]
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.05.08 08:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012.08.22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2013.05.08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.05.08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[color=#A23BEC]< >[/color]
[color=#A23BEC]< %systemroot%*.* /U /s >[/color]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[6 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Installer\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}\*.tmp files -> C:\Windows\Installer\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}\*.tmp -> ]
[13 C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera\cache\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera\cache\g_0000\*.tmp -> ]
[2 C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera\cache\revocation\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera\cache\revocation\g_0000\*.tmp -> ]
[3 C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera\icons\cache\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera\icons\cache\g_0000\*.tmp -> ]
[13 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Opera\Opera\cache\g_0000\*.tmp files -> C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Opera\Opera\cache\g_0000\*.tmp -> ]
[2 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Opera\Opera\cache\revocation\g_0000\*.tmp files -> C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Opera\Opera\cache\revocation\g_0000\*.tmp -> ]
[3 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Opera\Opera\icons\cache\g_0000\*.tmp files -> C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Opera\Opera\icons\cache\g_0000\*.tmp -> ]
[3 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[2013.05.08 00:00:50 | 000,028,160 | ---- | M] (Hilgraeve, Inc.) -- C:\hypertrm.exe
[2013.05.07 23:56:15 | 000,483,328 | ---- | M] (Simon Tatham) -- C:\putty.exe
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]
[color=#A23BEC]< %APPDATA%\*. >[/color]
[2012.09.18 13:46:52 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\Adobe
[2013.05.31 12:57:56 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\AnyPic JPG to PDF Converter
[2013.05.06 16:03:00 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\Arduino
[2013.05.14 10:05:30 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\Ashampoo
[2012.09.17 23:27:45 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\BatteryBar
[2012.10.08 21:01:26 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\CadSoft
[2012.10.24 18:56:19 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\GHISLER
[2012.09.17 13:19:11 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\Identities
[2012.09.17 14:32:26 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\Intel
[2012.09.17 15:17:32 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\Macromedia
[2009.07.14 09:45:14 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\Media Center Programs
[2013.07.12 18:13:51 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\Media Player Classic
[2013.04.25 21:03:24 | 000,000,000 | --SD | M] -- C:\Users\roverider\AppData\Roaming\Microsoft
[2012.09.17 13:43:09 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\Mozilla
[2012.09.26 18:46:49 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\OpenOffice.org
[2012.09.17 13:29:02 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\Opera
[2013.06.17 19:54:16 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\Opera Software
[2012.09.17 16:21:52 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\QIP
[2013.02.11 19:39:30 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\scope
[2012.12.12 23:12:56 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\Skype
[2013.07.06 22:46:43 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\vlc
[2012.09.17 14:19:15 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\Wave Systems Corp
[2013.07.12 18:13:51 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\Winamp
[2012.09.17 15:38:40 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\WinRAR
[2013.05.13 17:58:02 | 000,000,000 | ---D | M] -- C:\Users\roverider\AppData\Roaming\Wireshark
[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2012.09.17 14:19:37 | 000,405,504 | R--- | M] (Acresso Software Inc.) -- C:\Users\roverider\AppData\Roaming\Microsoft\Installer\{9DAED4FC-2B0E-4F3F-8141-F2ABF02CCFCB}\ARPPRODUCTICON.exe
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[color=#A23BEC]< %systemroot%\Tasks\*.job >[/color]
[2013.07.13 18:58:05 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]
[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /3 >[/color]
[color=#A23BEC]< %systemroot%\system32\*.* /3 >[/color]
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[2013.05.08 00:00:50 | 000,028,160 | ---- | M] (Hilgraeve, Inc.) -- C:\hypertrm.exe
[2013.05.07 23:56:15 | 000,483,328 | ---- | M] (Simon Tatham) -- C:\putty.exe
[color=#A23BEC]< >[/color]
[color=#A23BEC]< *crack* /s >[/color]
[2011.02.07 00:26:18 | 000,117,671 | ---- | M] () -- \Program Files (x86)\Agros2D\Lib\site-packages\numpy\f2py\crackfortran.py
[2013.03.12 16:09:12 | 000,004,125 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\plugins\hoster\CrackedCom.class
[2011.04.25 20:44:42 | 000,005,019 | ---- | M] () -- \Program Files (x86)\pythonxy\doc\Libraries\PIL\handbook\imagecrackcode.htm
[2013.02.06 22:43:12 | 000,062,238 | ---- | M] () -- \Program Files\GIMP 2\share\gimp\2.0\patterns\cracked.pat
[2012.05.19 14:51:54 | 000,117,068 | ---- | M] () -- \Python27\Lib\site-packages\numpy\f2py\crackfortran.py
[color=#A23BEC]< *keygen* /s >[/color]
[2012.09.30 23:11:30 | 000,004,319 | ---- | M] () -- \Program Files (x86)\pythonxy\doc\Libraries\IPython\paramiko\demos\demo_keygen.py
[color=#A23BEC]< *AntiWPA* /s >[/color]
[color=#A23BEC]< *loader* /s >[/color]
[2011.02.07 00:26:22 | 000,013,734 | ---- | M] () -- \Program Files (x86)\Agros2D\Lib\unittest\loader.py
[2012.03.06 10:40:30 | 000,003,397 | ---- | M] () -- \Program Files (x86)\FreeMat\help\html\vtkcommon_vtkdynamicloader.html
[2012.05.22 09:43:16 | 000,214,528 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloader.exe
[2012.05.22 09:43:16 | 000,593,293 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloader.jar
[2012.05.22 09:43:16 | 000,218,816 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloaderBETA.exe
[2012.05.22 09:43:16 | 000,218,816 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloaderD3D.exe
[2012.05.22 09:43:16 | 000,219,264 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloaderPortable.exe
[2012.09.20 16:16:48 | 000,000,105 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\img\hosterlogos\uploader.pl.png
[2012.10.18 22:16:47 | 000,011,071 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\plugins\hoster\MyDownloaderNet.class
[2013.03.07 05:53:47 | 000,004,584 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\plugins\hoster\OmpLoaderOrg.class
[2013.06.03 20:58:26 | 000,003,880 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\plugins\hoster\UploaderJp.class
[2012.10.18 22:16:33 | 000,007,073 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\plugins\hoster\UploaderPl.class
[2012.05.22 09:43:16 | 000,032,222 | ---- | M] () -- \Program Files (x86)\JDownloader\licenses\jdownloader.license
[2012.08.13 10:52:58 | 000,006,081 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.py
[2013.04.25 14:51:38 | 000,005,509 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.pyc
[2012.08.10 16:50:58 | 000,020,992 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2012.08.13 11:04:18 | 000,000,171 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2012.08.10 16:50:54 | 000,029,696 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2012.08.13 10:12:36 | 000,003,868 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\java\unoloader.jar
[2012.09.14 14:47:56 | 000,000,673 | ---- | M] () -- \Program Files (x86)\pythonxy\doc\Enthought Tool Suite\enaml\html\_static\ajax-loader.gif
[2012.09.14 14:47:56 | 000,000,673 | ---- | M] () -- \Program Files (x86)\pythonxy\doc\Enthought Tool Suite\encore\html\_static\ajax-loader.gif
[2012.09.14 14:47:56 | 000,000,673 | ---- | M] () -- \Program Files (x86)\pythonxy\doc\Enthought Tool Suite\Pyface\html\_static\ajax-loader.gif
[2012.09.14 14:47:56 | 000,000,673 | ---- | M] () -- \Program Files (x86)\pythonxy\doc\Enthought Tool Suite\TraitsUI\html\_static\ajax-loader.gif
[2012.05.05 18:14:48 | 000,000,673 | ---- | M] () -- \Program Files (x86)\pythonxy\doc\Libraries\cx_Freeze\html\_static\ajax-loader.gif
[2011.11.07 22:21:54 | 000,000,041 | ---- | M] () -- \Program Files (x86)\pythonxy\doc\Libraries\nose\html\_sources\api\loader.txt
[2011.11.07 22:30:24 | 000,011,699 | ---- | M] () -- \Program Files (x86)\pythonxy\doc\Libraries\nose\html\api\loader.html
[2012.08.20 10:53:20 | 000,000,673 | ---- | M] () -- \Program Files (x86)\pythonxy\doc\Libraries\pyzmq\html\_static\ajax-loader.gif
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2011.03.08 08:43:28 | 000,013,734 | ---- | M] () -- \Program Files\GIMP 2\Python\Lib\unittest\loader.py
[2012.09.20 16:15:45 | 000,001,945 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2012.09.20 16:15:45 | 000,001,924 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2012.09.20 16:15:45 | 000,002,001 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2012.11.08 16:16:50 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.11.08 16:16:50 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.11.08 16:16:50 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2011.12.22 00:13:08 | 000,003,852 | ---- | M] () -- \Python27\Lib\site-packages\apptools\persistence\project_loader.py
[2011.12.22 00:18:40 | 000,000,101 | ---- | M] () -- \Python27\Lib\site-packages\enthought\endo\template\loader.py
[2011.12.22 00:18:40 | 000,000,105 | ---- | M] () -- \Python27\Lib\site-packages\enthought\mayavi\tools\data_wizards\csv_loader.py
[2011.12.22 00:18:40 | 000,000,104 | ---- | M] () -- \Python27\Lib\site-packages\enthought\persistence\project_loader.py
[2011.06.22 00:37:12 | 000,001,259 | ---- | M] () -- \Python27\Lib\site-packages\etsdevtools\endo\template\loader.py
[2012.10.27 10:04:38 | 000,024,256 | ---- | M] () -- \Python27\Lib\site-packages\IPython\config\loader.py
[2012.11.21 14:12:49 | 000,023,660 | ---- | M] () -- \Python27\Lib\site-packages\IPython\config\loader.pyc
[2012.10.27 10:04:38 | 000,008,496 | ---- | M] () -- \Python27\Lib\site-packages\IPython\config\tests\test_loader.py
[2012.10.27 14:26:42 | 000,044,032 | ---- | M] () -- \Python27\Lib\site-packages\isapi\PyISAPI_loader.dll
[2011.09.24 08:57:02 | 000,016,262 | ---- | M] () -- \Python27\Lib\site-packages\jinja2\loaders.py
[2012.11.21 14:13:20 | 000,018,057 | ---- | M] () -- \Python27\Lib\site-packages\jinja2\loaders.pyc
[2011.09.24 08:57:02 | 000,006,788 | ---- | M] () -- \Python27\Lib\site-packages\jinja2\testsuite\loader.py
[2012.08.18 10:05:56 | 000,007,057 | ---- | M] () -- \Python27\Lib\site-packages\mayavi\tools\data_wizards\csv_loader.py
[2012.09.25 08:30:52 | 000,024,643 | ---- | M] () -- \Python27\Lib\site-packages\nose\loader.py
