preventivka

Zpráva

James29 · #1 Příspěvek od **James29** » 06 srp 2013 10:35

Logfile of random's system information tool 1.09 (written by random/random)
Run by Mojda at 2013-08-06 11:27:40
Microsoft Windows 7 Ultimate
System drive C: has 14 GB (9%) free of 153 GB
Total RAM: 3072 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:28:20, on 6.8.2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16476)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Garmin\Express Tray\ExpressTray.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Users\Mojda\Desktop\RSIT.exe
C:\Program Files\trend micro\Mojda.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mojebanka.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Mojda\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Optimizer Pro] C:\Program Files\Optimizer Pro\OptProLauncher.exe
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2315390885-2291023885-1116521741-1006\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2315390885-2291023885-1116521741-1006\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Stáhnout pomocí &BitSpiritu - C:\Program Files\BitSpirit\bsurl.htm
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~1\browse~1\sprote~1.dll
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files\Guard-ICQ\GuardICQ.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 11041 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2315390885-2291023885-1116521741-1002Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2315390885-2291023885-1116521741-1002UA.job
C:\Windows\tasks\schedule!3036567561.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Mojda\AppData\Roaming\Mozilla\Firefox\Profiles\ea2bu0ef.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3, {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.14.2, {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {FBF6D7FB-F305-4445-BB3D-FEF66579A033}:5.0, {c0332589-973e-411e-890a-d598fb853995}:1.3.2, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1, {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0, personas@christopher.beard:1.6.1, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900, {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {3112ca9c-de6d-4884-a869-9855de68056c}:7.1.20110316W, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.1.9&q="

"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5]
"Description"=Office Live Update v1.5
"Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

C:\Program Files\Mozilla Firefox\components\
AskHPRFF.js

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
np32dsw.dll
nppdf32.dll
ShockwavePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
mall-cz.xml

C:\Users\Mojda\AppData\Roaming\Mozilla\Firefox\Profiles\ea2bu0ef.default\extensions\
{3112ca9c-de6d-4884-a869-9855de68056c}
{3d7eb24f-2740-49df-8937-200b1cc08f8a}
{800b5000-a755-47e1-992b-48a1c1357f07}
{c0332589-973e-411e-890a-d598fb853995}
{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}

C:\Users\Mojda\AppData\Roaming\Mozilla\Firefox\Profiles\ea2bu0ef.default\searchplugins\
askcom.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23 72336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-06-12 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-06-12 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-05-14 2029640]
""= []
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-11-17 8092192]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"Google Update"=C:\Users\Mojda\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-29 136176]
"Optimizer Pro"=C:\Program Files\Optimizer Pro\OptProLauncher.exe [2012-10-30 81952]
"GarminExpressTrayApp"=C:\Program Files\Garmin\Express Tray\ExpressTray.exe [2013-03-27 1098072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2013-05-08 642664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ActivControl]
C:\Program Files\Activ Software\Activdriver\ActivControl2.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2013-05-08 44128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Mojda\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-29 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Guard.Mail.ru.gui]
C:\Program Files\Guard-ICQ\GuardICQ.exe [2012-03-25 1564368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent]
C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe [2012-02-28 190768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2011-07-22 718720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~1\browse~1\sprote~1.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.siren"=sirenacm.dll
"msacm.divxa32"=msaud32_divx.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.tscc"=tsccvid.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe","%1"
.scr - open - "C:\Windows\system32\NOTEPAD.EXE" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

======List of files/folders modified in the last 1 month======

2013-08-06 11:27:51 ----D---- C:\Windows\Prefetch
2013-08-06 11:27:45 ----D---- C:\Users\Mojda\AppData\Roaming\vlc
2013-08-06 11:27:41 ----D---- C:\Windows\Temp
2013-08-06 11:27:41 ----D---- C:\Program Files\trend micro
2013-08-06 11:25:27 ----D---- C:\Windows\debug
2013-08-06 11:25:27 ----D---- C:\Windows
2013-08-06 09:17:27 ----D---- C:\Windows\system32\config
2013-08-05 22:23:43 ----D---- C:\Users\Mojda\AppData\Roaming\uTorrent
2013-08-05 21:35:35 ----D---- C:\Users\Mojda\AppData\Roaming\dvdcss
2013-08-05 21:30:29 ----D---- C:\Windows\System32
2013-08-05 21:30:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-08-05 21:30:28 ----D---- C:\Windows\inf
2013-08-05 13:25:23 ----D---- C:\Users\Mojda\AppData\Roaming\esmska
2013-08-04 08:50:05 ----D---- C:\Windows\system32\catroot2
2013-07-30 19:28:48 ----SHD---- C:\System Volume Information
2013-07-28 16:01:48 ----SHD---- C:\Windows\Installer
2013-07-28 16:01:48 ----SHD---- C:\Config.Msi
2013-07-28 16:01:33 ----D---- C:\Program Files\Google
2013-07-27 12:23:10 ----D---- C:\Windows\system32\FxsTmp
2013-07-22 23:37:18 ----D---- C:\Users\Mojda\AppData\Roaming\Nokia
2013-07-22 23:34:47 ----D---- C:\Program Files\Nokia
2013-07-13 14:17:43 ----D---- C:\Users\Mojda\AppData\Roaming\Vso
2013-07-12 16:53:28 ----RD---- C:\Program Files
2013-07-11 10:59:32 ----D---- C:\Program Files\Microsoft Silverlight
2013-07-10 14:27:41 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-06-14 477240]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2009-07-22 55040]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2009-07-22 293904]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-05-14 114472]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2009-05-14 93312]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-09-14 25416]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 ActivHidSerMini;Promethean Serial Board Driver; C:\Windows\system32\DRIVERS\activhidsermini.sys [2008-06-16 57088]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-11-17 2807392]
R3 NVNET;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6232.sys [2010-08-12 298216]
R3 prmvmouse;Promethean HID Mouse Service; C:\Windows\system32\DRIVERS\activmouse.sys [2008-06-16 4480]
R3 vpcbus;Virtual PC Host Bus Service; C:\Windows\system32\DRIVERS\vpchbus.sys [2009-07-22 165376]
R3 vpcusb;USB Virtualization Connector Service; C:\Windows\system32\DRIVERS\vpcusb.sys [2009-07-22 78336]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-10-06 278984]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 30312]
S3 ay0suo2o;ay0suo2o; C:\Windows\system32\drivers\ay0suo2o.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 grmnusb;grmnusb; C:\Windows\system32\drivers\grmnusb.sys [2012-04-18 15720]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-06-11 25280]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2012-01-09 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2012-01-09 23168]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-14 347264]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-04-22 18816]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-10-16 47360]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s115bus;Sony Ericsson Device 115 driver (WDM); C:\Windows\system32\DRIVERS\s115bus.sys [2007-04-23 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s115mdfl.sys [2007-04-23 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s115mdm.sys [2007-04-23 108680]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s115obex.sys [2007-04-23 98568]
S3 s125bus;Sony Ericsson Device 125 driver (WDM); C:\Windows\system32\DRIVERS\s125bus.sys [2007-04-24 83336]
S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s125mdfl.sys [2007-04-24 15112]
S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s125mdm.sys [2007-04-24 108680]
S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s125mgmt.sys [2007-04-24 100488]
S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s125obex.sys [2007-04-24 98696]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 114280]
S3 StMp3Rec;Player Recovery Device Control Driver; C:\Windows\System32\Drivers\StMp3Rec.sys [2007-02-15 19840]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2012-01-09 8192]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2009-07-14 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2012-01-09 8192]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys [2008-05-06 11520]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-10-07 345376]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-05-14 731840]
R2 Garmin Core Update Service;Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-03-27 185688]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files\Guard-ICQ\GuardICQ.exe [2012-03-25 1564368]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2011-03-04 73728]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-31 634656]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-01-03 1259448]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-09-15 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2009-09-15 107832]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-03-31 116648]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12 256904]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-01-20 77944]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-05-14 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-04-08 1045256]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-03-31 116648]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-07-03 117144]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-04-22 720936]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 06 srp 2013 11:57

Zdravim

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

James29 · #3 Příspěvek od **James29** » 06 srp 2013 15:58

OTL logfile created on: 6.8.2013 15:03:12 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mojda\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 1,78 Gb Available Physical Memory | 59,40% Memory free
6,00 Gb Paging File | 4,61 Gb Available in Paging File | 76,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 13,27 Gb Free Space | 8,91% Space Free | Partition Type: NTFS
Drive D: | 149,05 Gb Total Space | 14,46 Gb Free Space | 9,70% Space Free | Partition Type: NTFS

Computer Name: MOJDA-PC | User Name: Mojda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.08.06 15:01:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mojda\Desktop\OTL.exe
PRC - [2013.07.03 18:50:06 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.03.27 16:18:02 | 001,098,072 | ---- | M] (Garmin Ltd or its subsidiaries) -- C:\Program Files\Garmin\Express Tray\ExpressTray.exe
PRC - [2013.03.27 16:17:42 | 000,185,688 | ---- | M] (Garmin Ltd or its subsidiaries) -- C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
PRC - [2013.01.31 11:01:06 | 000,865,056 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2013.01.31 11:01:05 | 001,821,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2013.01.23 21:58:25 | 000,348,160 | ---- | M] () -- C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe
PRC - [2013.01.03 13:42:57 | 001,259,448 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.03.25 21:42:02 | 001,564,368 | ---- | M] () -- C:\Program Files\Guard-ICQ\GuardICQ.exe
PRC - [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.07.14 03:14:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2009.05.14 15:47:54 | 000,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009.05.14 15:47:08 | 002,029,640 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

========== Modules (No Company Name) ==========

MOD - [2013.07.03 18:50:02 | 003,285,912 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013.02.13 15:53:46 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\14b55546abb9ff105fb08138cc121ca6\System.Windows.Forms.ni.dll
MOD - [2013.01.24 13:16:54 | 001,050,112 | ---- | M] () -- c:\Program Files\BrowseToSave\sprotector.dll
MOD - [2013.01.10 17:22:20 | 000,369,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\7aebc2859aa50d53b2112067dc6d0931\System.ServiceModel.Routing.ni.dll
MOD - [2013.01.10 17:22:19 | 001,139,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\feea9335d0111e8ebff8e6fe6ab895ed\System.ServiceModel.Discovery.ni.dll
MOD - [2013.01.10 17:22:17 | 000,082,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\3bffdebdf2586d6de66b6ff2813e3225\System.ServiceModel.Channels.ni.dll
MOD - [2013.01.10 17:22:16 | 001,392,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\73eea5939840be59a80a4e14adb48d10\System.ServiceModel.Activities.ni.dll
MOD - [2013.01.10 17:22:14 | 018,054,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\bd48e8c448c615fc58d62ef6ec77e4ab\System.ServiceModel.ni.dll
MOD - [2013.01.10 17:21:40 | 001,077,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\2427db2d075e87545c2b3decd0e8890c\System.IdentityModel.ni.dll
MOD - [2013.01.10 17:19:25 | 001,020,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\907b4a91ff6e213b94f0d5f2de6526f2\System.Runtime.DurableInstancing.ni.dll
MOD - [2013.01.10 17:19:24 | 000,142,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\033adbf1a8b8244700121f8784e27908\SMDiagnostics.ni.dll
MOD - [2013.01.10 17:19:23 | 002,637,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\cb18987e708b9658078ead051f693d16\System.Runtime.Serialization.ni.dll
MOD - [2013.01.10 17:19:20 | 000,391,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\1a330adc22700868ce2a2d80144c1c05\System.Xml.Linq.ni.dll
MOD - [2013.01.10 17:19:19 | 001,801,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\acf3c1c09598ff28c926aaeb9fcf5b4e\System.Xaml.ni.dll
MOD - [2013.01.10 01:14:07 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\ada1fe26df6a749dfe02c09f7b0e4a99\PresentationFramework.Aero.ni.dll
MOD - [2013.01.10 01:13:54 | 005,618,176 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\4e2cac0827fc76ba1caa25443cc4ca61\System.Xml.ni.dll
MOD - [2013.01.10 01:13:48 | 000,980,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a5abe2f70b67e025cccd8e5007d7efa5\System.Configuration.ni.dll
MOD - [2013.01.10 01:13:25 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\1c27a7c883c2dfe6fb67a7296ab0bc2d\System.Drawing.ni.dll
MOD - [2013.01.10 01:13:22 | 007,053,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\ffea95c32cab6d4e56ff8027c1b8de21\System.Core.ni.dll
MOD - [2013.01.10 01:13:12 | 018,000,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\72897fe2c7ab10621e90526863a3a492\PresentationFramework.ni.dll
MOD - [2013.01.10 01:12:50 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a0e2726fc2be626fad953d1a3ec49051\PresentationCore.ni.dll
MOD - [2013.01.10 01:12:35 | 003,856,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\97318300be8453ef8a4b934f5f79b9ac\WindowsBase.ni.dll
MOD - [2013.01.10 01:12:31 | 009,093,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\da100161503047a994c55c9832d72ce7\System.ni.dll
MOD - [2013.01.10 01:12:23 | 014,413,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\60c214b6ad5691e368a16ec65d127c27\mscorlib.ni.dll
MOD - [2011.03.15 07:13:46 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2007.10.02 15:41:38 | 000,319,488 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2007.09.20 18:34:58 | 000,129,024 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll

========== Services (SafeList) ==========

SRV - [2013.07.03 18:50:03 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.06.12 21:58:37 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.03.27 16:17:42 | 000,185,688 | ---- | M] (Garmin Ltd or its subsidiaries) [Auto | Running] -- C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe -- (Garmin Core Update Service)
SRV - [2013.01.03 13:42:57 | 001,259,448 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.04.22 13:51:04 | 000,720,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.03.25 21:42:02 | 001,564,368 | ---- | M] () [Auto | Running] -- C:\Program Files\Guard-ICQ\GuardICQ.exe -- (Guard.Mail.ru)
SRV - [2011.06.12 11:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2011.04.08 17:40:45 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.01.20 21:08:12 | 000,077,944 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.05.14 15:54:22 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009.05.14 15:47:54 | 000,731,840 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2008.08.15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Unknown] -- -- (acoiy3ze)
DRV - [2013.02.19 22:32:54 | 010,919,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012.06.14 14:14:47 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2012.04.22 13:51:38 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012.01.09 17:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012.01.09 17:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012.01.09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2012.01.09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.05.13 04:21:06 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011.05.13 04:21:06 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2011.05.13 04:21:06 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2011.05.13 04:21:06 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2011.05.13 04:21:04 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010.08.12 13:07:48 | 000,298,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2010.06.11 14:17:13 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.10.06 22:50:03 | 000,278,984 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.09.14 21:39:03 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.07.22 23:54:19 | 000,293,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcvmm.sys -- (vpcvmm)
DRV - [2009.07.22 23:54:19 | 000,055,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV - [2009.07.22 23:53:23 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpcusb.sys -- (vpcusb)
DRV - [2009.07.22 23:53:19 | 000,165,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpchbus.sys -- (vpcbus)
DRV - [2009.07.14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009.07.14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009.07.14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.14 00:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009.05.14 15:49:34 | 000,093,312 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2009.05.14 15:47:14 | 000,107,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009.05.14 15:41:10 | 000,114,472 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamon.sys -- (eamon)
DRV - [2008.06.16 15:38:34 | 000,004,480 | ---- | M] (Promethean) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\activmouse.sys -- (prmvmouse)
DRV - [2008.06.16 15:38:28 | 000,057,088 | ---- | M] (Promethean) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\activhidsermini.sys -- (ActivHidSerMini)
DRV - [2008.05.06 16:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2007.04.24 10:33:34 | 000,083,336 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s125bus.sys -- (s125bus)
DRV - [2007.04.24 09:33:46 | 000,100,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s125mgmt.sys -- (s125mgmt)
DRV - [2007.04.24 09:33:46 | 000,098,696 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s125obex.sys -- (s125obex)
DRV - [2007.04.24 09:33:44 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s125mdm.sys -- (s125mdm)
DRV - [2007.04.24 09:33:42 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s125mdfl.sys -- (s125mdfl)
DRV - [2007.04.23 14:54:50 | 000,098,568 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s115obex.sys -- (s115obex)
DRV - [2007.04.23 14:54:48 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s115mdm.sys -- (s115mdm)
DRV - [2007.04.23 14:54:48 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s115mdfl.sys -- (s115mdfl)
DRV - [2007.04.23 14:54:46 | 000,083,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s115bus.sys -- (s115bus)
DRV - [2007.02.15 14:14:28 | 000,019,840 | ---- | M] (Generic) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\StMp3Rec.sys -- (StMp3Rec)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2315390885-2291023885-1116521741-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-2315390885-2291023885-1116521741-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-2315390885-2291023885-1116521741-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2315390885-2291023885-1116521741-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mojebanka.cz/
IE - HKU\S-1-5-21-2315390885-2291023885-1116521741-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D0 D2 99 FB EB 32 CA 01 [binary data]
IE - HKU\S-1-5-21-2315390885-2291023885-1116521741-1002\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-2315390885-2291023885-1116521741-1002\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-2315390885-2291023885-1116521741-1002\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2315390885-2291023885-1116521741-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2315390885-2291023885-1116521741-1002\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?clien ... cale=en_US
IE - HKU\S-1-5-21-2315390885-2291023885-1116521741-1002\..\SearchScopes\{3A36A959-D1C6-4C01-9DDF-9F7096D4E230}: "URL" = http://www.google.com/search?q={searchT ... f8&oe=utf8
IE - HKU\S-1-5-21-2315390885-2291023885-1116521741-1002\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.ph ... &ch_id=osd
IE - HKU\S-1-5-21-2315390885-2291023885-1116521741-1002\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sear
IE - HKU\S-1-5-21-2315390885-2291023885-1116521741-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2315390885-2291023885-1116521741-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultenginename,S: S", ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.order.1,S: S", ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.selectedEngine,S: S", ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: extension%40firefox.com:1.0.0
FF - prefs.js..extensions.enabledAddons: %7B37E4D8EA-8BDA-4831-8EA1-89053939A250%7D:3.0.0.2
FF - prefs.js..extensions.enabledAddons: %7BDB9127A2-3381-41ec-82B3-1B6ED4C6F29A%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7BFBF6D7FB-F305-4445-BB3D-FEF66579A033%7D:5.0.1
FF - prefs.js..extensions.enabledAddons: %7B3d7eb24f-2740-49df-8937-200b1cc08f8a%7D:1.5.17
FF - prefs.js..extensions.enabledAddons: personas%40christopher.beard:1.7.2.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.14.2
FF - prefs.js..extensions.enabledItems: {FBF6D7FB-F305-4445-BB3D-FEF66579A033}:5.0
FF - prefs.js..extensions.enabledItems: {c0332589-973e-411e-890a-d598fb853995}:1.3.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1
FF - prefs.js..extensions.enabledItems: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... r=1.1.9&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Mojda\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Mojda\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.03.17 21:39:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.07.03 18:49:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.07.03 18:49:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009.09.11 17:21:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.07.03 18:49:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.07.03 18:49:42 | 000,000,000 | ---D | M]

[2009.09.11 17:21:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mojda\AppData\Roaming\Mozilla\Extensions
[2013.07.31 15:56:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mojda\AppData\Roaming\Mozilla\Firefox\Profiles\ea2bu0ef.default\extensions
[2011.06.01 06:15:58 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Mojda\AppData\Roaming\Mozilla\Firefox\Profiles\ea2bu0ef.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2013.04.16 16:49:01 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\Mojda\AppData\Roaming\Mozilla\Firefox\Profiles\ea2bu0ef.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2012.07.25 11:25:04 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Mojda\AppData\Roaming\Mozilla\Firefox\Profiles\ea2bu0ef.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.03.01 22:35:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mojda\AppData\Roaming\Mozilla\Firefox\Profiles\ea2bu0ef.default\extensions\{c0332589-973e-411e-890a-d598fb853995}
[2010.05.18 20:02:42 | 000,000,000 | ---D | M] (flashget3 Extension) -- C:\Users\Mojda\AppData\Roaming\Mozilla\Firefox\Profiles\ea2bu0ef.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}
[2013.04.20 18:11:12 | 000,301,821 | ---- | M] () (No name found) -- C:\Users\Mojda\AppData\Roaming\Mozilla\Firefox\Profiles\ea2bu0ef.default\extensions\compatibility@addons.mozilla.org.xpi
[2012.01.09 00:11:48 | 000,015,655 | ---- | M] () (No name found) -- C:\Users\Mojda\AppData\Roaming\Mozilla\Firefox\Profiles\ea2bu0ef.default\extensions\extension@firefox.com.xpi
[2013.04.28 17:44:01 | 000,346,768 | ---- | M] () (No name found) -- C:\Users\Mojda\AppData\Roaming\Mozilla\Firefox\Profiles\ea2bu0ef.default\extensions\personas@christopher.beard.xpi
[2011.05.07 19:16:10 | 000,164,858 | ---- | M] () (No name found) -- C:\Users\Mojda\AppData\Roaming\Mozilla\Firefox\Profiles\ea2bu0ef.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi
[2013.07.31 15:56:39 | 000,824,302 | ---- | M] () (No name found) -- C:\Users\Mojda\AppData\Roaming\Mozilla\Firefox\Profiles\ea2bu0ef.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2011.07.21 13:05:45 | 000,060,249 | ---- | M] () (No name found) -- C:\Users\Mojda\AppData\Roaming\Mozilla\Firefox\Profiles\ea2bu0ef.default\extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}.xpi
[2010.03.24 10:42:56 | 000,057,418 | ---- | M] (flashget) (No name found) -- C:\Users\Mojda\AppData\Roaming\Mozilla\Firefox\Profiles\ea2bu0ef.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}\components\FlashGetXPI.dll
[2008.10.17 10:03:56 | 000,000,205 | ---- | M] () (No name found) -- C:\Users\Mojda\AppData\Roaming\Mozilla\Firefox\Profiles\ea2bu0ef.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}\components\IFlashgetXpi.xpt
[2010.10.30 21:31:07 | 000,002,557 | ---- | M] () -- C:\Users\Mojda\AppData\Roaming\Mozilla\Firefox\Profiles\ea2bu0ef.default\searchplugins\askcom.xml
[2013.08.04 23:38:16 | 000,000,950 | ---- | M] () -- C:\Users\Mojda\AppData\Roaming\Mozilla\Firefox\Profiles\ea2bu0ef.default\searchplugins\icqplugin-1.xml
[2011.04.14 23:19:34 | 000,000,950 | ---- | M] () -- C:\Users\Mojda\AppData\Roaming\Mozilla\Firefox\Profiles\ea2bu0ef.default\searchplugins\icqplugin-2.xml
[2011.05.06 16:39:10 | 000,000,950 | ---- | M] () -- C:\Users\Mojda\AppData\Roaming\Mozilla\Firefox\Profiles\ea2bu0ef.default\searchplugins\icqplugin-3.xml
[2011.06.04 17:57:10 | 000,000,950 | ---- | M] () -- C:\Users\Mojda\AppData\Roaming\Mozilla\Firefox\Profiles\ea2bu0ef.default\searchplugins\icqplugin-4.xml
[2011.06.26 12:23:22 | 000,000,950 | ---- | M] () -- C:\Users\Mojda\AppData\Roaming\Mozilla\Firefox\Profiles\ea2bu0ef.default\searchplugins\icqplugin-5.xml
[2011.03.30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Mojda\AppData\Roaming\Mozilla\Firefox\Profiles\ea2bu0ef.default\searchplugins\icqplugin.xml
[2013.07.03 18:49:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.07.03 18:49:37 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.07.03 18:49:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.07.03 18:50:07 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010.10.30 21:31:07 | 000,001,946 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml

========== Chrome ==========

CHR - homepage: http://start.icq.com/
CHR - Extension: No name found = C:\Users\Mojda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Mojda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Mojda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: No name found = C:\Users\Mojda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2011.07.15 12:15:18 | 000,000,851 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 validation.sls.microsoft.com
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKU\S-1-5-21-2315390885-2291023885-1116521741-1002\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-2315390885-2291023885-1116521741-1002\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKU\S-1-5-21-2315390885-2291023885-1116521741-1002..\Run: [] File not found
O4 - HKU\S-1-5-21-2315390885-2291023885-1116521741-1002..\Run: [GarminExpressTrayApp] C:\Program Files\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries)
O4 - HKU\S-1-5-21-2315390885-2291023885-1116521741-1002..\Run: [Optimizer Pro] C:\Program Files\Optimizer Pro\OptProLauncher.exe (PC Utilities Pro)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2315390885-2291023885-1116521741-1006..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm ()
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: ÓĂ±ČĚŘľ«ÁéĎÂÔŘ(&B) - Reg Error: Value error. File not found
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést do Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit k existujícímu PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Stáhnout pomocí &BitSpiritu - C:\Program Files\BitSpirit\bsurl.htm ()
O8 - Extra context menu item: 使用快车3下载 - C:\Users\Mojda\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Users\Mojda\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: mojebanka.cz ([*] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mojebanka.cz ([etrading] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-2315390885-2291023885-1116521741-1002\..Trusted Domains: mojebanka.cz ([*] https in Trusted sites)
O15 - HKU\S-1-5-21-2315390885-2291023885-1116521741-1002\..Trusted Domains: mojebanka.cz ([etrading] https in Trusted sites)
O15 - HKU\S-1-5-21-2315390885-2291023885-1116521741-1002\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DF964750-A3C2-4DE1-ABC1-6402479C78E4}: DhcpNameServer = 192.168.1.20
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O20 - AppInit_DLLs: (c:\progra~1\browse~1\sprote~1.dll) - c:\Program Files\BrowseToSave\sprotector.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{2465d609-d6d3-11e0-8206-001a4d9d3cf9}\Shell - "" = AutoRun
O33 - MountPoints2\{2465d609-d6d3-11e0-8206-001a4d9d3cf9}\Shell\AutoRun\command - "" = "I:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{6171e98a-a6bb-11de-96d0-001a4d9d3cf9}\Shell - "" = AutoRun
O33 - MountPoints2\{6171e98a-a6bb-11de-96d0-001a4d9d3cf9}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\{668191ff-bfc4-11de-9fc0-001a4d9d3cf9}\Shell - "" = AutoRun
O33 - MountPoints2\{668191ff-bfc4-11de-9fc0-001a4d9d3cf9}\Shell\AutoRun\command - "" = 1
O33 - MountPoints2\{c8ad5340-b61b-11e1-8861-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c8ad5340-b61b-11e1-8861-806e6f6e6963}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\{f5afaf71-ed5b-11de-b50d-001a4d9d3cf9}\Shell - "" = AutoRun
O33 - MountPoints2\{f5afaf71-ed5b-11de-b50d-001a4d9d3cf9}\Shell\AutoRun\command - "" = H:\Installer.EXE
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Installer.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.divxa32 - C:\Windows\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.tscc - C:\Windows\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.08.06 15:01:46 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mojda\Desktop\OTL.exe
[2013.08.05 20:43:54 | 000,000,000 | ---D | C] -- C:\Users\Mojda\Desktop\Nová složka (2)
[2013.07.28 16:01:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013.07.22 23:28:47 | 028,864,824 | ---- | C] (Nokia ) -- C:\Users\Mojda\Desktop\NokiaMaploaderSetup_ENU_18543.exe
[2013.07.22 21:21:30 | 000,000,000 | ---D | C] -- C:\Users\Mojda\Documents\Nokia Suite
[2013.07.09 20:16:17 | 000,000,000 | ---D | C] -- C:\Users\Mojda\Desktop\djt
[2010.10.15 23:11:08 | 000,250,544 | ---- | C] (KeyWorks Software) -- C:\Program Files\Common Files\keyhelp.ocx
[2009.10.31 16:06:38 | 001,596,416 | ---- | C] (.Rain) -- C:\Users\Mojda\AppData\Roaming\file1.exe
[2009.10.16 17:24:55 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Mojda\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2013.08.06 15:06:42 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.08.06 15:01:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mojda\Desktop\OTL.exe
[2013.08.06 14:58:01 | 000,000,938 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.08.06 14:58:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.08.06 14:52:02 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2315390885-2291023885-1116521741-1002UA.job
[2013.08.06 14:07:33 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.08.06 14:07:19 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\schedule!3036567561.job
[2013.08.06 14:06:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.08.06 14:06:38 | 2415,566,848 | -HS- | M] () -- C:\hiberfil.sys
[2013.08.05 22:18:17 | 000,031,632 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.08.05 22:18:17 | 000,031,632 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.08.05 21:30:29 | 000,632,886 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2013.08.05 21:30:29 | 000,616,566 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.08.05 21:30:29 | 000,122,516 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2013.08.05 21:30:29 | 000,106,946 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.08.03 21:31:29 | 000,098,726 | ---- | M] () -- C:\Users\Mojda\Desktop\Harry_Potter_and_the_Prisoner_of_Azkaban_2004.srt
[2013.08.03 21:30:11 | 000,098,726 | ---- | M] () -- C:\Users\Mojda\Desktop\Harry-Potter-And-The-Prisoner-Of-Azkaban(0000092165)(1).srt
[2013.08.03 21:27:08 | 000,056,274 | ---- | M] () -- C:\Users\Mojda\Desktop\Despicable-Me(0000166100).srt
[2013.08.01 15:58:58 | 000,002,368 | ---- | M] () -- C:\Users\Mojda\Desktop\Google Chrome.lnk
[2013.07.31 07:52:15 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2315390885-2291023885-1116521741-1002Core.job
[2013.07.29 18:01:11 | 576,131,414 | ---- | M] () -- C:\Users\Mojda\Desktop\Harry_Potter_and_the_Prisoner_of_Azkaban_2004.mkv
[2013.07.29 17:44:08 | 000,098,726 | ---- | M] () -- C:\Users\Mojda\Desktop\Harry-Potter-And-The-Prisoner-Of-Azkaban(0000092165).srt
[2013.07.27 12:22:58 | 000,321,316 | ---- | M] () -- C:\Users\Mojda\Desktop\mapa.jpg
[2013.07.22 23:34:51 | 000,002,077 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Map Loader.lnk
[2013.07.22 23:29:47 | 028,864,824 | ---- | M] (Nokia ) -- C:\Users\Mojda\Desktop\NokiaMaploaderSetup_ENU_18543.exe
[2013.07.22 23:25:47 | 008,732,488 | ---- | M] () -- C:\Users\Mojda\Desktop\maps_installer_3.04_10wk17_b07_s60_5.0.Nocs.sis
[2013.07.15 16:20:27 | 001,129,293 | ---- | M] () -- C:\Users\Mojda\Desktop\vyúčtování Vídeň.pdf
[2013.07.15 10:27:52 | 002,561,988 | ---- | M] () -- C:\Users\Mojda\Desktop\sako_ze_sametu.mp3
[2013.07.15 00:01:37 | 731,046,252 | ---- | M] () -- C:\Users\Mojda\Desktop\Europa.Report.2013.WEBRipXViD juggs.avi
[2013.07.14 23:36:01 | 000,081,680 | ---- | M] () -- C:\Users\Mojda\Desktop\Europa.Report.2013.WEBRipXViD juggs.srt
[2013.07.13 15:45:02 | 000,557,187 | ---- | M] () -- C:\Users\Mojda\Documents\img041.jpg
[2013.07.13 14:17:42 | 000,001,057 | ---- | M] () -- C:\Users\Mojda\AppData\Roaming\vso_ts_preview.xml

========== Files Created - No Company Name ==========

[2013.08.03 21:31:26 | 000,098,726 | ---- | C] () -- C:\Users\Mojda\Desktop\Harry_Potter_and_the_Prisoner_of_Azkaban_2004.srt
[2013.08.03 21:30:07 | 000,098,726 | ---- | C] () -- C:\Users\Mojda\Desktop\Harry-Potter-And-The-Prisoner-Of-Azkaban(0000092165)(1).srt
[2013.08.03 21:27:03 | 000,056,274 | ---- | C] () -- C:\Users\Mojda\Desktop\Despicable-Me(0000166100).srt
[2013.07.29 17:44:05 | 000,098,726 | ---- | C] () -- C:\Users\Mojda\Desktop\Harry-Potter-And-The-Prisoner-Of-Azkaban(0000092165).srt
[2013.07.29 17:41:46 | 576,131,414 | ---- | C] () -- C:\Users\Mojda\Desktop\Harry_Potter_and_the_Prisoner_of_Azkaban_2004.mkv
[2013.07.27 12:22:29 | 000,321,316 | ---- | C] () -- C:\Users\Mojda\Desktop\mapa.jpg
[2013.07.22 23:34:51 | 000,002,077 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Map Loader.lnk
[2013.07.22 23:25:17 | 008,732,488 | ---- | C] () -- C:\Users\Mojda\Desktop\maps_installer_3.04_10wk17_b07_s60_5.0.Nocs.sis
[2013.07.15 16:20:27 | 001,129,293 | ---- | C] () -- C:\Users\Mojda\Desktop\vyúčtování Vídeň.pdf
[2013.07.15 10:27:44 | 002,561,988 | ---- | C] () -- C:\Users\Mojda\Desktop\sako_ze_sametu.mp3
[2013.07.14 23:36:00 | 000,081,680 | ---- | C] () -- C:\Users\Mojda\Desktop\Europa.Report.2013.WEBRipXViD juggs.srt
[2013.07.14 23:31:21 | 731,046,252 | ---- | C] () -- C:\Users\Mojda\Desktop\Europa.Report.2013.WEBRipXViD juggs.avi
[2013.05.26 22:08:37 | 733,333,504 | ---- | C] () -- C:\Users\Mojda\Bylo nás pět - 2. díl Andělíček policajt.avi
[2012.11.23 10:00:44 | 002,423,032 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.06.06 15:16:26 | 000,298,048 | ---- | C] () -- C:\Users\Mojda\AppData\Local\SRDownloader.err
[2012.05.25 12:30:38 | 000,000,000 | ---- | C] () -- C:\Windows\Irremote.ini
[2012.01.03 17:21:43 | 000,001,057 | ---- | C] () -- C:\Users\Mojda\AppData\Roaming\vso_ts_preview.xml
[2011.05.19 14:13:12 | 000,001,184 | ---- | C] () -- C:\Users\Mojda\AppData\Local\SRDownloader.nast
[2011.05.10 15:49:37 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.10.31 19:12:50 | 000,076,995 | -HS- | C] () -- C:\Users\Mojda\AppData\Roaming\10090_a39085f3cb88c8d29f890efcc4fe6da4.exe
[2009.10.31 16:08:29 | 000,000,093 | ---- | C] () -- C:\Users\Mojda\AppData\Roaming\file1.ini
[2009.10.16 17:24:55 | 000,087,608 | ---- | C] () -- C:\Users\Mojda\AppData\Roaming\inst.exe
[2009.10.16 17:24:55 | 000,007,887 | ---- | C] () -- C:\Users\Mojda\AppData\Roaming\pcouffin.cat
[2009.10.16 17:24:55 | 000,001,144 | ---- | C] () -- C:\Users\Mojda\AppData\Roaming\pcouffin.inf
[2009.09.17 21:07:52 | 000,001,024 | ---- | C] () -- C:\Users\Mojda\.rnd
[2009.09.15 16:35:48 | 000,022,328 | ---- | C] () -- C:\Users\Mojda\AppData\Roaming\PnkBstrK.sys
[2009.09.12 11:37:07 | 000,003,584 | ---- | C] () -- C:\Users\Mojda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012.02.26 18:20:17 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\.minecraft
[2011.09.07 17:26:32 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\Autodesk
[2010.05.20 19:17:40 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\BITS
[2009.09.12 13:47:27 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\BitSpirit
[2010.02.10 23:28:03 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\Cornelsen
[2012.11.22 22:51:04 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\DAEMON Tools Lite
[2012.11.22 22:51:04 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\DAEMON Tools Pro
[2009.11.15 19:36:39 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\EPSON
[2013.08.06 12:49:34 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\esmska
[2010.05.18 18:49:12 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\FlashGet
[2010.05.18 18:49:00 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\FlashGetBHO
[2010.04.17 18:06:53 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\FreeAudioPack
[2010.04.17 18:07:25 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\FreeCDRipper
[2013.05.19 13:28:47 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\Garmin
[2009.09.11 17:24:46 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\GHISLER
[2013.05.30 17:08:46 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\ICQ
[2012.03.25 21:44:16 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\ICQ Search
[2011.05.28 19:05:27 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\ImgBurn
[2011.10.25 20:25:35 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\Jpeg Resampler
[2010.10.21 17:35:26 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\MobMapUpdater
[2013.07.22 23:37:18 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\Nokia
[2010.10.30 21:30:57 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\OCS
[2012.06.14 14:13:02 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\OpenCandy
[2010.10.30 21:31:08 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\Opera
[2011.09.15 22:01:11 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\PC Suite
[2009.12.09 00:46:05 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\QIP
[2013.08.05 22:23:43 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\uTorrent
[2010.04.05 20:57:46 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\VeskrnaMartin
[2009.09.12 13:57:13 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\VitySoft
[2013.07.13 14:17:43 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\Vso
[2009.10.29 10:43:09 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\WindowsApplication1

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 06:53:46 | 000,032,560 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2012.07.14 17:22:44 | 000,000,910 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2315390885-2291023885-1116521741-1002Core.job
[2012.07.14 17:22:48 | 000,000,962 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2315390885-2291023885-1116521741-1002UA.job
[2013.01.25 13:46:05 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.03.10 13:01:09 | 000,000,416 | -H-- | C] () -- C:\Windows\Tasks\schedule!3036567561.job
[2013.03.31 17:38:02 | 000,000,934 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.03.31 17:38:03 | 000,000,938 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: AGP440.SYS >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\System32\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2012.06.02 06:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2012.04.24 06:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2012.04.24 06:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2012.04.24 06:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[2012.06.02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 14:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2012.06.02 06:41:59 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=EA8C26ECF1656D9647EF044F115EC6DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll
[2012.06.02 06:45:21 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=F2FDE6C8DBAAD44CC58D1E07E4AF4EED -- C:\Windows\System32\cryptsvc.dll
[2012.06.02 06:45:21 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=F2FDE6C8DBAAD44CC58D1E07E4AF4EED -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll
[2012.04.24 06:33:53 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=F522279B4717E2BFF269C771FAC2B78E -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\System32\hal.dll
[2009.07.14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: IASTORV.SYS >
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\drivers\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\isapnp.sys

< MD5 for: LSASS.EXE >
[2011.11.17 09:09:25 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=05F38CB7CAB3CE8E9A1812D517DA93EF -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_a69c8e86d7476262\lsass.exe
[2011.11.17 07:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\lsass.exe
[2011.11.17 07:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_a828bb43bb2beb28\lsass.exe
[2012.06.02 06:40:31 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=A6034689ACF9D14973F8384AD5A5451E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_a6eb42a4d70be51e\lsass.exe
[2011.11.17 07:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- C:\Windows\System32\lsass.exe
[2011.11.17 07:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_a66c9bbdbde5f8fa\lsass.exe
[2011.11.17 07:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_a656d407bdf6641e\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe
[2012.06.02 06:51:22 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FA7B950E4CA6AA260C4EABA19E03644D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_a8d76e24d42eb666\lsass.exe
[2011.11.17 07:24:04 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FBCB2DFA40862DAA7B1534C9538208A5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\lsass.exe

< MD5 for: NDIS.SYS >
[2009.07.14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\System32\drivers\ndis.sys
[2009.07.14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys
[2010.11.20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\System32\drivers\nvraid.sys
[2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvraid.sys
[2010.11.20 14:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvraid.sys

