druha polovica
< MD5 for: SMSS.EXE >
[2008/01/21 03:23:50 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009/04/11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\System32\smss.exe
[2009/04/11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe
< MD5 for: SVCHOST.EXE >
[2008/01/21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\ERDNT\cache\svchost.exe
[2008/01/21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
< MD5 for: TCPIP.SYS >
[2009/07/27 16:52:12 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009/04/11 07:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2011/09/20 22:02:55 | 000,913,280 | ---- | M] (Microsoft Corporation) MD5=16731B631F28F63CD9F4CB60940E7DDD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_b58c64c97caa1c43\tcpip.sys
[2009/08/15 22:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009/08/14 18:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2009/08/14 15:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2010/06/16 16:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009/08/14 17:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2010/06/16 17:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2010/06/16 16:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2011/09/20 22:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\ERDNT\cache\tcpip.sys
[2011/09/20 22:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\System32\drivers\tcpip.sys
[2011/09/20 22:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_b502c618638c7f52\tcpip.sys
[2009/07/27 16:52:12 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009/08/14 18:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010/06/16 17:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2008/01/21 03:25:03 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009/08/14 17:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe
[2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\ERDNT\cache\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2_32.DLL >
[2008/01/21 03:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\ERDNT\cache\ws2_32.dll
[2008/01/21 03:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll
[2008/01/21 03:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[8 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> ]
[1 C:\Windows\twain_32\*.tmp files -> C:\Windows\twain_32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011/08/08 14:45:10 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\ACD Systems
[2012/11/04 21:42:58 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\Adobe
[2011/08/10 15:34:29 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\Argonyt
[2012/11/12 09:16:56 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\dvdcss
[2013/03/06 07:49:27 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\foobar2000
[2011/12/17 11:49:20 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\GlarySoft
[2011/08/08 14:39:42 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\HEXelon
[2013/04/15 19:27:38 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\HP
[2012/05/12 20:07:10 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\ICQ
[2011/07/31 13:06:07 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\Identities
[2011/07/31 13:07:11 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\Macromedia
[2011/12/17 11:46:32 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\Malwarebytes
[2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\Media Center Programs
[2012/10/11 11:30:15 | 000,000,000 | --SD | M] -- C:\Users\Dida\AppData\Roaming\Microsoft
[2011/08/08 14:52:28 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\Mozilla
[2012/01/15 19:14:01 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\My Battle for Middle-earth Files
[2011/08/08 16:12:06 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\Nero
[2011/08/08 14:53:44 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\Opera
[2012/03/22 20:37:41 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\PC Suite
[2013/08/26 18:22:10 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\Samsung
[2013/01/24 02:35:41 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\Skype
[2013/01/24 00:01:34 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\skypePM
[2011/08/24 11:22:23 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\Unity
[2013/11/02 10:05:10 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\vlc
[2014/01/09 17:28:39 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\Winamp
[2011/08/14 11:59:44 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2011/08/10 15:04:37 | 000,011,264 | R--- | M] () -- C:\Users\Dida\AppData\Roaming\Microsoft\Installer\{08E9C35A-A0AE-43FA-AEA1-E4F58A87FBD1}\Icon7BD91693.exe
[2011/08/10 15:04:37 | 000,018,944 | R--- | M] () -- C:\Users\Dida\AppData\Roaming\Microsoft\Installer\{08E9C35A-A0AE-43FA-AEA1-E4F58A87FBD1}\Icon7BD916931.exe
[2013/01/02 12:10:36 | 000,010,134 | R--- | M] () -- C:\Users\Dida\AppData\Roaming\Microsoft\Installer\{93D81091-3E67-4791-A84E-1F8B339A7B01}\ARPPRODUCTICON.exe