[2012.10.16 22:51:28 | 000,002,363 | ---- | M] () -- \Python27\Lib\site-packages\OpenGL\platform\ctypesloader.py
[2012.08.11 21:51:02 | 000,011,828 | ---- | M] () -- \Python27\Lib\site-packages\PyQt4\doc\html\qpluginloader.html
[2012.06.30 12:41:20 | 000,000,673 | ---- | M] () -- \Python27\Lib\site-packages\PyQt4\doc\html\_static\ajax-loader.gif
[2012.08.11 21:51:02 | 000,002,013 | ---- | M] () -- \Python27\Lib\site-packages\PyQt4\sip\PyQt4\QtCore\qpluginloader.sip
[2012.06.30 12:41:30 | 000,003,065 | ---- | M] () -- \Python27\Lib\site-packages\PyQt4\uic\Loader\loader.py
[2012.10.27 14:26:46 | 000,008,192 | ---- | M] () -- \Python27\Lib\site-packages\pywin32_system32\pythoncomloader27.dll
[2012.03.12 21:59:14 | 000,000,673 | ---- | M] () -- \Python27\Lib\site-packages\sphinx\themes\basic\static\ajax-loader.gif
[2011.04.25 21:03:58 | 000,009,151 | ---- | M] () -- \Python27\Lib\site-packages\vitables\preferences\pluginsLoader.py
[2012.10.27 14:21:08 | 000,008,192 | ---- | M] () -- \Python27\Lib\site-packages\win32\_win32sysloader.pyd
[2011.03.08 10:43:28 | 000,013,734 | ---- | M] () -- \Python27\Lib\unittest\loader.py
[2012.11.21 14:13:06 | 000,011,220 | ---- | M] () -- \Python27\Lib\unittest\loader.pyc
[2011.03.08 10:43:28 | 000,050,487 | ---- | M] () -- \Python27\Lib\unittest\test\test_loader.py
[2012.09.20 16:15:45 | 000,001,945 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2012.09.20 16:15:45 | 000,001,924 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2012.09.20 16:15:45 | 000,002,001 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2012.11.08 16:16:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.11.08 16:16:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.11.08 16:16:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2012.09.20 16:15:56 | 000,002,001 | ---- | M] () -- \Users\roverider\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\JDownloader.lnk
[2012.09.20 16:15:56 | 000,002,037 | ---- | M] () -- \Users\roverider\Desktop\JDownloader.lnk
[2008.12.04 18:28:20 | 000,000,020 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\hardware\tools\avr\doc\avr-libc\man\man3\BOOTLOADER_SECTION.3
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.10.27 14:26:46 | 000,008,192 | ---- | M] () -- \Windows\System32\pythoncomloader27.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2012.10.27 14:26:46 | 000,008,192 | ---- | M] () -- \Windows\SysWOW64\pythoncomloader27.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.09.17 23:11:04 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2012.09.17 23:11:04 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2012.09.17 23:11:04 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2012.09.17 23:11:04 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2012.09.17 23:11:04 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2009.07.14 07:37:37 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009.07.14 07:37:37 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2009.07.14 07:37:37 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2009.07.14 07:37:37 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2009.07.14 07:37:37 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2012.09.22 21:39:19 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012.09.22 21:39:19 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2012.09.22 21:39:19 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2012.09.22 21:39:19 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2012.09.22 21:39:19 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 05:18:36 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:44:20 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[color=#A23BEC]< *minodlogin* /s >[/color]
[color=#A23BEC]< *tnod* /s >[/color]
[2012.03.07 08:24:54 | 000,000,082 | ---- | M] () -- \Program Files (x86)\FreeMat\help\html\ftv2lastnode.png
[2012.03.07 08:24:54 | 000,000,221 | ---- | M] () -- \Program Files (x86)\FreeMat\help\html\ftv2mlastnode.png
[2012.03.07 08:24:54 | 000,000,215 | ---- | M] () -- \Program Files (x86)\FreeMat\help\html\ftv2plastnode.png
[2011.04.25 21:03:58 | 000,003,967 | ---- | M] () -- \Python27\Lib\site-packages\vitables\vtWidgets\inputNodeName.py
[color=#A23BEC]< *AutoKMS* /s >[/color]
[color=#A23BEC]< *activator* /s >[/color]
[2011.12.22 00:18:40 | 000,000,096 | ---- | M] () -- \Python27\Lib\site-packages\enthought\envisage\i_plugin_activator.py
[2011.12.22 00:18:40 | 000,000,094 | ---- | M] () -- \Python27\Lib\site-packages\enthought\envisage\plugin_activator.py
[2011.12.22 00:13:16 | 000,000,977 | ---- | M] () -- \Python27\Lib\site-packages\envisage\i_plugin_activator.py
[2011.12.22 00:13:16 | 000,001,336 | ---- | M] () -- \Python27\Lib\site-packages\envisage\plugin_activator.py
[color=#A23BEC]< *serial* /s >[/color]
[2012.10.16 21:25:12 | 000,002,271 | ---- | M] () -- \Program Files (x86)\pythonxy\doc\Libraries\pyzmq\examples\serialization\serialsocket.py
[2012.08.20 10:53:20 | 000,017,523 | ---- | M] () -- \Program Files (x86)\pythonxy\doc\Libraries\pyzmq\html\serialization.html
[2012.08.20 10:53:20 | 000,003,726 | ---- | M] () -- \Program Files (x86)\pythonxy\doc\Libraries\pyzmq\html\_sources\serialization.txt
[2011.04.25 20:38:12 | 000,002,946 | ---- | M] () -- \Program Files (x86)\pythonxy\doc\MinGW\gcc-4.5.2\gnat_rm\GNAT_002eSerial_005fCommunications-_0028g_002dsercom_002eads_0029.html
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
Re: Prosím o preventivní kontrolu pc
Kód: Vybrat vše
[2012.09.27 18:20:18 | 000,052,736 | ---- | M] () -- \Program Files (x86)\Scope\data\SerialIO.dll
[2011.11.28 12:40:42 | 000,069,632 | ---- | M] () -- \Program Files\BatteryBar\BatteryBar.Utilities.XmlSerializers.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 03:54:42 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2011.12.22 00:13:08 | 000,002,951 | ---- | M] () -- \Python27\Lib\site-packages\apptools\naming\object_serializer.py
[2011.12.22 00:18:40 | 000,000,087 | ---- | M] () -- \Python27\Lib\site-packages\enthought\chaco\serializable.py
[2011.12.22 00:18:40 | 000,000,102 | ---- | M] () -- \Python27\Lib\site-packages\enthought\naming\object_serializer.py
[2011.12.22 00:15:04 | 000,003,972 | ---- | M] () -- \Python27\Lib\site-packages\chaco\serializable.py
[2012.10.27 10:04:38 | 000,003,994 | ---- | M] () -- \Python27\Lib\site-packages\IPython\parallel\tests\test_newserialized.py
[2012.10.27 10:06:48 | 000,005,125 | ---- | M] () -- \Python27\Lib\site-packages\IPython\utils\newserialized.py
[2012.10.27 10:04:38 | 000,005,830 | ---- | M] () -- \Python27\Lib\site-packages\IPython\zmq\serialize.py
[2012.08.11 21:51:02 | 000,010,943 | ---- | M] () -- \Python27\Lib\site-packages\PyQt4\doc\html\qxmlserializer.html
[2012.08.11 21:51:02 | 000,002,201 | ---- | M] () -- \Python27\Lib\site-packages\PyQt4\sip\PyQt4\QtXmlPatterns\qxmlserializer.sip
[2011.03.19 10:51:18 | 000,003,127 | ---- | M] () -- \Python27\Lib\site-packages\pythonwin\pywin\Demos\ocx\ocxserialtest.py
[2012.10.18 13:29:38 | 000,005,429 | ---- | M] () -- \Python27\Lib\site-packages\SQLAlchemy\ext\serializer.py
[2013.03.11 15:28:44 | 000,077,759 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\rxtxSerial.dll
[2013.03.11 15:29:10 | 000,000,665 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\examples\01.Basics\AnalogReadSerial\AnalogReadSerial.ino
[2013.03.11 15:29:10 | 000,000,734 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\examples\01.Basics\DigitalReadSerial\DigitalReadSerial.ino
[2013.03.11 15:29:10 | 000,001,690 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\examples\03.Analog\AnalogInOutSerial\AnalogInOutSerial.ino
[2013.03.11 15:29:12 | 000,000,815 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\examples\04.Communication\MultiSerialMega\MultiSerialMega.ino
[2013.03.11 15:29:12 | 000,009,756 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\examples\04.Communication\SerialCallResponse\SerialCallResponse.ino
[2013.03.11 15:29:12 | 000,009,042 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\examples\04.Communication\SerialCallResponseASCII\SerialCallResponseASCII.ino
[2013.03.11 15:29:12 | 000,001,451 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\examples\04.Communication\SerialEvent\SerialEvent.ino
[2013.03.11 15:29:12 | 000,000,796 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\examples\09.USB\Keyboard\KeyboardSerial\KeyboardSerial.ino
[2013.03.11 15:29:10 | 000,013,622 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\hardware\arduino\cores\arduino\HardwareSerial.cpp
[2013.03.11 15:29:10 | 000,003,407 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\hardware\arduino\cores\arduino\HardwareSerial.h
[2013.03.11 15:29:10 | 000,020,907 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\hardware\arduino\firmwares\atmegaxxu2\Arduino-COMBINED-dfu-usbserial-atmega16u2-Mega2560-Rev3.hex
[2013.03.11 15:29:10 | 000,020,907 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\hardware\arduino\firmwares\atmegaxxu2\Arduino-COMBINED-dfu-usbserial-atmega16u2-MegaADK-Rev3.hex
[2013.03.11 15:29:10 | 000,020,907 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\hardware\arduino\firmwares\atmegaxxu2\Arduino-COMBINED-dfu-usbserial-atmega16u2-Uno-Rev3.hex
[2013.03.11 15:29:10 | 000,017,712 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\hardware\arduino\firmwares\atmegaxxu2\MEGA-dfu_and_usbserial_combined.hex
[2013.03.11 15:29:10 | 000,017,688 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\hardware\arduino\firmwares\atmegaxxu2\UNO-dfu_and_usbserial_combined.hex
[2013.03.11 15:29:10 | 000,011,370 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\hardware\arduino\firmwares\atmegaxxu2\arduino-usbserial\Arduino-usbserial-atmega16u2-Mega2560-Rev3.hex
[2013.03.11 15:29:10 | 000,011,370 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\hardware\arduino\firmwares\atmegaxxu2\arduino-usbserial\Arduino-usbserial-atmega16u2-MegaADK-Rev3.hex
[2013.03.11 15:29:10 | 000,011,370 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\hardware\arduino\firmwares\atmegaxxu2\arduino-usbserial\Arduino-usbserial-atmega16u2-Uno-Rev3.hex
[2013.03.11 15:29:10 | 000,011,468 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\hardware\arduino\firmwares\atmegaxxu2\arduino-usbserial\Arduino-usbserial-mega.hex
[2013.03.11 15:29:10 | 000,011,444 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\hardware\arduino\firmwares\atmegaxxu2\arduino-usbserial\Arduino-usbserial-uno.hex
[2013.03.11 15:29:10 | 000,008,451 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\hardware\arduino\firmwares\atmegaxxu2\arduino-usbserial\Arduino-usbserial.c
[2013.03.11 15:29:10 | 000,002,835 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\hardware\arduino\firmwares\atmegaxxu2\arduino-usbserial\Arduino-usbserial.h
[2013.03.11 15:29:10 | 000,013,379 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\libraries\GSM\GSM3SoftSerial.cpp
[2013.03.11 15:29:10 | 000,004,726 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\libraries\GSM\GSM3SoftSerial.h
[2013.03.11 15:29:10 | 000,001,695 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\libraries\LiquidCrystal\examples\SerialDisplay\SerialDisplay.ino