James29 · #4 Příspěvek od **James29** » 06 srp 2013 15:59

< MD5 for: NVSTOR.SYS >
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SMSS.EXE >
[2013.03.19 04:43:41 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=0294CC751D7FAEB13621EEFB8A749429 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_ae7bdfb790cddbcf\smss.exe
[2009.07.14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe
[2013.03.19 04:51:05 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=37F4765554F2CD34AAAB616F696E5539 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.21490_none_ac8ab2c593af8bd4\smss.exe
[2013.03.19 04:50:03 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=B24BF638652522BB5E14AB7993FD4A5D -- C:\Windows\System32\smss.exe
[2013.03.19 04:50:03 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=B24BF638652522BB5E14AB7993FD4A5D -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.17273_none_ac19b4ca7a7f0306\smss.exe
[2013.03.19 04:49:16 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=DE91DCC7BC55E940979097E98F743205 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_ae40f33e7774c473\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.06.21 07:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011.09.29 18:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2011.04.25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013.01.03 07:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2010.11.20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 18:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2013.01.04 06:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2012.03.30 12:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011.09.29 17:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2011.09.29 18:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011.04.25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013.01.03 07:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2012.03.30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011.04.25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012.03.30 11:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2011.06.21 07:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010.06.14 08:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010.06.14 08:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2013.01.04 06:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\System32\drivers\tcpip.sys
[2013.01.04 06:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
[2011.06.21 07:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2011.06.21 08:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012.03.30 12:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\System32\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[10 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.02.26 18:20:17 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\.minecraft
[2013.02.15 19:21:47 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\Adobe
[2009.10.17 16:20:18 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\AdobeAUM
[2012.08.03 00:09:38 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\Apple Computer
[2011.09.07 17:26:32 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\Autodesk
[2010.05.20 19:17:40 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\BITS
[2009.09.12 13:47:27 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\BitSpirit
[2010.02.10 23:28:03 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\Cornelsen
[2012.11.22 22:51:04 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\DAEMON Tools Lite
[2012.11.22 22:51:04 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\DAEMON Tools Pro
[2010.12.16 20:15:47 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\DivX
[2013.08.05 21:35:35 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\dvdcss
[2009.11.15 19:36:39 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\EPSON
[2013.08.06 12:49:34 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\esmska
[2010.05.18 18:49:12 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\FlashGet
[2010.05.18 18:49:00 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\FlashGetBHO
[2010.04.17 18:06:53 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\FreeAudioPack
[2010.04.17 18:07:25 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\FreeCDRipper
[2013.05.19 13:28:47 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\Garmin
[2009.09.11 17:24:46 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\GHISLER
[2009.10.23 14:14:02 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\GRETECH
[2010.06.11 15:06:07 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\Hamachi
[2013.05.30 17:08:46 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\ICQ
[2012.03.25 21:44:16 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\ICQ Search
[2009.09.11 16:26:00 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\Identities
[2011.05.28 19:05:27 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\ImgBurn
[2009.09.22 20:33:23 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\InstallShield
[2011.10.25 20:25:35 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\Jpeg Resampler
[2010.03.16 21:47:09 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\Macromedia
[2009.07.14 09:48:45 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\Media Center Programs
[2012.11.22 22:51:02 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\Media Player Classic
[2013.01.26 01:07:02 | 000,000,000 | --SD | M] -- C:\Users\Mojda\AppData\Roaming\Microsoft
[2013.03.21 23:02:19 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\Microsoft Games
[2010.10.21 17:35:26 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\MobMapUpdater
[2009.09.11 17:21:33 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\Mozilla
[2012.09.01 16:12:42 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\Nero
[2013.07.22 23:37:18 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\Nokia
[2013.03.15 22:35:01 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\NVIDIA
[2010.10.30 21:30:57 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\OCS
[2012.06.14 14:13:02 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\OpenCandy
[2010.10.30 21:31:08 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\Opera
[2011.09.15 22:01:11 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\PC Suite
[2009.12.09 00:46:05 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\QIP
[2010.04.07 20:10:47 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\Real
[2012.11.22 22:51:02 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\Skype
[2012.02.25 01:00:16 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\skypePM
[2013.08.05 22:23:43 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\uTorrent
[2010.04.05 20:57:46 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\VeskrnaMartin
[2009.09.12 13:57:13 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\VitySoft
[2013.08.06 11:27:45 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\vlc
[2013.07.13 14:17:43 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\Vso
[2009.10.29 10:43:09 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\WindowsApplication1
[2009.09.11 18:14:09 | 000,000,000 | ---D | M] -- C:\Users\Mojda\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2009.10.31 19:14:11 | 000,076,995 | -HS- | M] () -- C:\Users\Mojda\AppData\Roaming\10090_a39085f3cb88c8d29f890efcc4fe6da4.exe
[2010.05.13 13:26:14 | 001,596,416 | ---- | M] (.Rain) -- C:\Users\Mojda\AppData\Roaming\file1.exe
[2012.05.25 12:21:04 | 000,087,608 | ---- | M] () -- C:\Users\Mojda\AppData\Roaming\inst.exe
[2011.03.01 06:54:57 | 000,695,296 | ---- | M] (AnjoCaido) -- C:\Users\Mojda\AppData\Roaming\.minecraft\MineCraft-hra.exe
[2005.06.02 09:57:45 | 000,585,728 | ---- | M] (Cornelsen Verlag GmbH & Co. oHG) -- C:\Users\Mojda\AppData\Roaming\Cornelsen\207463\DKLHB_Studio_d_207072_Starter.exe
[2007.12.21 13:56:29 | 000,444,232 | ---- | M] (Cornelsen Verlag GmbH & Co. oHG) -- C:\Users\Mojda\AppData\Roaming\Cornelsen\207471\studio_d_A2_Starter.exe
[2007.03.22 12:46:40 | 000,126,976 | ---- | M] () -- C:\Users\Mojda\AppData\Roaming\GRETECH\GomPlayer\GrLauncher.exe
[2010.03.13 15:03:53 | 000,030,720 | ---- | M] () -- C:\Users\Mojda\AppData\Roaming\GRETECH\GomPlayer\GrLauncherTempSetup.exe
[2010.06.12 11:50:46 | 000,409,600 | R--- | M] (Macrovision Corporation) -- C:\Users\Mojda\AppData\Roaming\Microsoft\Installer\{24BA79B5-53F9-475C-9D49-EC4BDE8B09CF}\ARPPRODUCTICON.exe
[2010.06.12 11:50:47 | 000,409,600 | R--- | M] (Macrovision Corporation) -- C:\Users\Mojda\AppData\Roaming\Microsoft\Installer\{24BA79B5-53F9-475C-9D49-EC4BDE8B09CF}\NewShortcut2_6D20AC6FF7844F04BE4C6D94A1805157.exe
[2010.06.12 11:50:47 | 000,409,600 | R--- | M] (Macrovision Corporation) -- C:\Users\Mojda\AppData\Roaming\Microsoft\Installer\{24BA79B5-53F9-475C-9D49-EC4BDE8B09CF}\NewShortcut3_6D20AC6FF7844F04BE4C6D94A1805157.exe
[2012.06.29 11:42:15 | 000,053,248 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Mojda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\ARPPRODUCTICON.exe
[2012.06.29 11:42:15 | 000,049,152 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Mojda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
[2012.06.29 11:42:15 | 000,073,728 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Mojda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut46_74B9CE5DF1F4447F982DCA29A461B529.exe
[2012.06.29 11:42:15 | 000,073,728 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Mojda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut47_74B9CE5DF1F4447F982DCA29A461B529.exe
[2012.06.29 11:42:15 | 000,049,152 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Mojda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
[2010.10.30 21:30:57 | 000,106,496 | ---- | M] (OCS) -- C:\Users\Mojda\AppData\Roaming\OCS\SM\SearchAnonymizer.exe
[2010.10.30 21:30:57 | 000,040,960 | ---- | M] () -- C:\Users\Mojda\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
[2012.02.06 20:18:56 | 002,081,208 | ---- | M] (Speedchecker Limited ) -- C:\Users\Mojda\AppData\Roaming\OpenCandy\64788242A45545BBB0ABE68661143FA1\pcspeedup_oc.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.08.05 22:18:17 | 000,031,632 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.08.05 22:18:17 | 000,031,632 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.08.05 21:30:29 | 000,122,516 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2013.08.05 21:30:29 | 000,106,946 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2013.08.05 21:30:29 | 000,632,886 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2013.08.05 21:30:29 | 000,616,566 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2013.08.05 21:30:29 | 001,470,198 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"" =
"Google Update" = "C:\Users\Mojda\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2011.09.29 20:03:13 | 000,136,176 | ---- | M] (Google Inc.)
"Optimizer Pro" = C:\Program Files\Optimizer Pro\OptProLauncher.exe -- [2012.10.30 12:54:32 | 000,081,952 | ---- | M] (PC Utilities Pro)
"GarminExpressTrayApp" = "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" -- [2013.03.27 16:18:02 | 001,098,072 | ---- | M] (Garmin Ltd or its subsidiaries)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.08.06 15:06:42 | 000,000,512 | ---- | M] () MD5=FDBDB6BC4A10C81364C807C171F964A3 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2008.09.10 17:22:40 | 000,003,556 | ---- | M] () -- \Program Files\Adobe\Adobe Dreamweaver CS4\configuration\Content\Reference\PHP\CrackF.html

< *keygen* /s >
[2008.09.10 17:22:34 | 000,013,367 | ---- | M] () -- \Program Files\Adobe\Adobe Dreamweaver CS4\configuration\Content\Reference\HTML\KEYGEN.html