[2013/01/02 12:10:36 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Dida\AppData\Roaming\Microsoft\Installer\{93D81091-3E67-4791-A84E-1F8B339A7B01}\NewShortcut11_93D810913E674791A84E1F8B339A7B01_2.exe
[2013/01/02 12:10:36 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Dida\AppData\Roaming\Microsoft\Installer\{93D81091-3E67-4791-A84E-1F8B339A7B01}\NewShortcut1_93D810913E674791A84E1F8B339A7B01_2.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2006/11/02 10:46:04 | 000,380,957 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\expsrv.dll
[2011/03/10 18:03:51 | 001,136,640 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\mfc42.dll
[2008/01/21 03:24:11 | 001,386,496 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\msvbvm60.dll
[2013/12/25 09:03:02 | 000,632,656 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\msvcr80.dll
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2008/01/21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008/01/21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008/01/21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\system32\*.dll /lockedfiles >
[2006/11/02 10:46:04 | 000,380,957 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\expsrv.dll
[2011/03/10 18:03:51 | 001,136,640 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\mfc42.dll
[2008/01/21 03:24:11 | 001,386,496 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\msvbvm60.dll
[2013/12/25 09:03:02 | 000,632,656 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\msvcr80.dll
< %systemroot%\system32\drivers\*.sys /3 >
[2014/01/11 23:04:50 | 000,074,456 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\system32\drivers\mbamchameleon.sys
[2014/01/11 23:06:12 | 000,104,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\system32\drivers\MBAMSwissArmy.sys
< %systemroot%\system32\*.* /3 >
[2014/01/12 09:03:59 | 000,003,616 | ---- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/12 09:03:59 | 000,003,616 | ---- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/11 22:32:12 | 000,045,056 | ---- | M] () -- C:\Windows\system32\acovcnt.exe
[2014/01/10 15:49:46 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2014/01/10 15:49:46 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2014/01/11 22:38:34 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\Windows\system32\rpcnet.dll
[2014/01/12 09:04:00 | 000,017,408 | ---- | M] () -- C:\Windows\system32\rpcnetp.exe
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"RocketDock" = "C:\Program Files\RocketDock\RocketDock.exe" -- [2007/09/02 12:58:52 | 000,495,616 | ---- | M] ()
"ehTray.exe" = C:\Windows\ehome\ehTray.exe -- [2008/01/21 03:25:11 | 000,125,952 | ---- | M] (Microsoft Corporation)
"Adrvworks" = regsvr32.exe -- [2006/11/02 10:45:35 | 000,014,336 | ---- | M] (Microsoft Corporation)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014/01/12 10:19:30 | 000,000,512 | ---- | M] () MD5=12562ED7EE1CC5EFDBDCF71D0210708A -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2002/05/30 19:16:22 | 000,013,160 | ---- | M] () -- \Program Files\Stronghold Crusader\gm\cracks.gm1
[2010/05/29 21:41:56 | 000,114,899 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\site-packages\numpy\f2py\crackfortran.py
[2012/07/19 18:03:37 | 022,481,186 | ---- | M] () -- \Users\Dida\Desktop\kubi\KUBIK\Diagnostika-na-auto+crack.rar
< *keygen* /s >
< *AntiWPA* /s >
< *loader* /s >
[2011/08/24 07:35:10 | 000,819,200 | ---- | M] () -- \AdwCleaner\Quarantine\C\Program Files\iMesh Applications\iMesh\BerkeleyLoader.dll.vir
[2011/08/24 07:35:10 | 003,552,808 | ---- | M] () -- \AdwCleaner\Quarantine\C\Program Files\iMesh Applications\iMesh\ImageUploader5.ocx.vir
[2012/12/07 07:55:04 | 000,006,820 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Dida\AppData\Roaming\Mozilla\Firefox\Profiles\6jnax4f7.default\Extensions\{377e5d4d-77e5-476a-8716-7e70a9272da0}\chrome\skin\lib\panels\images\ajax-loader.gif.vir
[2012/11/13 02:14:50 | 000,001,622 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Dida\AppData\Roaming\Mozilla\Firefox\Profiles\6jnax4f7.default\Extensions\ffxtlbr@mixidj.com\content\loader.xul.vir
[2009/10/22 00:01:42 | 000,249,672 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2009/10/22 00:01:42 | 000,018,248 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2007/11/06 01:50:44 | 000,042,304 | ---- | M] () -- \Program Files\HP\Digital Imaging\Smart Web Printing\RsrcLoaderLib.dll
[2011/08/08 14:55:31 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011/08/08 14:55:32 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011/08/08 14:55:31 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\MUICoreLib\xtraLoader.swf
[2012/03/07 18:57:37 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\profile_lightboxs\preloader.html
[2009/11/14 17:08:18 | 000,105,036 | ---- | M] () -- \Program Files\RocketDock\Icons\Ikony\green and black\downloader icon.png
[2010/03/06 09:24:56 | 000,003,614 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\etc\gtk-2.0\gdk-pixbuf.loaders