[2013.03.11 15:29:10 | 000,013,606 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\libraries\SoftwareSerial\SoftwareSerial.cpp
[2013.03.11 15:29:10 | 000,003,566 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\libraries\SoftwareSerial\SoftwareSerial.h
[2013.03.11 15:29:10 | 000,001,363 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\libraries\SoftwareSerial\examples\SoftwareSerialExample\SoftwareSerialExample.ino
[2012.07.15 09:26:46 | 000,008,022 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\reference\Serial.html
[2012.07.15 09:28:16 | 000,011,715 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\reference\Serial_Available.html
[2012.07.15 09:28:16 | 000,009,791 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\reference\Serial_Begin.html
[2012.07.15 09:28:18 | 000,004,354 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\reference\Serial_End.html
[2012.07.15 09:28:18 | 000,003,655 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\reference\Serial_Find.html
[2012.07.15 09:28:18 | 000,003,882 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\reference\Serial_FindUntil.html
[2012.07.15 09:28:20 | 000,004,503 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\reference\Serial_Flush.html
[2012.07.15 09:28:16 | 000,007,800 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\reference\Serial_IfSerial.html
[2012.07.15 09:28:20 | 000,003,682 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\reference\Serial_ParseFloat.html
[2012.07.15 09:28:20 | 000,006,335 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\reference\Serial_ParseInt.html
[2012.07.15 09:28:22 | 000,004,618 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\reference\Serial_Peek.html
[2012.07.15 09:28:22 | 000,015,280 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\reference\Serial_Print.html
[2012.07.15 09:28:22 | 000,009,605 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\reference\Serial_Println.html
[2012.07.15 09:28:24 | 000,008,740 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\reference\Serial_Read.html
[2012.07.15 09:28:24 | 000,004,002 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\reference\Serial_ReadBytes.html
[2012.07.15 09:28:24 | 000,004,209 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\reference\Serial_ReadBytesUntil.html
[2012.07.15 09:28:24 | 000,003,782 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\reference\Serial_SetTimeout.html
[2012.07.15 09:28:26 | 000,007,734 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\reference\Serial_Write.html
[2012.07.15 09:26:42 | 000,012,436 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\reference\SoftwareSerial.html
[2012.07.15 09:27:00 | 000,008,443 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\reference\SoftwareSerialAvailable.html
[2012.07.15 09:27:00 | 000,007,944 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\reference\SoftwareSerialBegin.html
[2012.07.15 09:27:00 | 000,006,865 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\reference\SoftwareSerialConstructor.html
[2012.07.15 09:27:02 | 000,007,941 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\reference\SoftwareSerialIsListening.html
[2012.07.15 09:27:06 | 000,010,042 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\reference\SoftwareSerialListen.html
[2012.07.15 09:27:02 | 000,008,175 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\reference\SoftwareSerialOverflow.html
[2012.07.15 09:27:02 | 000,007,599 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\reference\SoftwareSerialPeek.html
[2012.07.15 09:27:04 | 000,012,188 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\reference\SoftwareSerialPrint.html
[2012.07.15 09:27:04 | 000,012,243 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\reference\SoftwareSerialPrintln.html
[2012.07.15 09:27:04 | 000,007,351 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\reference\SoftwareSerialRead.html
[2012.07.15 09:27:06 | 000,007,701 | ---- | M] () -- \Users\roverider\Desktop\arduino-1.0.4-windows\arduino-1.0.4\reference\SoftwareSerialWrite.html
[2013.05.06 21:22:19 | 000,000,553 | ---- | M] () -- \Users\roverider\Documents\Arduino\mojepwm\ledka_serial\ledka_serial.ino
[2009.06.11 00:10:20 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.07.12 02:22:30 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a300d50e46379ad6eca7f58e63f4ed70\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.07.12 02:23:25 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\c476801f82f0b0cff48afcafce7e919d\System.Runtime.Serialization.ni.dll
[2013.07.12 02:28:09 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\4258a9ffeaf0e191d644b7cb7ee72997\System.Runtime.Serialization.ni.dll
[2013.07.12 02:25:20 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\57b0253cccdd14c5745b9f1ff8eb3d67\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.07.11 04:15:29 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\5f0cbd7489fce0c1617c0d28f1258cc8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.07.11 04:15:23 | 002,647,552 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\6b3adc90b6f811b557d290e1436e7ff8\System.Runtime.Serialization.ni.dll
[2013.07.11 04:17:37 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\cda839ea462e123d42cb6d0883cf0f4d\System.Xml.Serialization.ni.dll
[2013.07.11 04:20:44 | 003,414,016 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\33a3fd30ab81dfbe01deba0c009442ed\System.Runtime.Serialization.ni.dll
[2013.07.11 04:20:53 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\635c921be59ef9831e084cf199f0fb92\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.07.11 04:24:20 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\252726355005e3388101a3f1dfa1c727\System.Xml.Serialization.ni.dll
[2012.09.19 03:03:58 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.07.11 03:12:08 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.09.19 03:03:58 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.07.11 03:12:07 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.07.11 03:12:15 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 02:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 03:54:38 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 02:48:20 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:48:20 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.11.10 12:21:00 | 000,020,480 | ---- | M] () -- \Windows\System32\GetCDriveSerialNumber.exe
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.14 04:38:14 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 04:10:04 | 000,005,120 | ---- | M] () -- \Windows\System32\en-US\serialui.dll.mui
[2009.11.10 12:21:00 | 000,020,480 | ---- | M] () -- \Windows\SysWOW64\GetCDriveSerialNumber.exe
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2009.07.14 04:38:14 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2009.07.14 04:10:04 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\en-US\serialui.dll.mui
[2010.11.05 03:54:38 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.07.14 04:58:44 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 04:26:50 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_edb61e94e4562781\serialui.dll.mui
[2009.07.14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2010.11.05 03:54:42 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2009.07.14 05:07:20 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 04:30:28 | 000,010,240 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_64015f894ce7c72a\serial.sys.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010.11.05 03:52:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2010.11.05 03:52:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2012.09.22 21:38:27 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2012.09.22 21:38:27 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2012.09.17 23:11:03 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 07:37:34 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_edb61e94e4562781_serialui.dll.mui_7d29d2a3
[2009.07.14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2012.09.17 23:11:07 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 07:37:35 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b_serialui.dll.mui_7d29d2a3
[2009.07.14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 19:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 15:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010.11.20 06:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 20:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012.10.05 20:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2010.11.20 06:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 20:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012.10.05 20:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2010.11.20 05:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2009.07.14 05:17:48 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2009.07.14 04:42:40 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2012.10.05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 20:09:41 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_en-us_8f4bb639bfcd9db1.manifest
[2012.10.05 21:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2012.10.05 19:57:17 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_en-us_787a117bd97892a9.manifest
[2010.11.20 05:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2010.11.20 05:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.11 00:10:20 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 03:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2009.06.08 20:39:36 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.14 04:38:14 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 04:10:04 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll
[color=#A23BEC]< *w7lxe* /s >[/color]
< End of report >Re: Prosím o preventivní kontrolu pc
Kód: Vybrat vše
OTL Extras logfile created on: 13.7.2013 19:20:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\roverider\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,89 Gb Total Physical Memory | 2,39 Gb Available Physical Memory | 61,38% Memory free
7,78 Gb Paging File | 6,18 Gb Available in Paging File | 79,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 62,86 Gb Total Space | 1,43 Gb Free Space | 2,27% Space Free | Partition Type: NTFS
Drive D: | 48,83 Gb Total Space | 0,18 Gb Free Space | 0,37% Space Free | Partition Type: NTFS
Computer Name: ZYXEL | User Name: roverider | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
[color=#E56717]========== Shell Spawning ==========[/color]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [cmdcon] -- "C:\Program Files (x86)\pythonxy\console\console.exe" -d "%1" -t "Command Window" (Ingenuity Unlimited Ltd.)
Directory [cmdpy] -- "C:\Program Files (x86)\pythonxy\console\console.exe" -d "%1" -t "IPython (sh)" (Ingenuity Unlimited Ltd.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [cmdcon] -- "C:\Program Files (x86)\pythonxy\console\console.exe" -d "%1" -t "Command Window" (Ingenuity Unlimited Ltd.)