< *AntiWPA* /s >

< *loader* /s >
[2008.03.18 07:31:00 | 000,009,216 | R--- | M] () -- \Program Files\Adobe\Acrobat 9.0\PDFMaker\AutoCAD\OD\AecDummyLoader_2.05_8.dll
[2008.08.28 19:34:20 | 004,965,736 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\Photodownloader.exe
[2008.08.28 16:42:12 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\de_de\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\en_us\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\es_es\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\it_it\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\no_no\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,308 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2008.08.28 16:42:16 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2008.09.10 17:25:04 | 000,037,112 | ---- | M] () -- \Program Files\Adobe\Adobe Dreamweaver CS4\configuration\Shared\MM\Media\FLVLoader.swf
[2008.09.04 13:48:00 | 000,061,190 | ---- | M] () -- \Program Files\Adobe\Adobe Fireworks CS4\Configuration\Common Library\Animations\Loader01.animation.png
[2008.09.04 13:48:02 | 000,312,906 | ---- | M] () -- \Program Files\Adobe\Adobe Fireworks CS4\Configuration\Common Library\Animations\Loader02.animation.png
[2008.09.04 13:48:02 | 000,119,812 | ---- | M] () -- \Program Files\Adobe\Adobe Fireworks CS4\Configuration\Common Library\Animations\Loader03.animation.png
[2008.09.04 13:48:02 | 000,237,114 | ---- | M] () -- \Program Files\Adobe\Adobe Fireworks CS4\Configuration\Common Library\Animations\Loader04.animation.png
[2008.09.09 20:27:06 | 000,025,485 | ---- | M] () -- \Program Files\Adobe\Adobe Flash CS4\Common\Configuration\Component Source\ActionScript 3.0\User Interface\fl\containers\UILoader.as
[2008.09.09 20:27:08 | 000,044,966 | ---- | M] () -- \Program Files\Adobe\Adobe Flash CS4\Common\Configuration\Components\User Interface\Loader.swc
[2008.09.09 20:27:16 | 000,000,544 | ---- | M] () -- \Program Files\Adobe\Adobe Flash CS4\Common\First Run\Classes\FP7\MovieClipLoader.as
[2008.09.09 20:27:16 | 000,000,544 | ---- | M] () -- \Program Files\Adobe\Adobe Flash CS4\Common\First Run\Classes\FP8\MovieClipLoader.as
[2008.09.09 20:27:16 | 000,000,576 | ---- | M] () -- \Program Files\Adobe\Adobe Flash CS4\Common\First Run\Classes\FP9\MovieClipLoader.as
[2008.09.09 20:27:18 | 000,010,454 | ---- | M] () -- \Program Files\Adobe\Adobe Flash CS4\Common\First Run\Classes\mx\controls\Loader.as
[2008.09.04 13:21:42 | 000,003,500 | ---- | M] () -- \Program Files\Adobe\Adobe InDesign CS4\Scripts\Export As XHTML\startup scripts\XHTMLExportMenuItemLoader.jsx
[2008.09.04 13:21:42 | 000,002,915 | ---- | M] () -- \Program Files\Adobe\Adobe InDesign CS4\Scripts\XHTML For Digital Editions\startup scripts\OEBExportMenuItemLoader.jsx
[2008.08.26 01:32:24 | 000,217,088 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CS4\MXF_SDK_MetaMetadata_BinaryLoader_r.4.1.1.223.dll
[2011.03.13 15:54:12 | 000,026,472 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2011\AecLoader.arx
[2004.06.21 18:04:16 | 000,113,664 | ---- | M] () -- \Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[2008.10.02 19:03:54 | 000,190,141 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\cs_CZ\AS3LCR\Flash_10.0\fl\containers\UILoader.html
[2008.10.02 19:03:56 | 000,134,888 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\cs_CZ\AS3LCR\Flash_10.0\flash\display\Loader.html
[2008.10.02 19:03:56 | 000,089,809 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\cs_CZ\AS3LCR\Flash_10.0\flash\display\LoaderInfo.html
[2008.10.02 19:03:56 | 000,192,465 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\cs_CZ\AS3LCR\Flash_10.0\flash\html\HTMLLoader.html
[2008.10.02 19:03:56 | 000,028,506 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\cs_CZ\AS3LCR\Flash_10.0\flash\media\SoundLoaderContext.html
[2008.10.02 19:03:58 | 000,066,220 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\cs_CZ\AS3LCR\Flash_10.0\flash\net\URLLoader.html
[2008.10.02 19:03:58 | 000,023,925 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\cs_CZ\AS3LCR\Flash_10.0\flash\net\URLLoaderDataFormat.html
[2008.10.02 19:03:32 | 000,018,834 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\cs_CZ\AS3LCR\Flash_10.0\flash\system\JPEGLoaderContext.html
[2008.10.02 19:03:32 | 000,036,820 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\cs_CZ\AS3LCR\Flash_10.0\flash\system\LoaderContext.html
[2008.10.02 19:03:32 | 000,025,994 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\cs_CZ\AS3LCR\Flash_10.0\images\loaderInfo_object.jpg
[2008.08.14 07:23:12 | 000,009,969 | ---- | M] () -- \Program Files\Common Files\Adobe\Startup Scripts CS4\Adobe Version Cue\VersionCueSDKLoader.jsx
[2010.10.07 15:03:15 | 000,000,001 | ---- | M] () -- \Program Files\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2010.03.24 20:12:34 | 000,249,680 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.03.24 20:12:34 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012.03.01 20:23:20 | 000,112,128 | ---- | M] () -- \Program Files\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2007.10.23 17:52:22 | 000,114,688 | ---- | M] () -- \Program Files\Epson Software\Easy Photo Print\APFLoaderV13.dll
[2007.10.23 17:52:22 | 000,069,632 | ---- | M] () -- \Program Files\Epson Software\Easy Photo Print\EpAPFLoader.dll
[2007.10.23 17:52:22 | 000,102,400 | ---- | M] () -- \Program Files\Epson Software\Easy Photo Print\EpAPFLoader2006.dll
[2013.03.21 17:46:34 | 000,044,032 | ---- | M] () -- \Program Files\Garmin\Core Update Service\Garmin.Cartography.MyDownloader.Core.dll
[2011.02.05 15:31:16 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.4\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.02.05 15:31:16 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.4\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.02.05 15:31:16 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.4\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.04.11 14:53:01 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.4\Xtraz\icq\content\icq_profile\preloader.html
[2011.02.05 15:31:35 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.4\Xtraz\icq\content\profile_forms\preloader.html
[2011.12.24 17:10:14 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.4\Xtraz\icq\content\profile_lightboxs\preloader.html
[2012.08.27 20:30:51 | 000,003,830 | ---- | M] () -- \Program Files\ICQ7.4\Xtraz\icq\content\slide-a-lama\preloader02.swf
[2012.08.30 21:44:22 | 000,003,830 | ---- | M] () -- \Program Files\ICQ7.4\Xtraz\icq\content\zoopaloola\preloader02.swf
[2012.03.25 21:40:11 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.7\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2012.03.25 21:40:12 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.7\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2012.03.25 21:40:11 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.7\imApp\theme\MUICoreLib\xtraLoader.swf
[2012.03.25 21:40:32 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.7\Xtraz\icq\content\profile_lightboxs\preloader.html
[2009.09.03 09:53:58 | 001,978,880 | ---- | M] () -- \Program Files\Nokia\Nokia Map Loader\map loader.exe
[2011.05.09 12:52:16 | 000,002,560 | ---- | M] () -- \Program Files\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2006.12.23 17:37:56 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2008.08.12 10:33:18 | 001,069,712 | ---- | M] () -- \Program Files\World of Warcraft\BackgroundDownloader.exe
[2008.05.23 15:39:40 | 000,003,013 | ---- | M] () -- \Program Files\World of Warcraft\Data\enUS\Documentation\Troubleshooting\(Mac)BlizzardDownloaderProblems.html
[2008.05.23 15:39:40 | 000,004,227 | ---- | M] () -- \Program Files\World of Warcraft\Data\enUS\Documentation\Troubleshooting\(PC)BlizzardDownloaderProblems.html
[2013.07.22 23:34:51 | 000,002,101 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia\Nokia Map Loader\Nokia Map Loader.lnk
[2013.07.22 23:34:51 | 000,001,890 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia\Nokia Map Loader\Uninstall Nokia Map Loader.lnk
[2013.07.22 23:34:51 | 000,002,101 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Nokia\Nokia Map Loader\Nokia Map Loader.lnk
[2013.07.22 23:34:51 | 000,001,890 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Nokia\Nokia Map Loader\Uninstall Nokia Map Loader.lnk
[2013.05.31 13:58:03 | 000,298,048 | ---- | M] () -- \Users\Mojda\AppData\Local\SRDownloader.err
[2013.05.31 13:58:03 | 000,001,184 | ---- | M] () -- \Users\Mojda\AppData\Local\SRDownloader.nast
[2012.02.26 18:12:57 | 000,000,662 | ---- | M] () -- \Users\Mojda\AppData\Roaming\.minecraft\ModLoader.txt
[2011.05.18 12:33:49 | 000,000,666 | ---- | M] () -- \Users\Mojda\AppData\Roaming\.minecraft\ModLoader.txt.1
[2012.02.26 18:12:57 | 000,000,104 | ---- | M] () -- \Users\Mojda\AppData\Roaming\.minecraft\config\ModLoader.cfg
[2009.09.12 13:58:02 | 000,001,142 | ---- | M] () -- \Users\Mojda\Desktop\Downloader.lnk
[2013.07.22 23:29:47 | 028,864,824 | ---- | M] () -- \Users\Mojda\Desktop\NokiaMaploaderSetup_ENU_18543.exe
[2012.12.20 17:04:46 | 000,905,728 | ---- | M] () -- \Users\Mojda\Desktop\SRDownloader.exe
[2013.07.22 23:34:51 | 000,002,077 | ---- | M] () -- \Users\Public\Desktop\Nokia Map Loader.lnk
[2010.10.07 15:03:00 | 002,705,537 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\wow-2.1.1.1897-enUS-tools-downloader.exe
[2009.07.13 16:55:00 | 000,223,744 | ---- | M] () -- \windows 7\sources\upgloader.dll
[2009.07.13 16:55:00 | 000,022,528 | ---- | M] () -- \windows 7\sources\en-us\upgloader.dll.mui
[2012.02.03 04:32:08 | 000,112,128 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\A8640317F35F8964C8903A93AEB3506E\3.0.655\ta_productapiloader..D321D6CC_DBBE_4AC3_8DBD_DFF82BB39BDC
[2010.11.20 07:28:20 | 000,002,838 | ---- | M] () -- \Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_fi-fi_178685823786d34d.manifest
[2010.11.20 07:38:52 | 000,002,838 | ---- | M] () -- \Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_d8268e5f2967c990.manifest
[2013.01.04 06:43:53 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.20 09:34:54 | 000,070,936 | ---- | M] () -- \Windows\System32\PhysXLoader.dll
[2007.08.07 14:04:24 | 000,009,622 | ---- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2009.07.14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.09.11 17:09:04 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.09.11 17:09:04 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.09.11 17:09:04 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2009.07.14 06:56:40 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009.07.14 06:56:40 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winload.exe.mui_3bc5b827
[2009.07.14 06:56:40 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winresume.exe.mui_ff8b5358
[2009.10.20 09:21:22 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.10.20 09:21:23 | 000,507,568 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed_winload.exe_75835076
[2009.10.20 09:21:24 | 000,442,920 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed_winresume.exe_85cd1215
[2009.07.14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.13 18:54:50 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 04:29:12 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009.07.14 03:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 09:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 09:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 05:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:45:50 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:45:38 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:47:28 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >
[2008.09.10 17:22:38 | 000,000,631 | ---- | M] () -- \Program Files\Adobe\Adobe Dreamweaver CS4\configuration\Content\Reference\JavaScript\TextNode.html

< *AutoKMS* /s >
[2010.09.22 19:02:22 | 000,472,576 | ---- | M] () -- \Windows\AutoKMS.exe
[2013.08.06 14:08:36 | 000,000,349 | ---- | M] () -- \Windows\AutoKMS.log
[2010.09.22 19:02:24 | 000,003,060 | ---- | M] () -- \Windows\System32\Tasks\AutoKMS

< *activator* /s >
[2008.09.09 20:27:22 | 000,002,319 | ---- | M] () -- \Program Files\Adobe\Adobe Flash CS4\Common\First Run\Classes\mx\skins\halo\ActivatorSkin.as
[2008.09.09 20:27:22 | 000,001,806 | ---- | M] () -- \Program Files\Adobe\Adobe Flash CS4\Common\First Run\Classes\mx\skins\sample\ActivatorSkin.as
[2008.08.15 05:46:42 | 000,004,364 | ---- | M] () -- \Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\plugins\com.adobe.versioncue.serialization_4.0.0\com\adobe\versioncue\internal\serialization\Activator.class
[2008.08.15 05:46:30 | 000,001,223 | ---- | M] () -- \Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\plugins\com.adobe.versioncue.wire.event_4.0.0\com\adobe\versioncue\wire\internal\event\EventActivator$1.class
[2008.08.15 05:46:32 | 000,001,928 | ---- | M] () -- \Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\plugins\com.adobe.versioncue.wire.event_4.0.0\com\adobe\versioncue\wire\internal\event\EventActivator$2.class
[2008.08.15 05:46:36 | 000,001,622 | ---- | M] () -- \Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\plugins\com.adobe.versioncue.wire.event_4.0.0\com\adobe\versioncue\wire\internal\event\EventActivator$EventFilter.class
[2008.08.15 05:46:36 | 000,004,057 | ---- | M] () -- \Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\plugins\com.adobe.versioncue.wire.event_4.0.0\com\adobe\versioncue\wire\internal\event\EventActivator.class
[2008.08.15 05:46:08 | 000,001,826 | ---- | M] () -- \Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\plugins\com.adobe.versioncue.wire.execution_4.0.0\com\adobe\versioncue\wire\execution\Activator.class
[2008.08.14 07:56:12 | 000,003,942 | ---- | M] () -- \Program Files\Common Files\Adobe\CS4ServiceManager\plugins\com.adobe.csi.core.logging_1.0.0\com\adobe\csi\core\logging\Activator.class
[2008.08.14 07:56:10 | 000,001,489 | ---- | M] () -- \Program Files\Common Files\Adobe\CS4ServiceManager\plugins\com.adobe.drive.shutdown_1.0.0\com\adobe\drive\shutdown\Activator.class

