Windows Script Host

Zpráva

talnetik · #1 Příspěvek od **talnetik** » 15 črc 2013 08:09

Dobry den. Vopred dakujem za pomoc s Windows Script host chytil som ho pri stiahnuti a instalacii deamon tools potrebujem to odstranit prikladam foto http://imageshack.us/photo/my-images/837/gcmj.jpg/

talnetik · #2 Příspěvek od **talnetik** » 15 črc 2013 08:11

Pridavam log z RSIT

Logfile of random's system information tool 1.09 (written by random/random)
Run by Tomas at 2013-07-15 07:46:13
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 80 GB (76%) free of 105 GB
Total RAM: 1976 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:46:54, on 15.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ooVoo\ooVoo.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
D:\Stiahnute subory\RSIT.exe
C:\Program Files\trend micro\Tomas.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NtVdmSrv] C:\Windows\inf\ntvdm.vbe
O4 - HKCU\..\Run: [ooVoo.exe] C:\Program Files\ooVoo\oovoo.exe /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Mobile Broadband HL Service - Unknown owner - C:\ProgramData\MobileBrServ\mbbservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 6163 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA1ce7f4517fcec7c.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\z0j6049r.default

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14 4531320]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-03-21 5078504]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 137752]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 172568]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"NtVdmSrv"=C:\Windows\inf\ntvdm.vbe [2013-06-20 1219]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ooVoo.exe"=C:\Program Files\ooVoo\oovoo.exe [2013-06-20 35239488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2013-05-15 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2013-06-03 19603048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 228864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-07-15 07:46:13 ----D---- C:\rsit
2013-07-15 07:46:13 ----D---- C:\Program Files\trend micro
2013-07-15 06:52:26 ----A---- C:\Windows\system32\drivers\sptd.sys
2013-07-15 06:52:07 ----D---- C:\Users\Tomas\AppData\Roaming\DAEMON Tools Lite
2013-07-11 04:24:03 ----A---- C:\Windows\system32\jscript.dll
2013-07-11 04:24:02 ----A---- C:\Windows\system32\jscript9.dll
2013-07-11 04:24:01 ----A---- C:\Windows\system32\jsproxy.dll
2013-07-11 04:24:01 ----A---- C:\Windows\system32\ieui.dll
2013-07-11 04:24:01 ----A---- C:\Windows\system32\iesetup.dll
2013-07-11 04:24:00 ----A---- C:\Windows\system32\urlmon.dll
2013-07-11 04:24:00 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-11 04:24:00 ----A---- C:\Windows\system32\msfeeds.dll
2013-07-11 04:24:00 ----A---- C:\Windows\system32\iesysprep.dll
2013-07-11 04:24:00 ----A---- C:\Windows\system32\iernonce.dll
2013-07-11 04:24:00 ----A---- C:\Windows\system32\ie4uinit.exe
2013-07-11 04:23:59 ----A---- C:\Windows\system32\iertutil.dll
2013-07-11 04:23:57 ----A---- C:\Windows\system32\wininet.dll
2013-07-11 04:23:55 ----A---- C:\Windows\system32\ieframe.dll
2013-07-11 04:23:53 ----A---- C:\Windows\system32\mshtml.dll
2013-07-10 15:30:49 ----A---- C:\Windows\system32\DWrite.dll
2013-07-10 15:30:46 ----A---- C:\Windows\system32\win32k.sys
2013-07-10 15:30:43 ----A---- C:\Windows\system32\qedit.dll
2013-07-10 15:30:40 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-07-03 12:21:10 ----D---- C:\Users\Tomas\AppData\Roaming\ooVoo Details
2013-07-03 12:19:39 ----D---- C:\Program Files\ooVoo
2013-06-21 18:58:57 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-06-21 04:39:06 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-06-21 04:39:06 ----A---- C:\Windows\system32\elshyph.dll