Directory [cmdpy] -- "C:\Program Files (x86)\pythonxy\console\console.exe" -d "%1" -t "IPython (sh)" (Ingenuity Unlimited Ltd.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
[color=#E56717]========== Security Center Settings ==========[/color]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[color=#E56717]========== Firewall Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[color=#E56717]========== Authorized Applications List ==========[/color]
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{37E6624B-9411-4A81-8C6F-A28AB754BFC6}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{4E61FD2D-0711-401E-8111-948E327D9C1E}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4EFDF15E-DF4E-416E-BBF9-C07F88A40DA7}" = lport=27022 | protocol=6 | dir=in | name=war thunder |
"{4F2D0E45-7A91-428E-AD45-1820B5085DC8}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{4FD8F359-E60E-4ABB-B544-F11C37C9D93A}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{50F79EB2-0104-4E89-B25C-C80B8012C56A}" = lport=20010 | protocol=17 | dir=in | name=war thunder |
"{64543CA6-2FE7-4BB5-8CF3-2D0320966DCC}" = lport=80 | protocol=6 | dir=in | name=war thunder |
"{6DD38BEB-49A1-4BC9-A1FD-606E7D83AEED}" = lport=3478 | protocol=17 | dir=in | name=war thunder |
"{8C14F33D-8730-417A-8545-0759C6D18F74}" = lport=20443 | protocol=6 | dir=in | name=war thunder |
"{93E714F3-9A99-4376-A52B-28142B7D3F1E}" = lport=7850 | protocol=6 | dir=in | name=war thunder |
"{A869CCB1-4606-4E6B-8642-9CC463887022}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B8F689FB-EE22-4F37-80D0-77549234CB45}" = lport=8090 | protocol=6 | dir=in | name=war thunder |
"{BD6ABF90-F6CA-47DF-8C30-6847BDA5F6B9}" = lport=33333 | protocol=6 | dir=in | name=war thunder |
"{D784C871-E181-4672-887A-0B9F1FD702C2}" = lport=6881 | protocol=6 | dir=in | name=war thunder |
"{DC263B4F-39F5-41CB-974D-596346D013B2}" = lport=443 | protocol=6 | dir=in | name=war thunder |
"{FED1B963-48F4-4EA2-8AB3-5F93E487A427}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{15501725-7095-4D1B-BB76-2EFB40EAF9A4}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1DE9B8C9-9B8C-4033-B181-0E443BD0A9F5}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{3CEFEE2D-8A74-4252-BBE2-B74E81A8C2EB}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{54DA1040-CA99-4389-8682-CFCEDE41C4E2}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\comodo\geekbuddyrsp.exe |
"{58E73EA7-EADF-40BC-BC26-EA810ABEFC87}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5F2569ED-6E14-46AC-BD23-887F3BC40330}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{609E5675-5EAF-4FCE-B1C1-7F97633A7466}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{61B5DDBB-3251-4246-9468-B172245DD8D7}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{A9D40270-ABF0-41B9-B35C-048D6E6A193A}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B3FF81A6-9109-4E42-A646-C4467607404D}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{BB45B85F-1AC3-474C-8E08-6876C109B0D0}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\comodo\geekbuddyrsp.exe |
"{D46A4A9B-1C8B-4392-A2AF-29B58A285C71}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"TCP Query User{EBB76691-F3B0-49C9-9DE5-AA4ED03A8AC4}C:\users\roverider\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\roverider\appdata\local\akamai\netsession_win.exe |
"UDP Query User{C2A8C6AF-EDFD-44D2-8E4A-6186BBECC29D}C:\users\roverider\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\roverider\appdata\local\akamai\netsession_win.exe |
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software Installer
"{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = MPC-HC 1.6.4.6052 (64-bit)
"{2EECD5EF-5095-467C-B80C-4AB3096EFD60}" = SPBA 5.9
"{30C2392C-C7D6-4FE2-9617-05D2C6E9D3EE}" = Wave Infrastructure Installer
"{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}" = Preboot Manager
"{3DCDFCDB-4D96-4CF0-9BB3-C91DAE9073F3}" = PC-CCID
"{4327107B-E95E-415C-9194-458FCED6BF12}" = Software Intel(R) PROSet/Wireless WiFi
"{4E60E212-3177-4B16-BCB3-616CCC52357D}" = Upek Touchchip Fingerprint Reader
"{5F5CBF39-BD29-43C8-B63A-B9758F0FD090}" = EMBASSY Client Core
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Centrum zařízení Windows Mobile
"{6AC87FB3-ACFC-4416-890C-8976D5A9B371}" = Trusted Drive Manager
"{7206B668-FEE0-455B-BB1F-9B5A2E0EC94A}" = Custom
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{91CE5F03-3A2A-4268-935A-04944F058AE9}" = Gemalto
"{9DAED4FC-2B0E-4F3F-8141-F2ABF02CCFCB}" = BioAPI Framework
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Data Protection | Access
"{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}" = COMODO Internet Security
"{E9A97832-83B6-42B6-BAC6-492E344C2561}" = NTRU TCG Software Stack
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F839C6BD-E92E-48FA-9CE6-7BFAF94F7096}" = DellAccess
"{FF79C05D-1E19-4FE5-BDD4-AAAFC28DDDDD}" = Dell ControlVault Host Components Installer 64 bit
"9512AA21B791B05A54E27065C45BBC417AB282DF" = Balíček ovladače systému Windows - Dell Inc. PBADRV System (09/11/2009 1.0.1.6)
"BatteryBar" = BatteryBar (remove only)
"CCleaner" = CCleaner
"GIMP-2_is1" = GIMP 2.8.4
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"ProInst" = Intel PROSet Wireless
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1E0AF527-0B8E-4F8A-BA27-CB3C359998C6}" = OpenOffice.org 3.4.1
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 33
"{2B818257-E6C7-4841-8C29-C5C9A982BCE5}" = RICOH R5U241 / R5C847 Media Driver ver.2.04.01.00
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{59E13EA0-9604-47DF-BEB7-3651E6E09221}" = Scope
"{5B119660-1788-11D8-8EB8-0050BF643EE7}" = digestIT 2004 - 64-bit Edition
"{703BB500-F54C-4F33-9D3C-D7A28CEAFBCF}" = toolkit32for64bit
"{8C0600A3-E772-4FC8-A67D-ED110E69665C}" = Wave Crypto Runtime 2.0.7.0 x86
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A47642B2-4CB5-4325-8093-C88D4747953F}" = GeekBuddy
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{AC76BA86-7AD7-5760-0000-A00000000003}" = Japanese Fonts Support For Adobe Reader X
"{ADD050EC-6B50-437F-807B-FF9F29216FA5}_is1" = AnyPic JPG to PDF Converter 1.0.2
"{B96D2269-568B-4CBF-9332-12FAE8B158F7}" = Medieval CUE Splitter
"{C0C31BCC-56FB-42a7-8766-D29E1BD74C7C}" = Python 2.7.3
"{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}" = System Requirements Lab for Intel
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = Pandora Service
"5513-1208-7298-9440" = JDownloader 0.9
"7-Zip" = 7-Zip 9.22beta
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Agros2D_is1" = Agros2D 2.0.2.1173 (2012-10-09)
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.83
"EAGLE 6.2.0" = EAGLE 6.2.0
"EAGLE 6.3.0" = EAGLE 6.3.0
"Formica Layout_is1" = Formica 4.40 Layout, Free / Evaluation Edition
"Formica Schematic_is1" = Formica 4.40 Schematic, Free / Evaluation Edition
"FreeMat" = FreeMat
"LTspice IV" = LTspice IV
"Mozilla Firefox 22.0 (x86 cs)" = Mozilla Firefox 22.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Opera 12.16.1860" = Opera 12.16
"Opera 15.0.1147.61" = Opera Next 15.0.1147.61
"Orcad Family Release 9.2 Standalone" = Orcad Family Release 9.2 Standalone
"PyQt4 - PyQwt5 5.2.1.4" = PyQt4 - PyQwt5 5.2.1.4
"PyQt4 - QtHelp 4.8.2" = PyQt4 - QtHelp 4.8.2
"Python 2.7 - cx_Freeze 4.3" = Python 2.7 - cx_Freeze 4.3
"Python 2.7 - distribute 0.6.30-1" = Python 2.7 - distribute 0.6.30-1
"Python 2.7 - docutils 0.9.1" = Python 2.7 - docutils 0.9.1
"Python 2.7 - EnthoughtToolSuite 4.2.0-1" = Python 2.7 - EnthoughtToolSuite 4.2.0-1
"Python 2.7 - formlayout 1.0.9" = Python 2.7 - formlayout 1.0.9
"Python 2.7 - Gnuplot 1.8.0.3" = Python 2.7 - Gnuplot 1.8.0.3
"Python 2.7 - guidata 1.5.0" = Python 2.7 - guidata 1.5.0
"Python 2.7 - guiqwt 2.2.0" = Python 2.7 - guiqwt 2.2.0
"Python 2.7 - h5py 2.1.0" = Python 2.7 - h5py 2.1.0
"Python 2.7 - IPython 0.13.1-1" = Python 2.7 - IPython 0.13.1-1
"Python 2.7 - jinja2 2.6.0.1" = Python 2.7 - jinja2 2.6.0.1
"Python 2.7 - matplotlib 1.1.1" = Python 2.7 - matplotlib 1.1.1
"Python 2.7 - nose 1.2.1" = Python 2.7 - nose 1.2.1
"Python 2.7 - numexpr 2.0.1" = Python 2.7 - numexpr 2.0.1
"Python 2.7 - numpy 1.6.2" = Python 2.7 - numpy 1.6.2
"Python 2.7 - pandas 0.9.0-1" = Python 2.7 - pandas 0.9.0-1
"Python 2.7 - PIL 1.1.7.2" = Python 2.7 - PIL 1.1.7.2
"Python 2.7 - ply 3.4" = Python 2.7 - ply 3.4
"Python 2.7 - psutils 0.6.1" = Python 2.7 - psutils 0.6.1
"Python 2.7 - py2exe 0.6.9" = Python 2.7 - py2exe 0.6.9
"Python 2.7 - pyfits 3.1" = Python 2.7 - pyfits 3.1
"Python 2.7 - pygments 1.5.0" = Python 2.7 - pygments 1.5.0
"Python 2.7 - pylint 0.26-1" = Python 2.7 - pylint 0.26-1
"Python 2.7 - PyOpenGL 3.0.2-1" = Python 2.7 - PyOpenGL 3.0.2-1
"Python 2.7 - PyQt4 4.9.4" = Python 2.7 - PyQt4 4.9.4
"Python 2.7 - pyreadline 1.7.1" = Python 2.7 - pyreadline 1.7.1
"Python 2.7 - pytables 2.4.0" = Python 2.7 - pytables 2.4.0
"Python 2.7 - pywin32 218-1" = Python 2.7 - pywin32 218-1
"Python 2.7 - pyzmq 2.2.0.1-1" = Python 2.7 - pyzmq 2.2.0.1-1
"Python 2.7 - reportlab 2.6" = Python 2.7 - reportlab 2.6
"Python 2.7 - scipy 0.11.0" = Python 2.7 - scipy 0.11.0
"Python 2.7 - sphinx 1.1.3.1" = Python 2.7 - sphinx 1.1.3.1
"Python 2.7 - spyder 2.1.11" = Python 2.7 - spyder 2.1.11
"Python 2.7 - SQLAlchemy 0.7.9-1" = Python 2.7 - SQLAlchemy 0.7.9-1
"Python 2.7 - tornado 2.4" = Python 2.7 - tornado 2.4
"Python 2.7 - veusz 1.16" = Python 2.7 - veusz 1.16
"Python 2.7 - virtualenv 1.8.2-1" = Python 2.7 - virtualenv 1.8.2-1
"Python 2.7 - vitables 2.1.0.3" = Python 2.7 - vitables 2.1.0.3
"Python 2.7 - vtk 5.10.0" = Python 2.7 - vtk 5.10.0
"Python 2.7 - wxPython 2.8.12.1" = Python 2.7 - wxPython 2.8.12.1
"Python 2.7 - xy 1.2.15" = Python 2.7 - xy 1.2.15
"Python(x,y)" = Python(x,y)
"Python(x,y) - console 2.0.148.7" = Python(x,y) - console 2.0.148.7
"Python(x,y) - mingw 4.5.2.3" = Python(x,y) - mingw 4.5.2.3
"Python(x,y) - SciTE 3.2.2-1" = Python(x,y) - SciTE 3.2.2-1
"Python(x,y) - xydoc 1.0.5.1" = Python(x,y) - xydoc 1.0.5.1
"SpeedFan" = SpeedFan (remove only)
"The KMPlayer" = The KMPlayer (remove only)
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 2.0.3
"Winamp" = Winamp
"WinPcapInst" = WinPcap 4.1.3
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"Wireshark" = Wireshark 1.9.2 (64-bit)
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
[HKEY_USERS\S-1-5-21-2024753922-1944551006-234841966-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"QIP 2012" = QIP 2012 4.0.7221
"Winamp Detect" = Winamp Detector Plug-in
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
[ Application Events ]
Error - 28.4.2013 16:41:02 | Computer Name = roveride_atg | Source = RapiMgr | ID = 8
Description = Zařízení se systémem Windows Mobile se nepodařilo připojit z důvodu
chyby communication (0x80072745) (viz data pro kód chyby).