< *serial* /s >
[2007.10.10 14:23:56 | 000,001,673 | R--- | M] () -- \Program Files\Adobe\Acrobat 9.0\Acrobat\amt_assets\LMResources\BadSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,001,545 | R--- | M] () -- \Program Files\Adobe\Acrobat 9.0\Acrobat\amt_assets\LMResources\CantChangeSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,001,639 | R--- | M] () -- \Program Files\Adobe\Acrobat 9.0\Acrobat\amt_assets\LMResources\InValidUpGradeSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,000,833 | R--- | M] () -- \Program Files\Adobe\Acrobat 9.0\Acrobat\amt_assets\LMResources\ReserializeAlert.exv
[2008.02.14 12:28:06 | 000,027,858 | R--- | M] () -- \Program Files\Adobe\Acrobat 9.0\Acrobat\amt_assets\LMResources\SerializationWF.exv
[2007.10.10 14:23:56 | 000,001,673 | R--- | M] () -- \Program Files\Adobe\Acrobat 9.0\Acrobat\LMResources\BadSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,001,545 | R--- | M] () -- \Program Files\Adobe\Acrobat 9.0\Acrobat\LMResources\CantChangeSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,001,639 | R--- | M] () -- \Program Files\Adobe\Acrobat 9.0\Acrobat\LMResources\InValidUpGradeSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,000,833 | R--- | M] () -- \Program Files\Adobe\Acrobat 9.0\Acrobat\LMResources\ReserializeAlert.exv
[2008.02.14 12:28:06 | 000,027,858 | R--- | M] () -- \Program Files\Adobe\Acrobat 9.0\Acrobat\LMResources\SerializationWF.exv
[2007.10.10 14:23:56 | 000,001,695 | R--- | M] () -- \Program Files\Adobe\Acrobat 9.0\Acrobat\LMResources\ar_AE\BadSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,001,567 | R--- | M] () -- \Program Files\Adobe\Acrobat 9.0\Acrobat\LMResources\ar_AE\CantChangeSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,001,661 | R--- | M] () -- \Program Files\Adobe\Acrobat 9.0\Acrobat\LMResources\ar_AE\InValidUpGradeSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,000,855 | R--- | M] () -- \Program Files\Adobe\Acrobat 9.0\Acrobat\LMResources\ar_AE\ReserializeAlert.exv
[2008.02.14 12:28:06 | 000,027,880 | R--- | M] () -- \Program Files\Adobe\Acrobat 9.0\Acrobat\LMResources\ar_AE\SerializationWF.exv
[2007.10.10 14:23:56 | 000,001,695 | R--- | M] () -- \Program Files\Adobe\Acrobat 9.0\Acrobat\LMResources\he_IL\BadSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,001,567 | R--- | M] () -- \Program Files\Adobe\Acrobat 9.0\Acrobat\LMResources\he_IL\CantChangeSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,001,661 | R--- | M] () -- \Program Files\Adobe\Acrobat 9.0\Acrobat\LMResources\he_IL\InValidUpGradeSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,000,855 | R--- | M] () -- \Program Files\Adobe\Acrobat 9.0\Acrobat\LMResources\he_IL\ReserializeAlert.exv
[2008.02.14 12:28:08 | 000,027,880 | R--- | M] () -- \Program Files\Adobe\Acrobat 9.0\Acrobat\LMResources\he_IL\SerializationWF.exv
[2008.08.28 16:40:42 | 000,001,673 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\LMResources\BadSerialNumberAlert.exv
[2008.08.28 16:40:42 | 000,001,561 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\LMResources\CantChangeSerialNumberAlert.exv
[2008.08.28 16:40:42 | 000,001,639 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\LMResources\InValidUpGradeSerialNumberAlert.exv
[2008.08.28 16:40:42 | 000,000,849 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\LMResources\ReserializeAlert.exv
[2008.08.28 16:40:42 | 000,027,443 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\LMResources\SerializationWF.exv
[2008.08.06 10:45:18 | 000,001,673 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\LMResources\BadSerialNumberAlert.exv
[2008.08.06 10:45:18 | 000,001,561 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\LMResources\CantChangeSerialNumberAlert.exv
[2008.08.06 10:45:18 | 000,001,639 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\LMResources\InValidUpGradeSerialNumberAlert.exv
[2008.08.06 10:45:18 | 000,000,849 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\LMResources\ReserializeAlert.exv
[2008.08.06 10:45:18 | 000,027,443 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\LMResources\SerializationWF.exv
[2008.09.10 17:25:28 | 000,001,673 | ---- | M] () -- \Program Files\Adobe\Adobe Dreamweaver CS4\LMResources\BadSerialNumberAlert.exv
[2008.09.10 17:25:28 | 000,001,561 | ---- | M] () -- \Program Files\Adobe\Adobe Dreamweaver CS4\LMResources\CantChangeSerialNumberAlert.exv
[2008.09.10 17:25:28 | 000,001,639 | ---- | M] () -- \Program Files\Adobe\Adobe Dreamweaver CS4\LMResources\InValidUpGradeSerialNumberAlert.exv
[2008.09.10 17:25:28 | 000,000,849 | ---- | M] () -- \Program Files\Adobe\Adobe Dreamweaver CS4\LMResources\ReserializeAlert.exv
[2008.09.10 17:25:28 | 000,027,443 | ---- | M] () -- \Program Files\Adobe\Adobe Dreamweaver CS4\LMResources\SerializationWF.exv
[2008.09.04 13:39:28 | 000,001,673 | ---- | M] () -- \Program Files\Adobe\Adobe Fireworks CS4\LMResources\BadSerialNumberAlert.exv
[2008.09.04 13:39:28 | 000,001,561 | ---- | M] () -- \Program Files\Adobe\Adobe Fireworks CS4\LMResources\CantChangeSerialNumberAlert.exv
[2008.09.04 13:39:30 | 000,001,639 | ---- | M] () -- \Program Files\Adobe\Adobe Fireworks CS4\LMResources\InValidUpGradeSerialNumberAlert.exv
[2008.09.04 13:39:30 | 000,000,849 | ---- | M] () -- \Program Files\Adobe\Adobe Fireworks CS4\LMResources\ReserializeAlert.exv
[2008.09.04 13:39:30 | 000,027,443 | ---- | M] () -- \Program Files\Adobe\Adobe Fireworks CS4\LMResources\SerializationWF.exv
[2008.02.26 21:34:16 | 000,001,673 | ---- | M] () -- \Program Files\Adobe\Adobe Flash CS4\LMResources\BadSerialNumberAlert.exv
[2008.05.03 02:44:26 | 000,001,561 | ---- | M] () -- \Program Files\Adobe\Adobe Flash CS4\LMResources\CantChangeSerialNumberAlert.exv
[2008.02.26 21:34:16 | 000,001,639 | ---- | M] () -- \Program Files\Adobe\Adobe Flash CS4\LMResources\InValidUpGradeSerialNumberAlert.exv
[2008.05.03 02:44:26 | 000,000,849 | ---- | M] () -- \Program Files\Adobe\Adobe Flash CS4\LMResources\ReserializeAlert.exv
[2008.04.24 18:42:30 | 000,027,443 | ---- | M] () -- \Program Files\Adobe\Adobe Flash CS4\LMResources\SerializationWF.exv
[2008.09.09 20:27:42 | 000,001,695 | ---- | M] () -- \Program Files\Adobe\Adobe Flash CS4\LMResources\ar_AE\BadSerialNumberAlert.exv
[2008.09.09 20:27:42 | 000,001,567 | ---- | M] () -- \Program Files\Adobe\Adobe Flash CS4\LMResources\ar_AE\CantChangeSerialNumberAlert.exv
[2008.09.09 20:27:42 | 000,001,661 | ---- | M] () -- \Program Files\Adobe\Adobe Flash CS4\LMResources\ar_AE\InValidUpGradeSerialNumberAlert.exv
[2008.09.09 20:27:42 | 000,000,855 | ---- | M] () -- \Program Files\Adobe\Adobe Flash CS4\LMResources\ar_AE\ReserializeAlert.exv
[2008.09.09 20:27:42 | 000,028,485 | ---- | M] () -- \Program Files\Adobe\Adobe Flash CS4\LMResources\ar_AE\SerializationWF.exv
[2008.09.09 20:27:44 | 000,001,695 | ---- | M] () -- \Program Files\Adobe\Adobe Flash CS4\LMResources\he_IL\BadSerialNumberAlert.exv
[2008.09.09 20:27:44 | 000,001,567 | ---- | M] () -- \Program Files\Adobe\Adobe Flash CS4\LMResources\he_IL\CantChangeSerialNumberAlert.exv
[2008.09.09 20:27:44 | 000,001,661 | ---- | M] () -- \Program Files\Adobe\Adobe Flash CS4\LMResources\he_IL\InValidUpGradeSerialNumberAlert.exv
[2008.09.09 20:27:44 | 000,000,855 | ---- | M] () -- \Program Files\Adobe\Adobe Flash CS4\LMResources\he_IL\ReserializeAlert.exv
[2008.09.09 20:27:44 | 000,028,485 | ---- | M] () -- \Program Files\Adobe\Adobe Flash CS4\LMResources\he_IL\SerializationWF.exv
[2008.09.18 00:44:18 | 000,001,673 | ---- | M] () -- \Program Files\Adobe\Adobe Illustrator CS4\Support Files\Contents\Windows\LMResources\BadSerialNumberAlert.exv
[2008.09.18 00:44:18 | 000,001,561 | ---- | M] () -- \Program Files\Adobe\Adobe Illustrator CS4\Support Files\Contents\Windows\LMResources\CantChangeSerialNumberAlert.exv
[2008.09.18 00:44:18 | 000,001,639 | ---- | M] () -- \Program Files\Adobe\Adobe Illustrator CS4\Support Files\Contents\Windows\LMResources\InValidUpGradeSerialNumberAlert.exv
[2008.09.18 00:44:18 | 000,000,849 | ---- | M] () -- \Program Files\Adobe\Adobe Illustrator CS4\Support Files\Contents\Windows\LMResources\ReserializeAlert.exv
[2008.09.18 00:44:18 | 000,027,443 | ---- | M] () -- \Program Files\Adobe\Adobe Illustrator CS4\Support Files\Contents\Windows\LMResources\SerializationWF.exv
[2008.02.26 20:34:16 | 000,001,673 | ---- | M] () -- \Program Files\Adobe\Adobe InDesign CS4\LMResources\BadSerialNumberAlert.exv
[2008.05.03 02:44:26 | 000,001,561 | ---- | M] () -- \Program Files\Adobe\Adobe InDesign CS4\LMResources\CantChangeSerialNumberAlert.exv
[2008.02.26 20:34:16 | 000,001,639 | ---- | M] () -- \Program Files\Adobe\Adobe InDesign CS4\LMResources\InValidUpGradeSerialNumberAlert.exv
[2008.05.03 02:44:26 | 000,000,849 | ---- | M] () -- \Program Files\Adobe\Adobe InDesign CS4\LMResources\ReserializeAlert.exv
[2008.04.24 18:42:30 | 000,027,443 | ---- | M] () -- \Program Files\Adobe\Adobe InDesign CS4\LMResources\SerializationWF.exv
[2008.09.19 04:10:54 | 000,001,673 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\lmresources\BadSerialNumberAlert.exv
[2008.09.19 04:10:54 | 000,001,561 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\lmresources\CantChangeSerialNumberAlert.exv
[2008.09.19 04:10:54 | 000,001,639 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\lmresources\InValidUpGradeSerialNumberAlert.exv
[2008.09.19 04:10:54 | 000,000,849 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\lmresources\ReserializeAlert.exv
[2008.09.19 04:10:54 | 000,027,443 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\lmresources\SerializationWF.exv
[2008.08.15 05:46:48 | 000,002,923 | ---- | M] () -- \Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\plugins\com.adobe.versioncue.serialization_4.0.0\com\adobe\versioncue\serialization\DeserializationFactory.class
[2008.08.15 05:46:22 | 000,000,384 | ---- | M] () -- \Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\plugins\com.adobe.versioncue.serialization_4.0.0\com\adobe\versioncue\serialization\IDeserializer.class
[2008.08.15 05:46:30 | 000,000,647 | ---- | M] () -- \Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\plugins\com.adobe.versioncue.serialization_4.0.0\com\adobe\versioncue\serialization\IMethodDeserializer.class
[2008.08.15 05:46:26 | 000,000,483 | ---- | M] () -- \Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\plugins\com.adobe.versioncue.serialization_4.0.0\com\adobe\versioncue\serialization\IMethodSerializer.class
[2008.08.15 05:46:40 | 000,000,291 | ---- | M] () -- \Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\plugins\com.adobe.versioncue.serialization_4.0.0\com\adobe\versioncue\serialization\ISerializationProgressMonitor.class
[2008.08.15 05:46:10 | 000,000,500 | ---- | M] () -- \Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\plugins\com.adobe.versioncue.serialization_4.0.0\com\adobe\versioncue\serialization\ISerializer.class
[2008.08.15 05:46:36 | 000,000,631 | ---- | M] () -- \Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\plugins\com.adobe.versioncue.serialization_4.0.0\com\adobe\versioncue\serialization\SerializationException.class
[2008.08.15 05:46:22 | 000,001,709 | ---- | M] () -- \Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\plugins\com.adobe.versioncue.serialization_4.0.0\com\adobe\versioncue\serialization\SerializationFactory.class
[2008.08.15 05:46:28 | 000,001,473 | ---- | M] () -- \Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\plugins\com.adobe.versioncue.serialization_4.0.0\com\adobe\versioncue\serialization\impl\Deserializer.class
[2008.08.15 05:46:26 | 000,000,974 | ---- | M] () -- \Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\plugins\com.adobe.versioncue.serialization_4.0.0\com\adobe\versioncue\serialization\impl\DeserializerWithHeader.class
[2008.08.15 05:46:30 | 000,002,279 | ---- | M] () -- \Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\plugins\com.adobe.versioncue.serialization_4.0.0\com\adobe\versioncue\serialization\impl\HeaderDeserializer.class
[2008.08.15 05:46:36 | 000,002,594 | ---- | M] () -- \Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\plugins\com.adobe.versioncue.serialization_4.0.0\com\adobe\versioncue\serialization\impl\HeaderSerializer.class
[2008.08.15 05:46:08 | 000,002,421 | ---- | M] () -- \Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\plugins\com.adobe.versioncue.serialization_4.0.0\com\adobe\versioncue\serialization\impl\MethodDeserializer$ExecutionParameterIterator.class
[2008.08.15 05:46:28 | 000,003,195 | ---- | M] () -- \Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\plugins\com.adobe.versioncue.serialization_4.0.0\com\adobe\versioncue\serialization\impl\MethodDeserializer.class
[2008.08.15 05:46:48 | 000,003,395 | ---- | M] () -- \Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\plugins\com.adobe.versioncue.serialization_4.0.0\com\adobe\versioncue\serialization\impl\MethodSerializer.class
[2008.08.15 05:46:16 | 000,001,202 | ---- | M] () -- \Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\plugins\com.adobe.versioncue.serialization_4.0.0\com\adobe\versioncue\serialization\impl\Serializer.class
[2008.08.15 05:46:28 | 000,001,247 | ---- | M] () -- \Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\plugins\com.adobe.versioncue.serialization_4.0.0\com\adobe\versioncue\serialization\impl\SerializerWithHeader.class
[2008.08.15 05:46:26 | 000,001,177 | ---- | M] () -- \Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\plugins\com.adobe.versioncue.wire.execution_4.0.0\com\adobe\versioncue\wire\execution\job\SerializationProgressMonitor.class
[2008.08.14 07:56:46 | 000,059,514 | ---- | M] () -- \Program Files\Common Files\Adobe\CS4ServiceManager\plugins\com.adobe.versioncue.serialization_4.0.0.jar
[2011.03.13 15:55:42 | 000,002,502 | ---- | M] () -- \Program Files\Common Files\Autodesk Shared\AdLM\R1\cs-CZ\Webdepot\RTSerialNumberHelp.html
[2013.03.27 16:17:42 | 000,020,992 | ---- | M] () -- \Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.XmlSerializers.dll
[2013.05.13 15:14:36 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20513.0\System.Runtime.Serialization.dll
[2013.07.10 14:27:22 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20513.0\System.Runtime.Serialization.ni.dll
[2012.10.06 12:54:25 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009.06.08 10:38:48 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.01.28 20:48:30 | 000,000,024 | ---- | M] () -- \Users\Mojda\AppData\Local\Google\Picasa2\cache\cacheindex_serial.pmp
[2012.03.17 21:39:57 | 000,000,000 | ---- | M] () -- \Users\Mojda\AppData\LocalLow\boost_interprocess\DDM0serviceCmdSerializeLock
[2009.06.10 14:14:16 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.08 10:38:48 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.06 12:54:25 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.01.10 17:10:24 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\428143857fa1c250d50ec55132dd8a2f\System.Runtime.Serialization.ni.dll
[2013.01.10 17:08:55 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\eb60d17f642ddd80e019687c1e02ba17\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.01.10 17:19:30 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\c058f32978bc7384cb6c27386770ce2d\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.01.10 17:19:23 | 002,637,312 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\cb18987e708b9658078ead051f693d16\System.Runtime.Serialization.ni.dll
[2013.02.13 15:53:04 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.02.13 15:53:02 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 14:14:16 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.06 12:54:26 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.20 05:06:18 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17514_hu-hu_1778ab4419ab99ad.manifest
[2010.11.20 05:00:14 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17514_nl-nl_28520112cd09eae9.manifest
[2010.11.20 05:09:30 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17514_sv-se_0bbde5ad62777806.manifest
[2010.11.20 05:54:04 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17514_zh-cn_493a46a2345c6076.manifest
[2010.11.05 03:52:39 | 000,970,752 | ---- | M] () -- \Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_c233d4df09982c29\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.13 18:38:14 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2009.07.13 18:39:44 | 000,009,728 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2009.07.14 04:09:30 | 000,010,240 | ---- | M] () -- \Windows\System32\drivers\en-US\serial.sys.mui
[2008.07.01 18:43:40 | 000,010,956 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\activserial.inf_x86_neutral_8ba58701de4bf7d6\activserial.cat
[2008.06.16 15:39:52 | 000,005,635 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\activserial.inf_x86_neutral_8ba58701de4bf7d6\activserial.inf
[2010.03.16 21:44:56 | 000,013,988 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\activserial.inf_x86_neutral_8ba58701de4bf7d6\activserial.PNF
[2009.07.14 00:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009.07.14 00:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2009.07.14 04:10:04 | 000,005,120 | ---- | M] () -- \Windows\System32\en-US\serialui.dll.mui
[2009.07.14 04:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 04:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2009.09.11 17:08:57 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 06:56:40 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b_serialui.dll.mui_7d29d2a3
[2009.07.14 04:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 03:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2012.10.06 20:07:20 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.17136_none_a6a4fe887487d009.manifest
[2012.10.06 20:58:54 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.21337_none_8fd740dc8e2f4a01.manifest
[2010.11.20 05:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2009.07.13 18:54:22 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2009.07.14 04:28:14 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2012.10.06 21:19:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_cs-cz_3450454183d3f023.manifest
[2012.10.06 19:14:05 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_en-us_8f6cbf57bf7f3b35.manifest
[2012.10.06 21:26:57 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_cs-cz_1d8287959d7b6a1b.manifest
[2012.10.06 19:18:21 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_en-us_789f01abd926b52d.manifest
[2009.07.14 03:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2012.10.06 20:11:48 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.17136_none_d6e834229c2ed13c.manifest
[2012.10.06 21:03:01 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.21337_none_c01a7676b5d64b34.manifest
[2010.11.20 05:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2009.07.14 03:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 03:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2009.07.14 03:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2012.10.06 20:09:38 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_dbc2dfefdd056b7e.manifest
[2012.10.06 21:00:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_c4f52243f6ace576.manifest
[2010.11.20 05:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 14:14:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2012.10.06 12:54:26 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.17136_none_a6a4fe887487d009\System.Runtime.Serialization.dll
[2012.10.06 12:57:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.21337_none_8fd740dc8e2f4a01\System.Runtime.Serialization.dll
[2009.06.08 10:38:48 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2009.06.08 10:38:48 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_cs-cz_3450454183d3f023\System.RunTime.Serialization.Resources.dll
[2009.06.08 10:38:48 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_cs-cz_1d8287959d7b6a1b\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2012.10.06 12:54:25 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.17136_none_d6e834229c2ed13c\System.Runtime.Serialization.dll
[2012.10.06 12:57:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.21337_none_c01a7676b5d64b34\System.Runtime.Serialization.dll
[2009.07.14 00:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2009.06.10 14:14:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c002c1170ca9a88f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.13 18:38:14 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 04:10:04 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.06.08 10:38:48 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2009.07.13 18:39:44 | 000,009,728 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c48c78a9ad8ff996\serial.sys.mui
[2009.07.14 04:09:30 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_07e2c405948a55f4\serial.sys.mui
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009.07.14 00:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2012.10.06 12:54:25 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_dbc2dfefdd056b7e\System.Runtime.Serialization.dll
[2012.10.06 12:57:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_c4f52243f6ace576\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT

< End of report >

James29 · #5 Příspěvek od **James29** » 06 srp 2013 15:59

OTL Extras logfile created on: 6.8.2013 15:03:12 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mojda\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 1,78 Gb Available Physical Memory | 59,40% Memory free
6,00 Gb Paging File | 4,61 Gb Available in Paging File | 76,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 13,27 Gb Free Space | 8,91% Space Free | Partition Type: NTFS
Drive D: | 149,05 Gb Total Space | 14,46 Gb Free Space | 9,70% Space Free | Partition Type: NTFS

Computer Name: MOJDA-PC | User Name: Mojda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2315390885-2291023885-1116521741-1002\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02A9D814-4393-4794-A21F-D827DB067CB9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0991DF70-6C3C-4D63-B512-194ED6D44758}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{1CC08AD4-C59F-441D-804F-BDEA90763C24}" = lport=51001 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{20ABCEFE-76D0-4CE3-8DBA-5BE20D7E1379}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3283787D-744D-4164-86D9-557B1A6C039B}" = lport=10243 | protocol=6 | dir=in | app=system |
"{33512FC2-A47F-42E3-8BAB-2E82DD7DA2AA}" = rport=138 | protocol=17 | dir=out | app=system |
"{3A7AA132-9D72-4F04-B3D0-837EFE23E161}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{439C7B81-E669-438E-90BB-73010B86C8DD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4C8FDE8E-C3DD-4900-AFB8-3644AE3192EB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{54C0D0D6-4830-405B-BEE2-1D3978AFB500}" = lport=2869 | protocol=6 | dir=in | app=system |
"{575A0C3A-245F-426F-9CE7-AF4820DE32B5}" = rport=137 | protocol=17 | dir=out | app=system |
"{5FC5B8B7-B79D-4D79-A490-DCCAF49B5397}" = lport=3704 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{6F29A8C0-E980-45BD-90E5-0C1CC1055C4C}" = lport=138 | protocol=17 | dir=in | app=system |
"{6FF034D3-102D-4588-84E5-525869BA770A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{7BF20FB6-883B-4234-B784-74723D5B1059}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8ACC7183-838C-4C19-9487-6266D5956C15}" = lport=51000 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{90A3FA24-ACE1-4ECC-830C-33DC3E7C8663}" = rport=139 | protocol=6 | dir=out | app=system |
"{937745B5-EFA9-4249-B839-8C27656E096C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{9EC85AE0-AE71-43E8-BBFD-4B826B64C1C9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{9FB8107E-DE3A-4017-8E82-743E214FB7EA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A3F1A0B9-7583-4177-B237-C25A25AC7B0E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AED61295-C0CE-45AE-A0D4-DB46BE9696DD}" = lport=3703 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{B1092A1E-557F-45D2-95BB-DB00F63854BF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B6CBED48-A853-4097-8138-B9646CF02CB0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BDE2CF47-2AF4-48A4-A379-DD43C48D440B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{C1BCC362-3536-429A-B4CA-5F99543DEAC0}" = lport=445 | protocol=6 | dir=in | app=system |
"{CEA9DBFD-E5FE-4D39-A4C9-753BC05CA3EB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E0F6E2F6-3608-4256-B2D1-0BB3BCBA2DDD}" = rport=445 | protocol=6 | dir=out | app=system |
"{E4694FA0-8F78-4D5C-BB1E-3A456687E4C3}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E6928DE4-6573-4D1D-A93E-39B82E434095}" = lport=139 | protocol=6 | dir=in | app=system |
"{E87CAC42-64A8-4CC8-98BB-882AF1FFA589}" = lport=137 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{070B228F-E624-4E75-9F5F-A13B77411EDA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{113828AE-5BF4-43D5-857F-58061E59B16C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1146A293-EC59-4358-8FF5-CF2EA11452B0}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{1455D451-18B7-46EA-B062-23584EC69AF1}" = protocol=6 | dir=in | app=c:\program files\bitspirit\bitspirit.exe |
"{14CDDCED-DBD0-4A4C-B51E-7AC2C21EB2E4}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{18A43AA8-6F59-4063-A336-90B5450D23F1}" = protocol=17 | dir=in | app=c:\program files\icq7.7\icq.exe |
"{1B24EEFC-911E-4198-B8C9-4A3FA5E51189}" = protocol=17 | dir=in | app=c:\program files\microsoft games\zoo tycoon 2\zt.exe |
"{29B8700B-BE7B-4667-9469-72619969DF11}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3B23B231-E2E9-4D43-BB81-D6A5EC3E79D5}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{3BDD3FAF-7B1E-43D8-83E9-47F490BC35D6}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{49611E1C-3214-4F1A-8E0B-6298C195D246}" = dir=in | app=c:\program files\nokia\nokia suite\nokiasuite.exe |
"{4BD13D9B-7E10-4921-BDB1-04B38FB99FBF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{53B1DF1E-088A-468C-853B-3C63A4B80EF7}" = protocol=6 | dir=out | app=system |
"{58D21892-7D45-43B0-A426-353EE92E5776}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5A61FBCD-A5C8-41D8-846A-0540EBAB3B96}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5E691677-E4B5-451B-839C-FEC69AB8F219}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5F03CD58-844D-498E-A7CB-6181C55C964C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{61118520-9CC2-4146-BA64-8AF76B1DCA05}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
"{68566614-F1D8-441E-A60F-68EE63524B3D}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{7048C531-C8DD-4937-A030-E11DDE0721C0}" = protocol=6 | dir=in | app=c:\program files\icq7.7\icq.exe |
"{7470D767-020B-4610-A482-BB8A6E0AB7A8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{75C2AF58-63D3-4B23-876B-516E4A763F85}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7BA8BBBB-1310-40EA-AA8D-05137663BC47}" = protocol=6 | dir=in | app=c:\program files\microsoft games\zoo tycoon 2\zt.exe |
"{85AC09A4-69A8-4921-BDEF-7AE839030C7E}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{89DFC4E6-2D2D-42A4-BFEA-4281EE540120}" = protocol=17 | dir=in | app=c:\program files\icq7.7\icq.exe |
"{8ED49D7D-4128-4185-B74C-7399298C4E85}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{978E2236-6A4C-4EC8-B505-FD6FF43F48F6}" = protocol=6 | dir=in | app=c:\program files\icq7.7\icq.exe |
"{98A591BE-C239-45B7-A683-B81B0AFEE323}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
"{A0E51DAC-15A4-44F4-93CE-6A693B7DC7BF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{A5DB2BB3-0A01-4743-BDF1-9FE62A7563DF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AA1C4D87-5195-41B3-BC51-54C3BDBE32EF}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AB390CD3-1858-450F-8CBE-86329AAEBB27}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{ABAD2B55-B9EA-4516-A1A7-5D29B82ED1CB}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{B766A129-9D0D-42DF-B1D3-0FFBB16442BF}" = protocol=17 | dir=in | app=c:\program files\bitspirit\bitspirit.exe |
"{BAF39AD8-BD3C-42AA-AF54-E4CFAB3ADC9D}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{BC9061E0-8FA7-4249-99FA-A49080C9EEC5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C256CB6A-5961-4F62-BA75-3CEFC7E2D8EE}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{DC831B46-747A-478A-A155-0DA2FDB08D69}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E2B2FE4D-84A8-403C-BD81-BF7AE75231D2}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{E340CD38-0839-4CBF-8797-179964A7A6C0}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{ED6183F3-A425-4939-BFCA-3CF0BFC98F8B}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{F6E14064-2FC2-43C1-84BD-5A7BC3045410}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{F6FCCCE3-3BB9-41AC-BA31-86C2C51B337B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FAED2334-DC69-4F59-BAFD-8CAB71198CCB}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FEB2E5C2-E56E-4D5A-BA74-CEC09BEB95E3}" = protocol=58 | dir=in | app=system |
"TCP Query User{29C2CFA5-1D57-440B-A24F-FB7FC575B193}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{5D01F540-5F32-4E2F-8215-CCAC4E8DB524}C:\program files\bitspirit\bitspirit.exe" = protocol=6 | dir=in | app=c:\program files\bitspirit\bitspirit.exe |
"TCP Query User{7F3E7493-2F66-406B-83AF-1AEAA72DF481}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{A10B911F-559E-4D41-8754-F07D01FB8BE0}I:\bitspirit\bitspirit.exe" = protocol=6 | dir=in | app=i:\bitspirit\bitspirit.exe |
"TCP Query User{C831D4E8-25F0-4821-8C0B-C6828248B850}C:\program files\icq7.4\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"TCP Query User{C9FBAC42-88B1-47BE-A006-F71B733E2F4E}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{CAA27B83-018F-46B9-9878-5C6A771160DE}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{4E92BAA7-70A3-4EF7-91E8-8CE10A19F6D0}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{62627430-4787-46A9-AE81-2D125DDC8C16}C:\program files\bitspirit\bitspirit.exe" = protocol=17 | dir=in | app=c:\program files\bitspirit\bitspirit.exe |
"UDP Query User{7B1DE501-B6A0-4271-897F-FCD4B99EC8BF}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{7FA1D989-8DE3-40D4-9719-87191CFB19FE}I:\bitspirit\bitspirit.exe" = protocol=17 | dir=in | app=i:\bitspirit\bitspirit.exe |
"UDP Query User{A3E02FAD-4486-4E6A-A186-36A136ECB8CE}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{B222A724-802E-440B-BFA4-AC6223125773}C:\program files\icq7.4\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
"UDP Query User{D0E884C7-4503-40B8-AC25-F299626D43C5}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04022AA7-40C7-4ABD-8733-745DC751E12D}" = ActivInspire Help (CZE) v1
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19E3AF7F-D6A6-49D0-821F-07A001B5E712}" = TOPO Czech 2012
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{24BA79B5-53F9-475C-9D49-EC4BDE8B09CF}" = Notebook Interactive Viewer
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 24
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 25
"{26A24AE4-039D-4CA4-87B4-2F83217021F0}" = Java 7 Update 21
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{30A68EDA-53FA-43B5-8007-D18ED1F61659}" = PCWheel
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33583329-2FA9-4755-9540-6D6665B7689A}_is1" = I-Učebnice demo odinstalace
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{425AD62D-5B16-494C-8AAB-6B3D0CF2527A}" = Adobe Setup
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{45D4F727-43B5-49CD-B474-B9866A8F4FB8}" = Nokia Map Loader
"{463F67F4-58D0-4C0D-BBC9-D0CC4E56D1B8}" = Windows Live UX Platform Language Pack