2013-06-21 04:39:05 ----A---- C:\Windows\system32\wextract.exe
2013-06-21 04:39:05 ----A---- C:\Windows\system32\vbscript.dll
2013-06-21 04:39:05 ----A---- C:\Windows\system32\msrating.dll
2013-06-21 04:39:05 ----A---- C:\Windows\system32\msls31.dll
2013-06-21 04:39:05 ----A---- C:\Windows\system32\mshtmled.dll
2013-06-21 04:39:05 ----A---- C:\Windows\system32\inseng.dll
2013-06-21 04:39:05 ----A---- C:\Windows\system32\iexpress.exe
2013-06-21 04:39:04 ----A---- C:\Windows\system32\webcheck.dll
2013-06-21 04:39:04 ----A---- C:\Windows\system32\url.dll
2013-06-21 04:39:04 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-06-21 04:39:04 ----A---- C:\Windows\system32\pngfilt.dll
2013-06-21 04:39:04 ----A---- C:\Windows\system32\occache.dll
2013-06-21 04:39:04 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-06-21 04:39:04 ----A---- C:\Windows\system32\mshtmler.dll
2013-06-21 04:39:04 ----A---- C:\Windows\system32\mshta.exe
2013-06-21 04:39:04 ----A---- C:\Windows\system32\msfeedssync.exe
2013-06-21 04:39:04 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-06-21 04:39:04 ----A---- C:\Windows\system32\licmgr10.dll
2013-06-21 04:39:04 ----A---- C:\Windows\system32\imgutil.dll
2013-06-21 04:39:04 ----A---- C:\Windows\system32\ieUnatt.exe
2013-06-21 04:39:04 ----A---- C:\Windows\system32\iepeers.dll
2013-06-21 04:39:04 ----A---- C:\Windows\system32\iedkcs32.dll
2013-06-21 04:39:04 ----A---- C:\Windows\system32\ieapfltr.dll
2013-06-21 04:39:04 ----A---- C:\Windows\system32\ieapfltr.dat
2013-06-21 04:39:04 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-06-21 04:39:04 ----A---- C:\Windows\system32\icardie.dll
2013-06-21 04:39:04 ----A---- C:\Windows\system32\dxtrans.dll
2013-06-21 04:39:04 ----A---- C:\Windows\system32\dxtmsft.dll
2013-06-21 04:38:25 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-21 04:38:25 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-21 04:38:25 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-21 04:38:25 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-21 04:38:24 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-21 04:38:24 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-21 04:38:24 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-21 04:38:24 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-21 04:38:24 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-21 04:38:24 ----A---- C:\Windows\system32\XpsPrint.dll
2013-06-21 04:38:24 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-06-21 04:38:24 ----A---- C:\Windows\system32\WMPhoto.dll
2013-06-21 04:38:24 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-06-21 04:38:24 ----A---- C:\Windows\system32\FntCache.dll
2013-06-21 04:38:23 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-06-21 04:38:23 ----A---- C:\Windows\system32\d3d10core.dll
2013-06-21 04:38:23 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-06-21 04:38:23 ----A---- C:\Windows\system32\d3d10_1.dll
2013-06-21 04:38:23 ----A---- C:\Windows\system32\d3d10.dll
2013-06-21 04:38:22 ----A---- C:\Windows\system32\UIAnimation.dll
2013-06-21 04:38:22 ----A---- C:\Windows\system32\dxgi.dll
2013-06-21 04:38:22 ----A---- C:\Windows\system32\d3d10warp.dll
2013-06-21 04:38:22 ----A---- C:\Windows\system32\d3d10level9.dll
2013-06-21 04:38:22 ----A---- C:\Windows\system32\d2d1.dll
2013-06-17 19:21:52 ----D---- C:\Program Files\Common Files\Roxio Shared
2013-06-17 19:21:51 ----D---- C:\ProgramData\Uninstall
2013-06-17 19:21:43 ----D---- C:\Program Files\Hewlett-Packard
2013-06-17 19:21:22 ----D---- C:\Users\Tomas\AppData\Roaming\Roxio Log Files
2013-06-17 19:21:18 ----D---- C:\SWSETUP