Error - 13.5.2013 11:55:29 | Computer Name = roveride_atg | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Wireshark.exe, verze: 1.9.2.48626, časové
razítko: 0x51548fb4 Název chybujícího modulu: wiretap-1.9.0.dll, verze: 1.9.0.0,
časové razítko: 0x51548ed8 Kód výjimky: 0xc0000005 Posun chyby: 0x0000000000010e15
ID
chybujícího procesu: 0x147c Čas spuštění chybující aplikace: 0x01ce4ff19a75c07a Cesta
k chybující aplikaci: C:\Program Files\Wireshark\Wireshark.exe Cesta k chybujícímu
modulu: C:\Program Files\Wireshark\wiretap-1.9.0.dll ID zprávy: 8830fcd4-bbe5-11e2-87f5-0024e8a1756b
Error - 25.5.2013 11:10:43 | Computer Name = zyxel | Source = Application Error | ID = 1000
Description = Název chybující aplikace: firefox.exe, verze: 20.0.1.4847, časové
razítko: 0x51650aee Název chybujícího modulu: xul.dll, verze: 20.0.1.4847, časové
razítko: 0x51650a09 Kód výjimky: 0xc0000005 Posun chyby: 0x000b10e8 ID chybujícího
procesu: 0x960 Čas spuštění chybující aplikace: 0x01ce560772a40539 Cesta k chybující
aplikaci: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\Mozilla Firefox\xul.dll ID zprávy: 4436f7fd-c54d-11e2-83c7-0024e8a1756b
Error - 12.6.2013 21:00:31 | Computer Name = zyxel | Source = System Restore | ID = 8193
Description =
Error - 12.6.2013 21:00:43 | Computer Name = zyxel | Source = System Restore | ID = 8193
Description =
Error - 27.6.2013 10:06:14 | Computer Name = zyxel | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Users\roverider\AppData\Local\Temp\KMP_3.6.0.87.exe
se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti požadovaná
aplikací je v konfliktu s jinou verzí součásti, která je již aktivní. Konfliktní
součásti: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 30.6.2013 12:29:09 | Computer Name = zyxel | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cmdagent.exe, verze: 5.12.59641.2599, časové
razítko: 0x509adadb Název chybujícího modulu: cmdagent.exe, verze: 5.12.59641.2599,
časové razítko: 0x509adadb Kód výjimky: 0x40000015 Posun chyby: 0x0000000000061c72
ID
chybujícího procesu: 0x3a4 Čas spuštění chybující aplikace: 0x01ce7594ed25b5e7 Cesta
k chybující aplikaci: C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
Cesta
k chybujícímu modulu: C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
ID
zprávy: 30148338-e1a2-11e2-866c-0024e8a1756b
Error - 1.7.2013 10:17:14 | Computer Name = zyxel | Source = PandoraService.exe | ID = 0
Description =
Error - 10.7.2013 21:06:29 | Computer Name = zyxel | Source = Application Hang | ID = 1002
Description = Program opera.exe verze 12.16.1860.0 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
1114 Čas spuštění: 01ce7b75faa8b2f3 Čas ukončení: 46 Cesta k aplikaci: C:\Program
Files (x86)\Opera\opera.exe ID hlášení: 13d93654-e9c6-11e2-98d7-0024e8a1756b
Error - 12.7.2013 23:44:52 | Computer Name = zyxel | Source = Application Error | ID = 1000
Description = Název chybující aplikace: cmdagent.exe, verze: 5.12.59641.2599, časové
razítko: 0x509adadb Název chybujícího modulu: cmdagent.exe, verze: 5.12.59641.2599,
časové razítko: 0x509adadb Kód výjimky: 0x40000015 Posun chyby: 0x0000000000061c72
ID
chybujícího procesu: 0x38c Čas spuštění chybující aplikace: 0x01ce7f2b2fc4a317 Cesta
k chybující aplikaci: C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
Cesta
k chybujícímu modulu: C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
ID
zprávy: 92ab0e7e-eb6e-11e2-ba07-0024e8a1756b
[ System Events ]
Error - 9.6.2013 18:39:49 | Computer Name = zyxel | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (0:38:26, ?10.?6.?2013) bylo neočekávané.
Error - 9.6.2013 18:39:51 | Computer Name = zyxel | Source = Service Control Manager | ID = 7001
Description = Služba NTRU TSS v1.2.1.37 TCS závisí na službě Služba TPM Base Services,
která neuspěla při spuštění v důsledku následující chyby: %%0
Error - 9.6.2013 18:39:59 | Computer Name = zyxel | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: CFRMD
Error - 12.6.2013 21:01:42 | Computer Name = zyxel | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Instalace se nezdařila: Instalování následující aktualizace se nezdařilo
z důvodu chyby (0x80070070): Kumulativní aktualizace zabezpečení aplikace Internet
Explorer 10 pro Windows 7 Service Pack 1 (KB2838727).
Error - 12.6.2013 21:08:19 | Computer Name = zyxel | Source = Service Control Manager | ID = 7001
Description = Služba NTRU TSS v1.2.1.37 TCS závisí na službě Služba TPM Base Services,
která neuspěla při spuštění v důsledku následující chyby: %%0
Error - 12.6.2013 21:08:28 | Computer Name = zyxel | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: CFRMD
Error - 13.6.2013 6:11:37 | Computer Name = zyxel | Source = Service Control Manager | ID = 7001
Description = Služba NTRU TSS v1.2.1.37 TCS závisí na službě Služba TPM Base Services,
která neuspěla při spuštění v důsledku následující chyby: %%0
Error - 13.6.2013 6:13:09 | Computer Name = zyxel | Source = Service Control Manager | ID = 7022
Description = Služba EmbassyService přestala během spouštění reagovat.
Error - 13.6.2013 6:13:09 | Computer Name = zyxel | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: CFRMD
Error - 13.6.2013 16:52:49 | Computer Name = zyxel | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.
< End of report >
Re: Prosím o preventivní kontrolu pc
Nedavejte logy do code, blbe se to cte
Jen se jeste zeptam, jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o preventivní kontrolu pc
Nechal jsem proběhnout kompletní kontrolu, nebylo objeveno nic.
Avšak MBAM vyhazuje bubliny každejch 20s že blokuje pandoraservice.exe který se pokouší připojit na 111.111.111.111 port 6xxx kde x každým pokusem roste.
pandora service se nachází na C:\Program Files (x86)\PANDORA.TV\PanService
co jsem vyčetl mělo by to být něco přibalenýho ke kmplayeru.
Tak jsem to odinstaloval a zdá se že je klid.
Jinak systém je legální, byl dodán s notebookem koupeným v Anglii (repasovaný Dell Latitude E6400 ATG) včetně instalačních médií 64bit + 32bit .
Avšak MBAM vyhazuje bubliny každejch 20s že blokuje pandoraservice.exe který se pokouší připojit na 111.111.111.111 port 6xxx kde x každým pokusem roste.
pandora service se nachází na C:\Program Files (x86)\PANDORA.TV\PanService
co jsem vyčetl mělo by to být něco přibalenýho ke kmplayeru.
Tak jsem to odinstaloval a zdá se že je klid.
Jinak systém je legální, byl dodán s notebookem koupeným v Anglii (repasovaný Dell Latitude E6400 ATG) včetně instalačních médií 64bit + 32bit .
Re: Prosím o preventivní kontrolu pc
Otevrel jste Pandorinu skrinkuroverider píše:pandora service
MBAM odinstalujte, at se nepere s Comodem. Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Prohledat a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner[R?].txt ), ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o preventivní kontrolu pc
# AdwCleaner v2.305 - Log vytvooen 14/07/2013 v 10:30:50
# Aktualizováno 11/07/2013 Xplode
# Operaení systém : Windows 7 Ultimate Service Pack 1 (64 bits)
# Uživatel : roverider - ZYXEL
# Spuštin systém : Normální
# Spuštino z : C:\Users\roverider\Desktop\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Nalezeno : C:\ProgramData\Ask
***** [Registry] *****
Klíe Nalezeno : HKCU\Software\APN PIP
Klíe Nalezeno : HKCU\Software\PIP
Klíe Nalezeno : HKLM\Software\PIP
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16635
[OK] Registry jsou eisté.
-\\ Mozilla Firefox v22.0 (cs)
Soubor : C:\Users\roverider\AppData\Roaming\Mozilla\Firefox\Profiles\hxfyhywt.default\prefs.js
[OK] Soubor je eistý.
-\\ Opera v12.16.1860.0
Soubor : C:\Users\roverider\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [1090 octets] - [14/07/2013 10:26:04]
AdwCleaner[R2].txt - [1151 octets] - [14/07/2013 10:29:26]
AdwCleaner[R3].txt - [1082 octets] - [14/07/2013 10:30:50]
########## EOF - C:\AdwCleaner[R3].txt - [1142 octets] ##########
# Aktualizováno 11/07/2013 Xplode
# Operaení systém : Windows 7 Ultimate Service Pack 1 (64 bits)
# Uživatel : roverider - ZYXEL
# Spuštin systém : Normální
# Spuštino z : C:\Users\roverider\Desktop\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Nalezeno : C:\ProgramData\Ask
***** [Registry] *****
Klíe Nalezeno : HKCU\Software\APN PIP
Klíe Nalezeno : HKCU\Software\PIP
Klíe Nalezeno : HKLM\Software\PIP
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16635
[OK] Registry jsou eisté.
-\\ Mozilla Firefox v22.0 (cs)
Soubor : C:\Users\roverider\AppData\Roaming\Mozilla\Firefox\Profiles\hxfyhywt.default\prefs.js
[OK] Soubor je eistý.