[2010/03/06 09:24:56 | 000,030,804 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2010/03/06 09:24:56 | 000,027,898 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2010/03/06 09:24:56 | 000,042,058 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2010/03/06 09:24:56 | 000,023,145 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2010/03/06 09:24:56 | 000,028,692 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2010/03/06 09:24:56 | 000,034,496 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2010/03/06 09:24:56 | 000,022,435 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2010/03/06 09:24:56 | 000,036,528 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2010/03/06 09:24:56 | 000,026,252 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2010/03/06 09:24:56 | 000,020,063 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2010/03/06 09:24:56 | 000,024,412 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2010/03/06 09:24:56 | 000,029,401 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2010/03/06 09:24:56 | 000,019,399 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2010/03/06 09:24:56 | 000,025,270 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2010/03/06 09:24:56 | 000,042,114 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2010/03/06 09:24:56 | 000,018,909 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2010/08/16 10:41:40 | 000,032,958 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\site-packages\sk1libs\filters\import\ailoader.py
[2010/08/16 10:41:40 | 000,001,847 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\site-packages\sk1libs\filters\import\bziploader.py
[2010/08/16 10:41:40 | 000,057,685 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\site-packages\sk1libs\filters\import\ccxloader.py
[2010/08/16 10:41:40 | 000,029,336 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cdrloader.py
[2010/08/16 10:41:40 | 000,001,341 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cdrziploader.py
[2010/08/16 10:41:40 | 000,028,643 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cgmloader.py
[2010/08/16 10:41:40 | 000,055,918 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cmxloader.py
[2010/08/16 10:41:40 | 000,038,308 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\site-packages\sk1libs\filters\import\dxfloader.py
[2010/08/16 10:41:40 | 000,001,949 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\site-packages\sk1libs\filters\import\gziploader.py
[2010/08/16 10:41:40 | 000,007,779 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\site-packages\sk1libs\filters\import\pltloader.py
[2010/08/16 10:41:40 | 000,017,301 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\site-packages\sk1libs\filters\import\sk1loader.py
[2010/08/16 10:41:40 | 000,015,416 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\site-packages\sk1libs\filters\import\skloader.py
[2010/08/16 10:41:40 | 000,015,832 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\site-packages\sk1libs\filters\import\stitchloader.py
[2010/08/16 10:41:40 | 000,038,937 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\site-packages\sk1libs\filters\import\svgloader.py
[2010/08/16 10:41:40 | 000,014,300 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\site-packages\sk1libs\filters\import\wmfloader.py
[2010/08/16 10:41:40 | 000,017,550 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\site-packages\sk1libs\filters\import\xfigloader.py
[2011/02/27 22:18:28 | 000,015,858 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\OperaUSB\profile\widgets\fastesttube-youtube-video-downloader-1.0.1-1.oex
[2008/02/25 07:05:22 | 000,856,064 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\TheKMPlayer\ImLoader.dll
[2008/02/25 07:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2010/03/15 10:28:24 | 000,045,056 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2008/01/21 03:23:37 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2008/01/21 03:26:53 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_en-us_7698ba05e403d673.manifest
[2008/01/21 03:26:53 | 000,026,112 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_en-us_7698ba05e403d673_winload.exe.mui_3bc5b827
[2008/01/21 03:26:53 | 000,019,456 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_en-us_7698ba05e403d673_winresume.exe.mui_ff8b5358
[2011/12/17 15:26:41 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2011/12/17 15:26:41 | 000,986,600 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winload.exe_75835076
[2011/12/17 15:26:41 | 000,926,184 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winresume.exe_85cd1215
[2008/01/21 03:26:48 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2008/01/21 03:26:48 | 000,021,048 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2_spldr.sys_98bd87a0
[2009/07/27 16:45:27 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_de-de_cb9c6772f81a418b.manifest
[2009/07/27 16:45:24 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50.manifest
[2009/07/27 16:45:22 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_es-es_74589a4fe71f3ef5.manifest