======List of files/folders modified in the last 1 month======

2013-07-15 07:46:24 ----D---- C:\Windows\Prefetch
2013-07-15 07:46:15 ----D---- C:\Windows\Temp
2013-07-15 07:46:13 ----RD---- C:\Program Files
2013-07-15 07:28:19 ----D---- C:\Windows\system32\config
2013-07-15 06:56:45 ----SHD---- C:\System Volume Information
2013-07-15 06:52:26 ----D---- C:\Windows\system32\drivers
2013-07-15 06:51:39 ----D---- C:\Windows\inf
2013-07-14 11:50:24 ----D---- C:\Users\Tomas\AppData\Roaming\uTorrent
2013-07-13 22:51:01 ----D---- C:\Users\Tomas\AppData\Roaming\vlc
2013-07-12 22:21:02 ----SHD---- C:\Windows\Installer
2013-07-12 22:16:37 ----D---- C:\Windows\Tasks
2013-07-12 22:16:37 ----D---- C:\Windows\system32\Tasks
2013-07-11 17:36:03 ----D---- C:\Windows\Microsoft.NET
2013-07-11 17:36:02 ----RSD---- C:\Windows\assembly
2013-07-11 15:15:43 ----D---- C:\Windows\winsxs
2013-07-11 04:27:18 ----D---- C:\Windows\System32
2013-07-11 04:27:18 ----D---- C:\Program Files\Windows Journal
2013-07-11 04:27:18 ----D---- C:\Program Files\Windows Defender
2013-07-11 04:27:18 ----D---- C:\Program Files\Internet Explorer
2013-07-11 04:24:16 ----D---- C:\Windows\system32\catroot2
2013-07-11 04:24:15 ----D---- C:\Windows\system32\catroot
2013-07-11 04:21:45 ----A---- C:\Windows\system32\MRT.exe
2013-07-09 22:11:19 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-07-08 21:10:41 ----D---- C:\Users\Tomas\AppData\Roaming\Skype
2013-07-02 08:47:24 ----D---- C:\Program Files\PokerStars
2013-06-25 18:27:18 ----D---- C:\Windows\rescache
2013-06-23 23:39:12 ----SD---- C:\Users\Tomas\AppData\Roaming\Microsoft
2013-06-21 18:53:54 ----D---- C:\Windows\system32\migration
2013-06-21 18:53:54 ----D---- C:\Windows\system32\cs-CZ
2013-06-21 18:53:54 ----D---- C:\Windows\PolicyDefinitions
2013-06-21 18:53:53 ----D---- C:\Windows\system32\en-US
2013-06-21 18:53:47 ----D---- C:\Windows\system32\zh-HK
2013-06-21 18:53:47 ----D---- C:\Windows\system32\tr-TR
2013-06-21 18:53:47 ----D---- C:\Windows\system32\pt-PT
2013-06-21 18:53:47 ----D---- C:\Windows\system32\pt-BR
2013-06-21 18:53:47 ----D---- C:\Windows\system32\pl-PL
2013-06-21 18:53:47 ----D---- C:\Windows\system32\nl-NL
2013-06-21 18:53:47 ----D---- C:\Windows\system32\ko-KR
2013-06-21 18:53:47 ----D---- C:\Windows\system32\it-IT
2013-06-21 18:53:47 ----D---- C:\Windows\system32\hu-HU
2013-06-21 18:53:47 ----D---- C:\Windows\system32\fr-FR
2013-06-21 18:53:47 ----D---- C:\Windows\system32\fi-FI
2013-06-21 18:53:47 ----D---- C:\Windows\system32\el-GR
2013-06-21 18:53:46 ----D---- C:\Windows\system32\zh-TW
2013-06-21 18:53:46 ----D---- C:\Windows\system32\zh-CN
2013-06-21 18:53:46 ----D---- C:\Windows\system32\sv-SE
2013-06-21 18:53:46 ----D---- C:\Windows\system32\ru-RU
2013-06-21 18:53:46 ----D---- C:\Windows\system32\nb-NO
2013-06-21 18:53:46 ----D---- C:\Windows\system32\ja-JP
2013-06-21 18:53:46 ----D---- C:\Windows\system32\es-ES
2013-06-21 18:53:46 ----D---- C:\Windows\system32\de-DE
2013-06-21 18:53:46 ----D---- C:\Windows\system32\da-DK
2013-06-21 04:41:51 ----D---- C:\Windows\Logs
2013-06-21 04:36:33 ----D---- C:\Windows
2013-06-17 19:21:52 ----D---- C:\Program Files\Common Files
2013-06-17 19:21:51 ----HD---- C:\ProgramData
2013-06-17 17:53:44 ----D---- C:\Windows\system32\wdi

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-02-14 47568]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 25656]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-02-14 171680]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-01-10 122240]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-01-10 46056]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-01-10 150080]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 35896]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-13 1035776]
R3 BCM43XX;Broadcom 802.11 – ovladač síťového adaptéru; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-07-13 1131008]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-02-11 9036800]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 15872]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2013-03-21 1341664]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 26168]
R2 Mobile Broadband HL Service;Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [2012-03-12 232288]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-05-14 3289208]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-05-17 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-06-03 162408]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-05-17 116648]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-05-15 553288]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-11-29 115168]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-05-18 1343400]

-----------------EOF-----------------

#3 Příspěvek od **vyosek** » 15 črc 2013 19:38

Zdravim

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

talnetik · #4 Příspěvek od **talnetik** » 16 črc 2013 09:12

OTL logfile created on: 16.7.2013 8:48:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tomas\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,93 Gb Total Physical Memory | 0,96 Gb Available Physical Memory | 49,69% Memory free
3,86 Gb Paging File | 2,52 Gb Available in Paging File | 65,20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 102,68 Gb Total Space | 79,62 Gb Free Space | 77,55% Space Free | Partition Type: NTFS
Drive D: | 195,31 Gb Total Space | 92,88 Gb Free Space | 47,55% Space Free | Partition Type: NTFS