-\\ Opera v12.16.1860.0
Soubor : C:\Users\roverider\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [1090 octets] - [14/07/2013 10:26:04]
AdwCleaner[R2].txt - [1151 octets] - [14/07/2013 10:29:26]
AdwCleaner[R3].txt - [1082 octets] - [14/07/2013 10:30:50]
########## EOF - C:\AdwCleaner[R3].txt - [1142 octets] ##########
Re: Prosím o preventivní kontrolu pc
Znovu ukoncete vsechny programy a spustte AdwCleaner jako spravce.Tentokrat kliknete na Smazat
Program zacne pracovat (muze dojit k restartu pc) a vyplivne dalsi log (pripadne bude zde C:\AdwCleaner [S1].txt ). Ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o preventivní kontrolu pc
# AdwCleaner v2.305 - Log vytvooen 14/07/2013 v 11:39:47
# Aktualizováno 11/07/2013 Xplode
# Operaení systém : Windows 7 Ultimate Service Pack 1 (64 bits)
# Uživatel : roverider - ZYXEL
# Spuštin systém : Normální
# Spuštino z : C:\Users\roverider\Desktop\adwcleaner.exe
# Volba [Vymazat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Vymazáno : C:\ProgramData\Ask
***** [Registry] *****
Klíe Vymazáno : HKCU\Software\APN PIP
Klíe Vymazáno : HKCU\Software\PIP
Klíe Vymazáno : HKLM\Software\PIP
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16635
[OK] Registry jsou eisté.
-\\ Mozilla Firefox v22.0 (cs)
Soubor : C:\Users\roverider\AppData\Roaming\Mozilla\Firefox\Profiles\hxfyhywt.default\prefs.js
[OK] Soubor je eistý.
-\\ Opera v12.16.1860.0
Soubor : C:\Users\roverider\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [1090 octets] - [14/07/2013 10:26:04]
AdwCleaner[R2].txt - [1151 octets] - [14/07/2013 10:29:26]
AdwCleaner[R3].txt - [1211 octets] - [14/07/2013 10:30:50]
AdwCleaner[S1].txt - [1140 octets] - [14/07/2013 11:39:47]
########## EOF - C:\AdwCleaner[S1].txt - [1200 octets] ##########
# Aktualizováno 11/07/2013 Xplode
# Operaení systém : Windows 7 Ultimate Service Pack 1 (64 bits)
# Uživatel : roverider - ZYXEL
# Spuštin systém : Normální
# Spuštino z : C:\Users\roverider\Desktop\adwcleaner.exe
# Volba [Vymazat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Vymazáno : C:\ProgramData\Ask
***** [Registry] *****
Klíe Vymazáno : HKCU\Software\APN PIP
Klíe Vymazáno : HKCU\Software\PIP
Klíe Vymazáno : HKLM\Software\PIP
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16635
[OK] Registry jsou eisté.
-\\ Mozilla Firefox v22.0 (cs)
Soubor : C:\Users\roverider\AppData\Roaming\Mozilla\Firefox\Profiles\hxfyhywt.default\prefs.js
[OK] Soubor je eistý.
-\\ Opera v12.16.1860.0
Soubor : C:\Users\roverider\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [1090 octets] - [14/07/2013 10:26:04]
AdwCleaner[R2].txt - [1151 octets] - [14/07/2013 10:29:26]
AdwCleaner[R3].txt - [1211 octets] - [14/07/2013 10:30:50]
AdwCleaner[S1].txt - [1140 octets] - [14/07/2013 11:39:47]
########## EOF - C:\AdwCleaner[S1].txt - [1200 octets] ##########
Re: Prosím o preventivní kontrolu pc
Dejte novy log z RSIT
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o preventivní kontrolu pc
Logfile of random's system information tool 1.09 (written by random/random)
Run by roverider at 2013-07-14 13:42:47
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 5 GB (8%) free of 64 GB
Total RAM: 3984 MB (19% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:42:49, on 14.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal
Running processes:
C:\Users\roverider\AppData\Local\Akamai\netsession_win.exe
C:\Users\roverider\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\QIP 2012\qip.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files\trend micro\roverider.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [gbrspcontrol] "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\roverider\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [ShowBatteryBar] "C:\Program Files\BatteryBar\ShowBatteryBar.exe" show
O4 - HKCU\..\Run: [Infium] "C:\Program Files (x86)\QIP 2012\qip.exe" /autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Start GeekBuddy.lnk = C:\Program Files (x86)\COMODO\GeekBuddy\launcher.exe
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} (DellSystemLite.Scanner) - http://support.dell.com/systemprofiler/ ... emLite.CAB
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions Inc. - C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Credential Vault Host Control Service - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
O23 - Service: Credential Vault Host Storage - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EmbassyService - Unknown owner - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GeekBuddyRSP Service (GeekBuddyRSP) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\STacSV64.exe
O23 - Service: NTRU TSS v1.2.1.37 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
O23 - Service: TdmService - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: Wave Authentication Manager Service - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WvPCR - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe
--
End of file - 10558 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\STacSV64.exe
"C:\Program Files\Common Files\SPBA\upeksvr.exe"
C:\Windows\system32\WLANExt.exe 33129632
\??\C:\Windows\system32\conhost.exe "2004209663-443393501675478033796698800232006770-12776235257727761141306182377
C:\Windows\System32\spoolsv.exe
"C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe"
"C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\AESTSr64.exe
"C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe"
"C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -service
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-4b3bbbbc-d241-4e61-8ed9-ed38261362f5 -SystemEventPortName:HostProcess-3abfb03b-2c9b-4afb-9ed1-e9c79be9b7e0 -IoCancelEventPortName:HostProcess-1f16b26f-bbb7-4410-95bc-b1c14f3001b2 -NonStateChangingEventPortName:HostProcess-3925c193-e3d3-485c-a64b-b8337e59e9b5 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:0746d43a-5d29-42f9-942b-c198ce503cfe -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-6d01aa69-d875-4ec9-8d3e-498096fe395e -SystemEventPortName:HostProcess-adecb996-6b0a-48ff-9e24-bec70687346d -IoCancelEventPortName:HostProcess-75f4b556-0032-41aa-a318-e24c496a79d8 -NonStateChangingEventPortName:HostProcess-2079a986-059a-4f33-a482-e746b2f15528 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:84aabf55-dde5-44b9-9a1e-ed365391a0a3 -DeviceGroupId:
"C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
"C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe"
"C:\Program Files\DellTPad\Apoint.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Windows\WindowsMobile\wmdc.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\DellTPad\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"Apntex.exe"
C:\Windows\system32\svchost.exe -k WindowsMobile
\??\C:\Windows\system32\conhost.exe "161058413-918476802-774703337-2067199568-1380505355-19960422527001077061701673109
"C:\Program Files\DellTPad\HidFind.exe"
"C:\Users\roverider\AppData\Local\Akamai\netsession_win.exe"
"C:/Users/roverider/AppData/Local/Akamai/netsession_win.exe" --client
"C:\Program Files (x86)\QIP 2012\qip.exe" /autorun
"C:\Windows\system32\NOTEPAD.EXE" C:\AdwCleaner[S1].txt
"C:\Program Files (x86)\Winamp\winampa.exe"
"C:\Program Files (x86)\COMODO\GeekBuddy\unit_manager.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
"C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
"C:\Program Files (x86)\COMODO\GeekBuddy\unit" "\"C:/Program Files (x86)/COMODO/GeekBuddy/lps-cspm\""
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
"C:\Windows\system32\cmd.exe"
\??\C:\Windows\system32\conhost.exe "8787626591460562018213848334-707758327-1633874641-1384485723-1306995138-169793816
"C:\Program Files (x86)\Opera\opera.exe"
"C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe" /o /eo /l /b /id 4584
"C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe" --channel=1256.0018F77C.1609468012 --type=renderer /o /eo /l /b /id 4584
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\roverider\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\roverider\AppData\Roaming\Mozilla\Firefox\Profiles\hxfyhywt.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33]
"Description"=
"Path"=C:\Windows\SysWOW64\npdeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
npwachk.dll
C:\Users\roverider\AppData\Roaming\Mozilla\Firefox\Profiles\hxfyhywt.default\extensions\
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-09-17 329520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-09-17 59184]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2012-11-08 9577680]
"TdmNotify"=C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe [2011-12-08 381296]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2011-01-04 592240]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-03-09 487424]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-11-14 163360]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-11-14 387616]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-11-14 418336]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"=C:\Users\roverider\AppData\Local\Akamai\netsession_win.exe [2013-06-05 4489472]
"ShowBatteryBar"=C:\Program Files\BatteryBar\ShowBatteryBar.exe [2009-05-28 89600]
"Infium"=C:\Program Files (x86)\QIP 2012\qip.exe [2012-03-23 7351760]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2012-06-28 74752]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2011-03-07 89456]
"gbrspcontrol"=C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2013-04-17 1851088]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Start GeekBuddy.lnk - C:\Program Files (x86)\COMODO\GeekBuddy\launcher.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\Windows\SysWOW64\guard32.dll C:\Windows\system32\guard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-11-14 272384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\spba]
C:\Program Files\Common Files\SPBA\homefus2.dll [2010-09-15 2305872]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
wvauth
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-07-14 11:39:47 ----A---- C:\AdwCleaner[S1].txt
2013-07-14 10:30:50 ----A---- C:\AdwCleaner[R3].txt
2013-07-14 10:29:26 ----A---- C:\AdwCleaner[R2].txt
2013-07-14 10:26:04 ----A---- C:\AdwCleaner[R1].txt
2013-07-13 21:03:00 ----D---- C:\Users\roverider\AppData\Roaming\Malwarebytes
2013-07-13 21:02:16 ----D---- C:\ProgramData\Malwarebytes
2013-07-13 21:02:16 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-07-13 21:02:15 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-12 18:23:31 ----D---- C:\rsit
2013-07-12 18:23:31 ----D---- C:\Program Files\trend micro
2013-07-12 18:05:18 ----D---- C:\Program Files\CCleaner
2013-07-11 03:06:04 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-07-11 03:06:04 ----A---- C:\Windows\system32\ieui.dll
2013-07-11 03:06:03 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-07-11 03:06:03 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-07-11 03:06:03 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-07-11 03:06:03 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-07-11 03:06:03 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-07-11 03:06:03 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-11 03:06:03 ----A---- C:\Windows\system32\iesysprep.dll
2013-07-11 03:06:03 ----A---- C:\Windows\system32\iesetup.dll
2013-07-11 03:06:03 ----A---- C:\Windows\system32\iertutil.dll
2013-07-11 03:06:03 ----A---- C:\Windows\system32\iernonce.dll
2013-07-11 03:06:03 ----A---- C:\Windows\system32\ie4uinit.exe
2013-07-11 03:06:02 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-07-11 03:06:02 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-07-11 03:06:02 ----A---- C:\Windows\system32\msfeeds.dll
2013-07-11 03:06:02 ----A---- C:\Windows\system32\jscript.dll
2013-07-11 03:06:01 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-07-11 03:06:01 ----A---- C:\Windows\system32\jscript9.dll