"{47C6F987-685A-41AE-B092-E75B277AEE39}" = Adobe Flash CS4 Extension - Flash Lite STI others
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5783F2D7-5001-0405-0002-0060B0CE6BBA}" = AutoCAD 2007 - Český
"{5783F2D7-9001-0405-0002-0060B0CE6BBA}" = AutoCAD 2011 - česky
"{5783F2D7-9001-0405-1002-0060B0CE6BBA}" = AutoCAD 2011 Language Pack - česky
"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{620FD003-0900-4A9B-8C57-B862B9CE77C9}" = Dokumenty aplikace Activstudio (CZE) v3.7.1
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65135558-F1AE-4B9B-8C0B-180730ACA261}" = Garmin Express
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6FA1D6BE-12DF-4C6F-98F5-A2EFFB9893E3}" = ESET NOD32 Antivirus
"{6FE771D8-9290-4A08-A8E3-DAB2B404532E}" = BrowseToSave
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7130468A-F53F-4698-8C09-A339EA3B05E6}" = Nokia Software Updater
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79361740-EAE3-11E2-9911-B8AC6F98CCE3}" = Google Earth Plug-in
"{7964AE02-9127-42C0-A917-2CE4CD4EFE3B}" = Nokia Suite
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{7FE84B67-1C14-42E1-8749-101A0B0B7B34}" = ATLAS Czech 2013 NT
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83744391-B5A4-40E3-8A7D-E8BF39CB00ED}" = Adobe Creative Suite 4 Design Premium
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{876AB032-B2A4-41FF-AF87-DBC78454C1B0}" = Garmin Update Service
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A30D5C0-BD4A-4E65-AADF-20A457DE6D38}" = Windows Live Family Safety
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{929B1254-D7F9-403A-8234-EE348E448820}" = Activstudio Professional Edition v3.7
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{93765DFA-8A67-41FB-9FC0-B12341CA65F3}" = Elevated Installer
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{9814C90D-FA89-4633-BBD2-C034C34126D2}" = Activdriver v4.1.14
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-1029-4770-7760-000000000004}" = Adobe Acrobat 9 Pro - Czech, Hungarian, Polish, Slovak
"{AC76BA86-1029-4770-7760-000000000004}_955" = Adobe Acrobat 9.5.5 - CPSID_83708
"{AC76BA86-1029-4770-7760-000000000004}{AC76BA86-1029-4770-7760-000000000004}" = Adobe Acrobat 9 Pro - Czech, Hungarian, Polish, Slovak
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 307.83
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 307.83
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BD3374D3-C2E6-42B7-A80B-E850B6886246}" = Adobe Flash CS4 STI-other
"{C233BCC3-29C4-49C0-B955-0A94509FC4FC}" = Garmin Express Tray
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C72D7008-266D-4DD8-BF3C-296B736127F6}" = Mafia
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CD1E078C-A6B9-47DA-B035-6365C85C7832}" = Autodesk Material Library 2011 Base Image library
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D0D14551-3A2D-433B-861F-F4DCE5422759}" = Nokia PC Suite
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{DA5B2BDC-F654-4A88-A669-4D34BC7846A1}" = PC Connectivity Solution
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.1.19.365
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{DEDB47A3-C988-4A43-A645-E2CEA571E680}" = Epson Easy Photo Print 2
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}" = LightScribe System Software
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{e47a5c85-88a2-47d2-b380-fc2e763c2e6d}" = Garmin Express
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2376B44-8C25-43B8-B842-82548D95A64D}" = Nápověda pro aplikaci Activstudio (CZE) v3.6.1
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F75E627A-4CBE-4D45-8E27-BEEBC3D0FBB2}" = Prostředky produktu Activstudio (CZE) v3.6.1
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"µTorrent CZ_is1" = µTorrent CZ 1.8.4 (build 16442)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"A5F5C05F-717B-73C4-3160-2ABA7041614D" = Esmska
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_b421102ce31f2649ef3785f2a17166f" = Adobe Creative Suite 4 Design Premium
"Any DWG DXF Converter_is1" = Any DWG DXF Converter 2013
"AutoCAD 2011 - česky" = AutoCAD 2011 - česky
"Autodesk DWF Viewer" = Autodesk DWF Viewer
"CCleaner" = CCleaner (remove only)
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup" = DivX Setup
"DScaler 5 Mpeg Decoders_is1" = DScaler 5 Mpeg Decoders
"EPSON Scanner" = EPSON Scan
"EPSON Stylus SX100_TX100 Uživatelská příručka" = EPSON Stylus SX100_TX100 Manuál
"GOM Player" = GOM Player
"Guard.Mail.ru" = Guard.ICQ
"HijackThis" = HijackThis 2.0.2
"hotpot_is1" = HotPotatoes v 6.3.0.4
"ImgBurn" = ImgBurn
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 22.0 (x86 cs)" = Mozilla Firefox 22.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nokia PC Suite" = Nokia PC Suite
"Nokia Suite" = Nokia Suite
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Optimizer Pro_is1" = Optimizer Pro v3.0
"OptimizerPro" = OptimizerPro
"Picasa 3" = Picasa 3
"PunkBusterSvc" = PunkBuster Services
"Settlers II Gold Edition CZ (DOSBox 0.74 emulace)" = Settlers II Gold Edition CZ (DOSBox 0.74 emulace)
"Shockwave" = Shockwave
"SP_48c708f2" =
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"UnderCoverXP_is1" = UnderCoverXP 1.22
"VLC media player" = VLC media player 1.0.5
"Werkzeuge studio d" = Werkzeuge studio d
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Zoo Tycoon 2" = Zoo Tycoon 2
"Zoo Tycoon 2 Patch" = Zoo Tycoon 2 Patch

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2315390885-2291023885-1116521741-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 5.8.2013 21:19:22 | Computer Name = Mojda-PC | Source = OptimizerProUpdater | ID = 0
Description =

Error - 5.8.2013 21:20:07 | Computer Name = Mojda-PC | Source = OptimizerProUpdater | ID = 0
Description =

Error - 6.8.2013 3:03:33 | Computer Name = Mojda-PC | Source = Winlogon | ID = 4103
Description = Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.

Error - 6.8.2013 3:54:59 | Computer Name = Mojda-PC | Source = OptimizerProUpdater | ID = 0
Description =

Error - 6.8.2013 3:55:12 | Computer Name = Mojda-PC | Source = OptimizerProUpdater | ID = 0
Description =

Error - 6.8.2013 6:28:39 | Computer Name = Mojda-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\Program Files\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku 3. Hodnota
MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu version
v prvku assemblyIdentity je neplatná.

Error - 6.8.2013 6:29:36 | Computer Name = Mojda-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Nokia\Nokia PC Suite
7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 6.8.2013 8:06:59 | Computer Name = Mojda-PC | Source = Winlogon | ID = 4103
Description = Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.

Error - 6.8.2013 9:14:56 | Computer Name = Mojda-PC | Source = OptimizerProUpdater | ID = 0
Description =

Error - 6.8.2013 9:14:58 | Computer Name = Mojda-PC | Source = OptimizerProUpdater | ID = 0
Description =

[ Media Center Events ]
Error - 5.10.2011 16:47:28 | Computer Name = Mojda-PC | Source = MCUpdate | ID = 0
Description = 22:47:28 - Error connecting to the internet. 22:47:28 - Unable
to contact server..

Error - 5.10.2011 16:48:22 | Computer Name = Mojda-PC | Source = MCUpdate | ID = 0
Description = 22:48:15 - Error connecting to the internet. 22:48:15 - Unable
to contact server..

Error - 5.10.2011 17:49:16 | Computer Name = Mojda-PC | Source = MCUpdate | ID = 0
Description = 23:49:16 - Error connecting to the internet. 23:49:16 - Unable
to contact server..

Error - 5.10.2011 17:50:07 | Computer Name = Mojda-PC | Source = MCUpdate | ID = 0
Description = 23:50:03 - Error connecting to the internet. 23:50:03 - Unable
to contact server..

Error - 5.10.2011 22:08:58 | Computer Name = Mojda-PC | Source = MCUpdate | ID = 0
Description = 4:08:55 - Error connecting to the internet. 4:08:57 - Unable to
contact server..

Error - 5.10.2011 22:09:57 | Computer Name = Mojda-PC | Source = MCUpdate | ID = 0
Description = 4:09:46 - Error connecting to the internet. 4:09:46 - Unable to
contact server..

Error - 6.10.2011 6:31:09 | Computer Name = Mojda-PC | Source = MCUpdate | ID = 0
Description = 12:31:09 - Error connecting to the internet. 12:31:09 - Unable
to contact server..

Error - 6.10.2011 6:32:02 | Computer Name = Mojda-PC | Source = MCUpdate | ID = 0
Description = 12:31:56 - Error connecting to the internet. 12:31:56 - Unable
to contact server..

Error - 6.10.2011 16:46:33 | Computer Name = Mojda-PC | Source = MCUpdate | ID = 0
Description = 22:46:33 - Error connecting to the internet. 22:46:33 - Unable
to contact server..

Error - 6.10.2011 16:47:27 | Computer Name = Mojda-PC | Source = MCUpdate | ID = 0
Description = 22:47:20 - Error connecting to the internet. 22:47:20 - Unable
to contact server..

[ System Events ]
Error - 5.8.2013 17:22:09 | Computer Name = Mojda-PC | Source = DCOM | ID = 10001
Description =

Error - 6.8.2013 3:03:32 | Computer Name = Mojda-PC | Source = Application Popup | ID = 875
Description = Načtení ovladače atksgt.sys je blokováno.

Error - 6.8.2013 3:03:32 | Computer Name = Mojda-PC | Source = Service Control Manager | ID = 7000
Description = Služba atksgt neuspěla při spuštění v důsledku následující chyby:
%%1275

Error - 6.8.2013 3:04:04 | Computer Name = Mojda-PC | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 6.8.2013 3:04:20 | Computer Name = Mojda-PC | Source = DCOM | ID = 10001
Description =

Error - 6.8.2013 8:06:44 | Computer Name = Mojda-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (12:55:25, ?6.?8.?2013) bylo neočekávané.

Error - 6.8.2013 8:06:59 | Computer Name = Mojda-PC | Source = Application Popup | ID = 875
Description = Načtení ovladače atksgt.sys je blokováno.

Error - 6.8.2013 8:06:59 | Computer Name = Mojda-PC | Source = Service Control Manager | ID = 7000
Description = Služba atksgt neuspěla při spuštění v důsledku následující chyby:
%%1275

Error - 6.8.2013 8:07:34 | Computer Name = Mojda-PC | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 6.8.2013 8:08:27 | Computer Name = Mojda-PC | Source = DCOM | ID = 10001
Description =

< End of report >

#6 Příspěvek od **Márty84** » 06 srp 2013 23:45

Jen se jeste zeptam, jak je to s legalitou office a taky systemu? Ultimate neni zrovna bezna domaci verze

Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

15.9. pro neaktivitu

http://forum.viry.cz/viewtopic.php?f=12&t=123975

VIRY.CZ

preventivka

preventivka

Re: preventivka

Re: preventivka

Re: preventivka

Re: preventivka

Re: preventivka