Computer Name: TOMAS-PC | User Name: Tomas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.07.16 08:43:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tomas\Desktop\OTL.exe
PRC - [2013.07.12 19:49:47 | 000,846,288 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013.06.20 21:09:26 | 035,239,488 | ---- | M] (ooVoo LLC) -- C:\Program Files\ooVoo\ooVoo.exe
PRC - [2013.05.14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013.05.11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.03.21 14:19:46 | 001,341,664 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2013.03.21 14:19:40 | 005,078,504 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2012.11.23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012.03.12 10:05:33 | 000,232,288 | ---- | M] () -- C:\ProgramData\MobileBrServ\mbbService.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2013.07.12 19:49:44 | 000,396,240 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.72\ppgooglenaclpluginchrome.dll
MOD - [2013.07.12 19:49:43 | 013,599,184 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll
MOD - [2013.07.12 19:49:42 | 004,052,944 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.72\pdf.dll
MOD - [2013.07.12 19:48:52 | 000,601,552 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.72\libglesv2.dll
MOD - [2013.07.12 19:48:51 | 000,123,344 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.72\libegl.dll
MOD - [2013.07.12 19:48:49 | 001,597,392 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.72\ffmpegsumo.dll
MOD - [2011.03.02 11:40:51 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll

========== Services (SafeList) ==========

SRV - [2013.06.03 16:21:54 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.05.27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.05.18 09:03:46 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2013.05.14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013.05.11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.03.21 14:19:46 | 001,341,664 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2012.11.29 09:26:17 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.03.12 10:05:33 | 000,232,288 | ---- | M] () [Auto | Running] -- C:\ProgramData\MobileBrServ\mbbService.exe -- (Mobile Broadband HL Service)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

========== Driver Services (SafeList) ==========

DRV - [2013.02.14 12:21:04 | 000,171,680 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2013.02.14 12:21:04 | 000,047,568 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2013.01.10 09:25:22 | 000,150,080 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2013.01.10 09:25:20 | 000,122,240 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2013.01.10 09:25:20 | 000,046,056 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV - [2011.05.13 17:57:42 | 000,025,656 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2011.05.13 17:57:20 | 000,035,896 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2009.07.13 23:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009.07.13 23:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3959060428-3437772708-2466673920-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3959060428-3437772708-2466673920-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.05.17 20:58:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013.05.17 21:08:13 | 000,000,000 | ---D | M]

[2013.05.17 20:58:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tomas\AppData\Roaming\Mozilla\Extensions
[2013.06.15 21:44:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.06.15 21:44:48 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.06.15 21:44:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.06.15 21:44:47 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.11.29 09:26:57 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.11.29 12:32:34 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.11.29 12:32:34 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.11.29 12:32:34 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.11.29 12:32:34 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.11.29 12:32:35 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.72\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - Extension: Dokumenty Google = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Skype Click to Call = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0\
CHR - Extension: Gmail = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [NtVdmSrv] C:\Windows\inf\ntvdm.vbe ()
O4 - HKU\S-1-5-21-3959060428-3437772708-2466673920-1000..\Run: [ooVoo.exe] C:\Program Files\ooVoo\oovoo.exe (ooVoo LLC)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DBA3BE04-E659-48CC-98B1-062F0D3E39C4}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FD57354A-F050-4F11-A781-E9CC87C9E00C}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{baef0e88-bf2b-11e2-80b8-0027135176a9}\Shell - "" = AutoRun
O33 - MountPoints2\{baef0e88-bf2b-11e2-80b8-0027135176a9}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.07.16 08:43:43 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Tomas\Desktop\OTL.exe
[2013.07.15 07:46:13 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.07.15 07:46:13 | 000,000,000 | ---D | C] -- C:\rsit
[2013.07.15 06:52:26 | 000,721,904 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\System32\drivers\sptd.sys
[2013.07.15 06:52:07 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\DAEMON Tools Lite
[2013.07.15 06:51:23 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\Programs
[2013.07.11 04:24:03 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.07.11 04:24:02 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.07.11 04:24:01 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.07.11 04:24:01 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013.07.11 04:24:01 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.07.11 04:24:00 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.07.11 04:24:00 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013.07.11 04:24:00 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013.07.11 04:24:00 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013.07.11 04:24:00 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013.07.10 15:30:49 | 001,247,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2013.07.10 15:30:46 | 002,347,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.07.10 15:30:43 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2013.07.10 15:30:40 | 001,620,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL

========== Files - Modified Within 7 Days ==========

[2013.07.16 08:50:22 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.07.16 08:48:59 | 000,014,240 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.16 08:48:59 | 000,014,240 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.16 08:43:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tomas\Desktop\OTL.exe
[2013.07.16 08:41:43 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.07.16 08:41:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.16 08:41:27 | 1554,198,528 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.15 23:21:04 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1ce7f4517fcec7c.job
[2013.07.15 08:13:27 | 000,068,454 | ---- | M] () -- C:\Users\Tomas\Desktop\virus.jpg
[2013.07.13 20:35:28 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.07.11 23:59:53 | 000,018,740 | ---- | M] () -- C:\Users\Tomas\Desktop\black-wallpapers.jpg
[2013.07.11 15:15:27 | 000,413,336 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.07.10 23:29:58 | 000,006,923 | ---- | M] () -- C:\Users\Tomas\Desktop\chris-dickerson-calves.jpg
[2013.07.10 23:28:52 | 000,000,506 | ---- | M] () -- C:\Users\Tomas\Desktop\lytka.htm
[2013.07.09 22:11:19 | 001,888,846 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2013.07.09 22:11:19 | 001,058,762 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.07.09 22:11:19 | 000,558,068 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2013.07.09 22:11:19 | 000,529,942 | ---- | M] () -- C:\Windows\System32\perfc009.dat

========== Files Created - No Company Name ==========

[2013.07.16 08:50:22 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.07.15 07:14:11 | 000,068,454 | ---- | C] () -- C:\Users\Tomas\Desktop\virus.jpg
[2013.07.12 22:16:37 | 000,000,940 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1ce7f4517fcec7c.job
[2013.07.11 23:59:49 | 000,018,740 | ---- | C] () -- C:\Users\Tomas\Desktop\black-wallpapers.jpg
[2013.07.10 23:29:57 | 000,006,923 | ---- | C] () -- C:\Users\Tomas\Desktop\chris-dickerson-calves.jpg
[2013.07.10 23:28:51 | 000,000,506 | ---- | C] () -- C:\Users\Tomas\Desktop\lytka.htm

========== ZeroAccess Check ==========

[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 05:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.07.15 06:52:07 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\DAEMON Tools Lite
[2013.05.17 21:09:48 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\ESET
[2013.06.01 22:53:48 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Nico Mak Computing
[2013.07.03 12:21:10 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\ooVoo Details
[2013.06.15 23:48:05 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Stiahnito.sk Download Manager
[2013.07.14 11:50:24 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\uTorrent

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 05:53:46 | 000,028,982 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2013.05.17 21:03:30 | 000,000,934 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.07.12 22:16:37 | 000,000,940 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce7f4517fcec7c.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.04.25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013.01.03 06:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2010.11.20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2013.01.04 05:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2013.05.08 07:15:22 | 001,309,032 | ---- | M] (Microsoft Corporation) MD5=6088D01FAD49729EA0A5A3D9B9BA8B84 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_b5b3fe00ddc19aaa\tcpip.sys
[2011.04.25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013.01.03 06:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2011.04.25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2013.01.04 05:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
[2013.05.08 06:38:00 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=D32FDAC73FCD76B85389C39BC1087F2A -- C:\Windows\System32\drivers\tcpip.sys
[2013.05.08 06:38:00 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=D32FDAC73FCD76B85389C39BC1087F2A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_b508ef41c4bd3835\tcpip.sys
[2012.10.03 17:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2012.10.03 17:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< >

< %systemroot%*.* /U /s >
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[21 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.06.09 12:06:59 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Adobe
[2013.05.19 11:43:40 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Apple Computer
[2013.07.15 06:52:07 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\DAEMON Tools Lite
[2013.05.17 21:09:48 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\ESET
[2013.05.17 20:56:09 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Identities
[2013.05.17 21:05:24 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Macromedia
[2009.07.14 10:19:24 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Media Center Programs
[2013.06.23 23:39:12 | 000,000,000 | --SD | M] -- C:\Users\Tomas\AppData\Roaming\Microsoft
[2013.05.17 20:58:14 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Mozilla
[2013.06.01 22:53:48 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Nico Mak Computing
[2013.07.03 12:21:10 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\ooVoo Details
[2013.06.17 19:21:22 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Roxio Log Files
[2013.07.08 21:10:41 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Skype
[2013.06.15 23:48:05 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Stiahnito.sk Download Manager
[2013.07.14 11:50:24 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\uTorrent
[2013.07.13 22:51:01 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\vlc
[2013.05.22 23:31:54 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2013.06.01 22:52:17 | 001,045,072 | ---- | M] (BitTorrent Inc.) -- C:\Users\Tomas\AppData\Roaming\uTorrent\uTorrent.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2013.07.16 08:41:43 | 000,000,934 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.07.15 23:21:04 | 000,000,940 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce7f4517fcec7c.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >
[2013.07.15 06:56:51 | 000,721,904 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\system32\drivers\sptd.sys