2013-07-11 03:06:00 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-07-11 03:06:00 ----A---- C:\Windows\system32\urlmon.dll
2013-07-11 03:05:58 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-07-11 03:05:58 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-07-11 03:05:58 ----A---- C:\Windows\system32\wininet.dll
2013-07-11 03:05:58 ----A---- C:\Windows\system32\jsproxy.dll
2013-07-11 03:05:56 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-07-11 03:05:54 ----A---- C:\Windows\system32\ieframe.dll
2013-07-11 03:05:53 ----A---- C:\Windows\system32\mshtml.dll
2013-07-11 03:05:50 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-07-10 11:16:45 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-07-10 11:16:45 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-07-10 11:16:45 ----A---- C:\Windows\system32\qedit.dll
2013-07-10 11:16:44 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-07-10 11:16:32 ----A---- C:\Windows\system32\win32k.sys
2013-07-10 11:16:19 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-07-10 11:16:19 ----A---- C:\Windows\system32\DWrite.dll
2013-07-02 21:50:37 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-06-27 16:33:47 ----D---- C:\Program Files (x86)\digestIT 2004
2013-06-27 16:15:08 ----D---- C:\Program Files (x86)\Mozilla Firefox.bak
2013-06-18 13:26:44 ----D---- C:\Program Files (x86)\Medieval Software
2013-06-17 19:54:16 ----D---- C:\Users\roverider\AppData\Roaming\Opera Software
2013-06-17 19:54:11 ----D---- C:\Program Files (x86)\Opera Next
======List of files/folders modified in the last 1 month======
2013-07-14 12:49:50 ----D---- C:\Program Files (x86)\The KMPlayer
2013-07-14 11:54:24 ----D---- C:\Windows\system32\config
2013-07-14 11:45:38 ----D---- C:\Windows\System32
2013-07-14 11:45:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-07-14 11:45:37 ----D---- C:\Windows\inf
2013-07-14 11:42:49 ----D---- C:\Windows\system32\catroot2
2013-07-14 11:39:57 ----HD---- C:\ProgramData
2013-07-13 22:17:41 ----RD---- C:\Program Files (x86)
2013-07-13 21:03:11 ----D---- C:\Windows\Temp
2013-07-13 21:02:16 ----D---- C:\Windows\system32\drivers
2013-07-13 19:22:14 ----SHD---- C:\System Volume Information
2013-07-13 16:15:49 ----D---- C:\Windows
2013-07-13 11:05:54 ----D---- C:\Windows\SoftwareDistribution
2013-07-12 18:23:31 ----RD---- C:\Program Files
2013-07-12 18:13:51 ----D---- C:\Users\roverider\AppData\Roaming\Winamp
2013-07-12 18:13:51 ----D---- C:\Users\roverider\AppData\Roaming\Media Player Classic
2013-07-12 18:13:38 ----D---- C:\Windows\Panther
2013-07-12 18:13:37 ----D---- C:\Windows\Logs
2013-07-12 18:13:37 ----D---- C:\Windows\debug
2013-07-12 18:05:20 ----D---- C:\Windows\system32\Tasks
2013-07-12 12:00:01 ----D---- C:\Windows\Microsoft.NET
2013-07-12 11:59:41 ----RSD---- C:\Windows\assembly
2013-07-12 02:21:24 ----D---- C:\Windows\winsxs
2013-07-12 02:20:51 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-12 02:20:17 ----D---- C:\Windows\SysWOW64
2013-07-12 02:20:17 ----D---- C:\Program Files\Windows Journal
2013-07-12 02:20:17 ----D---- C:\Program Files\Windows Defender
2013-07-12 02:20:17 ----D---- C:\Program Files\Internet Explorer
2013-07-12 02:20:17 ----D---- C:\Program Files (x86)\Windows Defender
2013-07-12 02:20:17 ----D---- C:\Program Files (x86)\Internet Explorer
2013-07-11 03:14:16 ----SHD---- C:\Windows\Installer
2013-07-11 03:07:06 ----A---- C:\Windows\system32\MRT.exe
2013-07-11 03:06:13 ----D---- C:\Windows\system32\catroot
2013-07-08 02:43:41 ----D---- C:\Program Files (x86)\Opera
2013-07-06 22:46:43 ----D---- C:\Users\roverider\AppData\Roaming\vlc
2013-07-03 01:02:20 ----D---- C:\Windows\system32\NDF
2013-06-26 21:38:11 ----D---- C:\vid
2013-06-22 04:53:09 ----D---- C:\Program Files (x86)\JDownloader
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PBADRV;PBADRV; C:\Windows\system32\DRIVERS\PBADRV.sys [2012-09-17 32240]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2012-11-08 22736]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2012-11-08 584056]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2012-11-08 38144]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-17 40816]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2012-11-08 94288]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2008-11-05 67584]
R3 acpials;Filtr zařízení ALS Sensor; C:\Windows\system32\DRIVERS\acpials.sys [2009-07-14 9728]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x64; C:\Windows\system32\DRIVERS\Apfiltr.sys [2011-01-05 343160]
R3 cvusbdrv;Dell ControlVault; C:\Windows\System32\Drivers\cvusbdrv.sys [2012-03-19 45672]
R3 e1yexpress;Ovladač gigabitových síťových připojení Intel(R); C:\Windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-11-14 10629408]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2010-03-15 145408]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2010-07-14 7821312]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-03-09 505856]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 36352]
R3 WinUsb;Ovladač WinUSB; C:\Windows\system32\drivers\WinUSB.sys [2010-11-20 41984]
S1 CFRMD;CFRMD; C:\Windows\system32\DRIVERS\CFRMD.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 cpudrv64;cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-06-02 17864]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RTCore64;RTCore64; \??\C:\Program Files (x86)\RMClock\RTCore64.sys [2008-09-08 14352]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 19968]
S3 usbser;USB RS-232 Emulation Driver; C:\Windows\system32\DRIVERS\usbser.sys [2010-11-20 32768]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\AESTSr64.exe [2009-03-03 89600]
R2 CLPSLauncher;COMODO LPS Launcher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [2013-04-17 70344]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2012-11-08 2828408]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2012-03-19 1043872]
R2 Credential Vault Host Storage;Credential Vault Host Storage; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2012-03-19 36768]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EmbassyService;EmbassyService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [2012-01-17 218504]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2010-07-19 1429776]
R2 GeekBuddyRSP;GeekBuddyRSP Service; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2013-04-17 1851088]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-07-19 838928]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\STacSV64.exe [2010-03-09 244736]
R2 TdmService;TdmService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe [2011-12-08 4146032]
R2 Wave Authentication Manager Service;Wave Authentication Manager Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [2012-01-05 1679872]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
S2 tcsd_win32.exe;NTRU TSS v1.2.1.37 TCS; C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [2011-10-08 1637888]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12 256904]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-06-27 117144]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520]
S3 SecureStorageService;SecureStorageService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe [2011-11-11 2167176]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-09-18 1255736]
S3 WvPCR;WvPCR; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe [2012-01-16 198144]
-----------------EOF-----------------
Run by roverider at 2013-07-14 13:42:47
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 5 GB (8%) free of 64 GB
Total RAM: 3984 MB (19% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:42:49, on 14.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal
Running processes:
C:\Users\roverider\AppData\Local\Akamai\netsession_win.exe
C:\Users\roverider\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\QIP 2012\qip.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files\trend micro\roverider.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [gbrspcontrol] "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\roverider\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [ShowBatteryBar] "C:\Program Files\BatteryBar\ShowBatteryBar.exe" show
O4 - HKCU\..\Run: [Infium] "C:\Program Files (x86)\QIP 2012\qip.exe" /autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Start GeekBuddy.lnk = C:\Program Files (x86)\COMODO\GeekBuddy\launcher.exe
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} (DellSystemLite.Scanner) - http://support.dell.com/systemprofiler/ ... emLite.CAB
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions Inc. - C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Credential Vault Host Control Service - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
O23 - Service: Credential Vault Host Storage - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EmbassyService - Unknown owner - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GeekBuddyRSP Service (GeekBuddyRSP) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\STacSV64.exe
O23 - Service: NTRU TSS v1.2.1.37 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
O23 - Service: TdmService - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: Wave Authentication Manager Service - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WvPCR - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe
--
End of file - 10558 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\STacSV64.exe
"C:\Program Files\Common Files\SPBA\upeksvr.exe"
C:\Windows\system32\WLANExt.exe 33129632
\??\C:\Windows\system32\conhost.exe "2004209663-443393501675478033796698800232006770-12776235257727761141306182377
C:\Windows\System32\spoolsv.exe
"C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe"
"C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\AESTSr64.exe
"C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe"
"C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -service
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-4b3bbbbc-d241-4e61-8ed9-ed38261362f5 -SystemEventPortName:HostProcess-3abfb03b-2c9b-4afb-9ed1-e9c79be9b7e0 -IoCancelEventPortName:HostProcess-1f16b26f-bbb7-4410-95bc-b1c14f3001b2 -NonStateChangingEventPortName:HostProcess-3925c193-e3d3-485c-a64b-b8337e59e9b5 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:0746d43a-5d29-42f9-942b-c198ce503cfe -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-6d01aa69-d875-4ec9-8d3e-498096fe395e -SystemEventPortName:HostProcess-adecb996-6b0a-48ff-9e24-bec70687346d -IoCancelEventPortName:HostProcess-75f4b556-0032-41aa-a318-e24c496a79d8 -NonStateChangingEventPortName:HostProcess-2079a986-059a-4f33-a482-e746b2f15528 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:84aabf55-dde5-44b9-9a1e-ed365391a0a3 -DeviceGroupId:
"C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
"C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe"
"C:\Program Files\DellTPad\Apoint.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Windows\WindowsMobile\wmdc.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\DellTPad\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"Apntex.exe"
C:\Windows\system32\svchost.exe -k WindowsMobile
\??\C:\Windows\system32\conhost.exe "161058413-918476802-774703337-2067199568-1380505355-19960422527001077061701673109
"C:\Program Files\DellTPad\HidFind.exe"
"C:\Users\roverider\AppData\Local\Akamai\netsession_win.exe"
"C:/Users/roverider/AppData/Local/Akamai/netsession_win.exe" --client
"C:\Program Files (x86)\QIP 2012\qip.exe" /autorun
"C:\Windows\system32\NOTEPAD.EXE" C:\AdwCleaner[S1].txt
"C:\Program Files (x86)\Winamp\winampa.exe"
"C:\Program Files (x86)\COMODO\GeekBuddy\unit_manager.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
"C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
"C:\Program Files (x86)\COMODO\GeekBuddy\unit" "\"C:/Program Files (x86)/COMODO/GeekBuddy/lps-cspm\""
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
"C:\Windows\system32\cmd.exe"
\??\C:\Windows\system32\conhost.exe "8787626591460562018213848334-707758327-1633874641-1384485723-1306995138-169793816
"C:\Program Files (x86)\Opera\opera.exe"
"C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe" /o /eo /l /b /id 4584
"C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe" --channel=1256.0018F77C.1609468012 --type=renderer /o /eo /l /b /id 4584
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\roverider\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\roverider\AppData\Roaming\Mozilla\Firefox\Profiles\hxfyhywt.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33]
"Description"=
"Path"=C:\Windows\SysWOW64\npdeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
npwachk.dll
C:\Users\roverider\AppData\Roaming\Mozilla\Firefox\Profiles\hxfyhywt.default\extensions\
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-09-17 329520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-09-17 59184]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2012-11-08 9577680]
"TdmNotify"=C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe [2011-12-08 381296]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2011-01-04 592240]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-03-09 487424]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-11-14 163360]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-11-14 387616]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-11-14 418336]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"=C:\Users\roverider\AppData\Local\Akamai\netsession_win.exe [2013-06-05 4489472]
"ShowBatteryBar"=C:\Program Files\BatteryBar\ShowBatteryBar.exe [2009-05-28 89600]
"Infium"=C:\Program Files (x86)\QIP 2012\qip.exe [2012-03-23 7351760]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2012-06-28 74752]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2011-03-07 89456]
"gbrspcontrol"=C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2013-04-17 1851088]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Start GeekBuddy.lnk - C:\Program Files (x86)\COMODO\GeekBuddy\launcher.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\Windows\SysWOW64\guard32.dll C:\Windows\system32\guard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-11-14 272384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\spba]
C:\Program Files\Common Files\SPBA\homefus2.dll [2010-09-15 2305872]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
wvauth
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-07-14 11:39:47 ----A---- C:\AdwCleaner[S1].txt
2013-07-14 10:30:50 ----A---- C:\AdwCleaner[R3].txt
2013-07-14 10:29:26 ----A---- C:\AdwCleaner[R2].txt
2013-07-14 10:26:04 ----A---- C:\AdwCleaner[R1].txt
2013-07-13 21:03:00 ----D---- C:\Users\roverider\AppData\Roaming\Malwarebytes
2013-07-13 21:02:16 ----D---- C:\ProgramData\Malwarebytes
2013-07-13 21:02:16 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-07-13 21:02:15 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-12 18:23:31 ----D---- C:\rsit
2013-07-12 18:23:31 ----D---- C:\Program Files\trend micro
2013-07-12 18:05:18 ----D---- C:\Program Files\CCleaner
2013-07-11 03:06:04 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-07-11 03:06:04 ----A---- C:\Windows\system32\ieui.dll
2013-07-11 03:06:03 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-07-11 03:06:03 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-07-11 03:06:03 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-07-11 03:06:03 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-07-11 03:06:03 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-07-11 03:06:03 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-11 03:06:03 ----A---- C:\Windows\system32\iesysprep.dll
2013-07-11 03:06:03 ----A---- C:\Windows\system32\iesetup.dll
2013-07-11 03:06:03 ----A---- C:\Windows\system32\iertutil.dll
2013-07-11 03:06:03 ----A---- C:\Windows\system32\iernonce.dll
2013-07-11 03:06:03 ----A---- C:\Windows\system32\ie4uinit.exe
2013-07-11 03:06:02 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-07-11 03:06:02 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-07-11 03:06:02 ----A---- C:\Windows\system32\msfeeds.dll
2013-07-11 03:06:02 ----A---- C:\Windows\system32\jscript.dll
2013-07-11 03:06:01 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-07-11 03:06:01 ----A---- C:\Windows\system32\jscript9.dll
2013-07-11 03:06:00 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-07-11 03:06:00 ----A---- C:\Windows\system32\urlmon.dll
2013-07-11 03:05:58 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-07-11 03:05:58 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-07-11 03:05:58 ----A---- C:\Windows\system32\wininet.dll
2013-07-11 03:05:58 ----A---- C:\Windows\system32\jsproxy.dll
2013-07-11 03:05:56 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-07-11 03:05:54 ----A---- C:\Windows\system32\ieframe.dll
2013-07-11 03:05:53 ----A---- C:\Windows\system32\mshtml.dll
2013-07-11 03:05:50 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-07-10 11:16:45 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-07-10 11:16:45 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-07-10 11:16:45 ----A---- C:\Windows\system32\qedit.dll
2013-07-10 11:16:44 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-07-10 11:16:32 ----A---- C:\Windows\system32\win32k.sys
2013-07-10 11:16:19 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-07-10 11:16:19 ----A---- C:\Windows\system32\DWrite.dll
2013-07-02 21:50:37 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-06-27 16:33:47 ----D---- C:\Program Files (x86)\digestIT 2004
2013-06-27 16:15:08 ----D---- C:\Program Files (x86)\Mozilla Firefox.bak
2013-06-18 13:26:44 ----D---- C:\Program Files (x86)\Medieval Software
2013-06-17 19:54:16 ----D---- C:\Users\roverider\AppData\Roaming\Opera Software
2013-06-17 19:54:11 ----D---- C:\Program Files (x86)\Opera Next
======List of files/folders modified in the last 1 month======
2013-07-14 12:49:50 ----D---- C:\Program Files (x86)\The KMPlayer
2013-07-14 11:54:24 ----D---- C:\Windows\system32\config
2013-07-14 11:45:38 ----D---- C:\Windows\System32
2013-07-14 11:45:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-07-14 11:45:37 ----D---- C:\Windows\inf
2013-07-14 11:42:49 ----D---- C:\Windows\system32\catroot2
2013-07-14 11:39:57 ----HD---- C:\ProgramData
2013-07-13 22:17:41 ----RD---- C:\Program Files (x86)
2013-07-13 21:03:11 ----D---- C:\Windows\Temp
2013-07-13 21:02:16 ----D---- C:\Windows\system32\drivers
2013-07-13 19:22:14 ----SHD---- C:\System Volume Information
2013-07-13 16:15:49 ----D---- C:\Windows
2013-07-13 11:05:54 ----D---- C:\Windows\SoftwareDistribution
2013-07-12 18:23:31 ----RD---- C:\Program Files
2013-07-12 18:13:51 ----D---- C:\Users\roverider\AppData\Roaming\Winamp
2013-07-12 18:13:51 ----D---- C:\Users\roverider\AppData\Roaming\Media Player Classic
2013-07-12 18:13:38 ----D---- C:\Windows\Panther
2013-07-12 18:13:37 ----D---- C:\Windows\Logs
2013-07-12 18:13:37 ----D---- C:\Windows\debug
2013-07-12 18:05:20 ----D---- C:\Windows\system32\Tasks
2013-07-12 12:00:01 ----D---- C:\Windows\Microsoft.NET
2013-07-12 11:59:41 ----RSD---- C:\Windows\assembly
2013-07-12 02:21:24 ----D---- C:\Windows\winsxs
2013-07-12 02:20:51 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-12 02:20:17 ----D---- C:\Windows\SysWOW64
2013-07-12 02:20:17 ----D---- C:\Program Files\Windows Journal
2013-07-12 02:20:17 ----D---- C:\Program Files\Windows Defender
2013-07-12 02:20:17 ----D---- C:\Program Files\Internet Explorer
2013-07-12 02:20:17 ----D---- C:\Program Files (x86)\Windows Defender
2013-07-12 02:20:17 ----D---- C:\Program Files (x86)\Internet Explorer
2013-07-11 03:14:16 ----SHD---- C:\Windows\Installer
2013-07-11 03:07:06 ----A---- C:\Windows\system32\MRT.exe
2013-07-11 03:06:13 ----D---- C:\Windows\system32\catroot
2013-07-08 02:43:41 ----D---- C:\Program Files (x86)\Opera
2013-07-06 22:46:43 ----D---- C:\Users\roverider\AppData\Roaming\vlc
2013-07-03 01:02:20 ----D---- C:\Windows\system32\NDF
2013-06-26 21:38:11 ----D---- C:\vid
2013-06-22 04:53:09 ----D---- C:\Program Files (x86)\JDownloader
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PBADRV;PBADRV; C:\Windows\system32\DRIVERS\PBADRV.sys [2012-09-17 32240]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2012-11-08 22736]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2012-11-08 584056]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2012-11-08 38144]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-17 40816]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2012-11-08 94288]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2008-11-05 67584]
R3 acpials;Filtr zařízení ALS Sensor; C:\Windows\system32\DRIVERS\acpials.sys [2009-07-14 9728]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x64; C:\Windows\system32\DRIVERS\Apfiltr.sys [2011-01-05 343160]
R3 cvusbdrv;Dell ControlVault; C:\Windows\System32\Drivers\cvusbdrv.sys [2012-03-19 45672]
R3 e1yexpress;Ovladač gigabitových síťových připojení Intel(R); C:\Windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-11-14 10629408]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2010-03-15 145408]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2010-07-14 7821312]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-03-09 505856]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 36352]
R3 WinUsb;Ovladač WinUSB; C:\Windows\system32\drivers\WinUSB.sys [2010-11-20 41984]
S1 CFRMD;CFRMD; C:\Windows\system32\DRIVERS\CFRMD.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 cpudrv64;cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-06-02 17864]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RTCore64;RTCore64; \??\C:\Program Files (x86)\RMClock\RTCore64.sys [2008-09-08 14352]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 19968]
S3 usbser;USB RS-232 Emulation Driver; C:\Windows\system32\DRIVERS\usbser.sys [2010-11-20 32768]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\AESTSr64.exe [2009-03-03 89600]
R2 CLPSLauncher;COMODO LPS Launcher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [2013-04-17 70344]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2012-11-08 2828408]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2012-03-19 1043872]
R2 Credential Vault Host Storage;Credential Vault Host Storage; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2012-03-19 36768]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EmbassyService;EmbassyService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [2012-01-17 218504]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2010-07-19 1429776]
R2 GeekBuddyRSP;GeekBuddyRSP Service; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2013-04-17 1851088]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-07-19 838928]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\STacSV64.exe [2010-03-09 244736]
R2 TdmService;TdmService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe [2011-12-08 4146032]
R2 Wave Authentication Manager Service;Wave Authentication Manager Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [2012-01-05 1679872]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
S2 tcsd_win32.exe;NTRU TSS v1.2.1.37 TCS; C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [2011-10-08 1637888]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12 256904]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-06-27 117144]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520]
S3 SecureStorageService;SecureStorageService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe [2011-11-11 2167176]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-09-18 1255736]
S3 WvPCR;WvPCR; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe [2012-01-16 198144]
-----------------EOF-----------------
Přispějete na provoz fóra?