< %systemroot%\system32\*.* /3 >
[2013.07.16 08:48:59 | 000,014,240 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.16 08:48:59 | 000,014,240 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ooVoo.exe" = C:\Program Files\ooVoo\oovoo.exe /minimized -- [2013.06.20 21:09:26 | 035,239,488 | ---- | M] (ooVoo LLC)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.11.29 09:26:08 | 000,916,960 | ---- | M] (Mozilla Corporation) MD5=5744FFF8E72D105C138DAE9E17BB29FE -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013.06.12 01:23:57 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=30E7CA4620500FE012EB464F0E1DE91E -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2013.07.12 19:49:47 | 000,846,288 | ---- | M] (Google Inc.) MD5=CB037F03178E31BA2985ADD15879CA56 -- C:\Program Files\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.07.16 08:50:22 | 000,000,512 | ---- | M] () MD5=E5CDB851A82FE81288B66DA3C622AF08 -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *loader* /s >
[2013.04.21 21:44:16 | 000,008,827 | ---- | M] () -- \Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2006.10.26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2013.04.25 17:31:28 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013.04.25 17:31:28 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013.04.25 17:31:28 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013.04.25 17:31:28 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013.04.25 17:31:28 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.04.25 17:31:28 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2013.06.01 22:43:43 | 000,000,723 | ---- | M] () -- \Users\Tomas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\86JT0WTX\downloaderror[1].js
[2013.06.22 16:09:58 | 000,001,511 | ---- | M] () -- \Users\Tomas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F3F408ZY\AdLoader[1].htm
[2013.06.17 18:41:57 | 000,109,448 | ---- | M] () -- \Users\Tomas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IMR6YSCR\AdLoader-b3e321cab5fbc3c4ed10b513bb467bae.min[1].js
[2013.06.15 21:49:45 | 000,001,511 | ---- | M] () -- \Users\Tomas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TMACDF2N\AdLoader[1].htm
[2013.06.01 22:43:42 | 000,001,174 | ---- | M] () -- \Users\Tomas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TMACDF2N\downloader[1].js
[2013.06.22 16:10:40 | 000,109,448 | ---- | M] () -- \Users\Tomas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VGZJ4AHJ\AdLoader-b3e321cab5fbc3c4ed10b513bb467bae.min[1].js
[2013.05.17 22:13:56 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2009.07.14 13:25:34 | 002,202,645 | ---- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013.07.16 08:45:12 | 000,003,528 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader
[2009.07.14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.07.14 09:43:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 09:43:57 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.07.14 09:43:57 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2013.05.19 08:58:37 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2013.05.19 08:58:37 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2013.05.19 08:58:38 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.14 09:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 08:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 08:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 04:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

talnetik · #5 Příspěvek od **talnetik** » 16 črc 2013 09:15

OTL Extras logfile created on: 16.7.2013 8:48:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tomas\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,93 Gb Total Physical Memory | 0,96 Gb Available Physical Memory | 49,69% Memory free
3,86 Gb Paging File | 2,52 Gb Available in Paging File | 65,20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 102,68 Gb Total Space | 79,62 Gb Free Space | 77,55% Space Free | Partition Type: NTFS
Drive D: | 195,31 Gb Total Space | 92,88 Gb Free Space | 47,55% Space Free | Partition Type: NTFS

Computer Name: TOMAS-PC | User Name: Tomas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3959060428-3437772708-2466673920-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04FA4997-E3C7-44CF-AC34-591918BC7CD9}" = rport=139 | protocol=6 | dir=out | app=system |
"{0BE836DA-7878-4081-9D29-5DFC20DAD16E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1B8E8499-551A-4839-99B8-2146893D42F3}" = lport=10243 | protocol=6 | dir=in | app=system |
"{23C5F68F-7F97-4C19-A9F2-9071A1CB7179}" = lport=139 | protocol=6 | dir=in | app=system |
"{2899147E-A17E-4B18-8945-3315D92F0F99}" = lport=138 | protocol=17 | dir=in | app=system |
"{541FD976-AD08-45BB-94BC-B17EB4494A49}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{696BA9D1-6321-42EF-8489-28F0CAB5E6F5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{699FDD8A-FB21-4F63-87A9-7C119B036EE5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7970DF7A-455F-4007-ABB5-1638AA453464}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{867A6E14-FA21-4ADC-9E9C-4D9E497A17EF}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{986DA7F8-8703-4F34-B334-2E29234F6921}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9D9FBE9B-47CB-4B2C-8778-4D4CC20DE085}" = rport=10243 | protocol=6 | dir=out | app=system |
"{9DBD283A-8ECC-431B-9697-FFA201C5FD4F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A1A9A8C2-B42F-40F0-8429-178097DF265E}" = lport=137 | protocol=17 | dir=in | app=system |
"{AA68F2E9-5C0E-4079-B858-D10799A1E1B7}" = lport=445 | protocol=6 | dir=in | app=system |
"{AE3CB85D-466E-47A0-83C9-16CA89D172F1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BD50823E-6425-4DB9-AF4C-E80307FBA457}" = rport=445 | protocol=6 | dir=out | app=system |
"{C038D9F6-42A3-4167-86AA-6AB9F9F80EA8}" = rport=137 | protocol=17 | dir=out | app=system |
"{C41CB329-72C3-49CD-91E4-F15A5E21C69D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{C7F0301A-7936-45E6-BA58-44ACA5EEE104}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E9EC5A8E-E78B-40BD-952E-F5A05DF359C0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E9F9F97F-A5F3-4EE8-91D3-792C0241A964}" = rport=138 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00434D4F-47E8-4C4A-9C93-11266598BD6A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{073FFA72-A58B-4A75-90D4-F6E7790CF2A9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0C647888-72E0-45CF-9229-681260F41A29}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{11CB0D51-0FDD-4593-896E-09AA40B6BCB1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1445D2C6-991F-45EB-95CE-D985459588D9}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{32817274-0503-47FE-9173-C840449C3A98}" = protocol=6 | dir=out | app=system |
"{398B4FB3-EFAC-4574-8DEE-D6CCE90827DA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{43A8E1D7-29D9-4870-B518-2EDCAB56007D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{469E4AA3-0C44-4360-AAE9-DB118D6C3ED5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{5803962F-580A-42D1-8C3D-81BCD38539AD}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{60C58A02-7D6C-4616-9EE9-3BF04A245902}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6C89436E-4484-42C9-906F-4EEE2AE6641E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{6EF19596-FE3D-4D41-9CBF-195343592948}" = protocol=17 | dir=in | app=c:\users\tomas\appdata\roaming\utorrent\utorrent.exe |
"{79EAEFE6-C436-4C3C-B440-A7122A9EEAD6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{800205BB-0ACD-463D-B60B-CCC935292632}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8FF7CE94-81C7-4481-A7AC-644E1ED34E26}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{9302FF9E-D117-4F65-8A6E-12F54BA011F4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{97CCD579-D3A9-4CEF-AEAC-6DAC9FD11FED}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B08B187F-EAB8-4473-8667-F938E84CD7CF}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{BAF6AFEF-5B44-408B-B10C-A07CB7762B7E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{BCD91AE2-6E88-4EC7-A43C-93D33F450146}" = protocol=6 | dir=in | app=c:\users\tomas\appdata\roaming\utorrent\utorrent.exe |
"{BFD880C6-D45B-43ED-9E6C-530267BA3342}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C5C5C9B4-A2D6-4D86-9A6D-95A1ADA7EDBA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D7447CE5-C5D5-487B-9A70-A7E8216F76DB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D8113CC7-D03B-4DA7-B065-37F570937857}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DA418D33-28A0-4E93-A295-B6671FE0659B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{FD456419-1661-4DC5-943B-8A3F99DB92AF}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0ACD03E7-6BBC-4E18-93EE-EC7C713A3719}" = ESET Smart Security
"{11E568E0-3244-4BCB-875E-F334269DFDCB}" = iTunes
"{1D61E881-43CD-447B-9E6B-D2C6138B2862}" = HP Webcam
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.5
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{67D555FF-8AD7-4E7F-BCDB-D92170A90B85}_is1" = Stiahnito Klient version 0.8.0
"{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}" = VoiceOver Kit
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Czech
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C7AE4EC3-9C13-4213-8457-74D16B353F91}" = HP Web Camera
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.62
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Mobile Broadband HL Service" = Mobile Broadband HL Service
"Mozilla Firefox 17.0.1 (x86 cs)" = Mozilla Firefox 17.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PokerStars" = PokerStars
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.7
"WinRAR archiver" = WinRAR 4.00 (32-bit)

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 15.7.2013 13:18:54 | Computer Name = Tomas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 15.7.2013 13:18:54 | Computer Name = Tomas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 21610023

Error - 15.7.2013 13:18:54 | Computer Name = Tomas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 21610023

Error - 15.7.2013 13:18:55 | Computer Name = Tomas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 15.7.2013 13:18:55 | Computer Name = Tomas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 21611037

Error - 15.7.2013 13:18:55 | Computer Name = Tomas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 21611037

Error - 15.7.2013 13:18:56 | Computer Name = Tomas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 15.7.2013 13:18:56 | Computer Name = Tomas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 21612082

Error - 15.7.2013 13:18:56 | Computer Name = Tomas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 21612082

Error - 15.7.2013 18:49:44 | Computer Name = Tomas-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

[ System Events ]
Error - 15.7.2013 3:32:28 | Computer Name = Tomas-PC | Source = DCOM | ID = 10005
Description =

Error - 15.7.2013 3:32:29 | Computer Name = Tomas-PC | Source = Service Control Manager | ID = 7001
Description = Služba Služba seznamu sítí závisí na službě Sledování umístění v síti
(NLA), která neuspěla při spuštění v důsledku následující chyby: %%1068

Error - 15.7.2013 3:32:29 | Computer Name = Tomas-PC | Source = Service Control Manager | ID = 7001
Description = Služba Služba seznamu sítí závisí na službě Sledování umístění v síti
(NLA), která neuspěla při spuštění v důsledku následující chyby: %%1068

Error - 15.7.2013 3:32:29 | Computer Name = Tomas-PC | Source = Service Control Manager | ID = 7001
Description = Služba Služba seznamu sítí závisí na službě Sledování umístění v síti
(NLA), která neuspěla při spuštění v důsledku následující chyby: %%1068

Error - 15.7.2013 3:32:29 | Computer Name = Tomas-PC | Source = Service Control Manager | ID = 7001
Description = Služba Služba seznamu sítí závisí na službě Sledování umístění v síti
(NLA), která neuspěla při spuštění v důsledku následující chyby: %%1068

Error - 15.7.2013 3:32:29 | Computer Name = Tomas-PC | Source = Service Control Manager | ID = 7001
Description = Služba Služba seznamu sítí závisí na službě Sledování umístění v síti
(NLA), která neuspěla při spuštění v důsledku následující chyby: %%1068

Error - 15.7.2013 3:32:29 | Computer Name = Tomas-PC | Source = Service Control Manager | ID = 7001
Description = Služba Služba seznamu sítí závisí na službě Sledování umístění v síti
(NLA), která neuspěla při spuštění v důsledku následující chyby: %%1068

Error - 15.7.2013 3:32:37 | Computer Name = Tomas-PC | Source = DCOM | ID = 10005
Description =

Error - 15.7.2013 3:34:23 | Computer Name = Tomas-PC | Source = Service Control Manager | ID = 7024
Description = Služba Brána Windows Firewall ukončena s chybou %%5, specifickou pro
službu.

Error - 15.7.2013 3:34:48 | Computer Name = Tomas-PC | Source = Service Control Manager | ID = 7024
Description = Služba Naslouchací proces domácí skupiny ukončena s chybou %%-2147023143,
specifickou pro službu.

< End of report >

#6 Příspěvek od **vyosek** » 16 črc 2013 12:32

Jen se zeptam, pouzivate legalni system = zakoupena licence??

talnetik · #7 Příspěvek od **talnetik** » 16 črc 2013 15:33

nie pouzivam win7 siahnuty z internetu ale doteraz som snim nemal nikdy problem preco?

#8 Příspěvek od **vyosek** » 16 črc 2013 15:43

Pravidla fora jste si cetl

Pomáhat NELZE:

2) Pokud stroj uživatele prokazatelně obsahuje nelegální hostitelský čí ochranný software
(operační systém, antivir, firewall, atd.)

talnetik · #9 Příspěvek od **talnetik** » 16 črc 2013 15:47

Tak sa ospravedlnujem a dakujem za trpezlivost

#10 Příspěvek od **vyosek** » 16 črc 2013 15:48

Neni zac

A na zaklade Pravidla o zamykani temat

VIRY.CZ

Windows Script Host

Windows Script Host

Re: Windows Script Host

Re: Windows Script Host

Re: Windows Script Host

Re: Windows Script Host

Re: Windows Script Host

Re: Windows Script Host

Re: Windows Script Host

Re: Windows Script Host

Re: Windows Script Host