[2009/07/27 16:45:25 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_fr-fr_1710104ed9f15557.manifest
[2009/07/27 16:45:22 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_it-it_01380695b1233ad5.manifest
[2009/07/27 16:45:23 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_ja-jp_a35d85a2a43e4cb0.manifest
[2009/07/27 16:45:28 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_nl-nl_2d992eca70004957.manifest
[2009/07/27 16:45:26 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_de-de_cbf6c366115bebbd.manifest
[2009/07/27 16:45:24 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_en-us_74e7995f0039f782.manifest
[2009/07/27 16:45:22 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_es-es_74b2f6430060e927.manifest
[2009/07/27 16:45:25 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_fr-fr_176a6c41f332ff89.manifest
[2009/07/27 16:45:22 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_it-it_01926288ca64e507.manifest
[2009/07/27 16:45:23 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_ja-jp_a3b7e195bd7ff6e2.manifest
[2009/07/27 16:45:28 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_nl-nl_2df38abd8941f389.manifest
[2008/01/21 03:21:45 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_en-us_7698ba05e403d673.manifest
[2009/07/27 16:45:27 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.16646_none_591b3d986f9b5725.manifest
[2009/07/27 16:45:27 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.20782_none_5975998b88dd0157.manifest
[2008/01/21 03:20:53 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18000_none_5b26ba326ca6e048.manifest
[2009/07/27 16:45:25 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b.manifest
[2009/07/27 16:45:25 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.22125_none_5b9fb89785d036a7.manifest
[2009/04/11 00:12:44 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2006/11/02 11:13:06 | 000,003,970 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6000.16386_none_68fc663d5430d3de.manifest
[2008/01/21 03:19:11 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2008/01/21 03:23:37 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmloader.dll
[2008/01/21 03:23:37 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmloader.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
[2012/06/03 14:50:48 | 000,002,430 | ---- | M] () -- \Windows\System32\Tasks\AutoKMS
< *activator* /s >
< *serial* /s >
[2011/08/30 17:58:34 | 000,413,696 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.0.60831.0\System.Runtime.Serialization.dll
[2011/12/17 13:35:19 | 001,186,816 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.0.60831.0\System.Runtime.Serialization.ni.dll
[2010/04/12 13:21:01 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2008/04/17 11:33:50 | 000,081,920 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2008/04/17 11:37:56 | 000,122,880 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\el\System.RunTime.Serialization.Resources.dll
[2013/07/22 19:44:15 | 000,000,811 | ---- | M] () -- \Users\Dida\AppData\Local\Opera\Opera\icons\http%3A%2F%2Feserial.cz%2Ffavicon%2Fdapch.png
[2013/09/02 18:16:24 | 000,000,842 | ---- | M] () -- \Users\Dida\AppData\Local\Opera\Opera\icons\http%3A%2F%2Feserial.cz%2Ffavicon%2Fdexter.png
[2013/11/13 17:56:50 | 000,000,878 | ---- | M] () -- \Users\Dida\AppData\Local\Opera\Opera\icons\http%3A%2F%2Feserial.cz%2Ffavicon%2Ffuturama.png
[2013/09/01 20:03:35 | 000,000,824 | ---- | M] () -- \Users\Dida\AppData\Local\Opera\Opera\icons\http%3A%2F%2Feserial.cz%2Ffavicon%2Fhimym.png
[2013/09/07 14:07:42 | 000,000,655 | ---- | M] () -- \Users\Dida\AppData\Local\Opera\Opera\icons\http%3A%2F%2Feserial.cz%2Ffavicon%2Fhouse.png
[2013/09/10 16:04:04 | 000,000,960 | ---- | M] () -- \Users\Dida\AppData\Local\Opera\Opera\icons\http%3A%2F%2Feserial.cz%2Ffavicon%2Fpratele.png
[2013/03/16 21:24:10 | 000,000,530 | ---- | M] () -- \Users\Dida\AppData\Local\Opera\Opera\icons\http%3A%2F%2Ffilmy-serialy.iplace.cz%2F_%2Ffavicon.png
[2013/09/16 18:53:02 | 000,000,530 | ---- | M] () -- \Users\Dida\AppData\Local\Opera\Opera\icons\http%3A%2F%2Ffilmy-serialy.iplace.cz%2F_%2Fimg%2Ffavicon.png
[2013/03/16 21:43:53 | 000,000,530 | ---- | M] () -- \Users\Dida\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fonline-serial.jex.cz%2F_%2Ffavicon.png
[2013/03/19 21:44:10 | 000,000,075 | ---- | M] () -- \Users\Dida\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fonline-serialy-zdarma.info%2Ffavicon.png
[2013/03/19 21:36:58 | 000,000,144 | ---- | M] () -- \Users\Dida\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fserialy.keshlédnutí.eu%2Ffavicon.png
[2013/09/16 18:37:16 | 000,000,339 | ---- | M] () -- \Users\Dida\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.serialkov.cz%2Fwp-content%2Fthemes%2Farras%2Fimages%2Ffavicon.png
[2013/03/19 21:03:10 | 000,000,185 | ---- | M] () -- \Users\Dida\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.serialovna.cz%2Fimg%2Ffavicon.png
[2013/09/01 13:05:37 | 000,000,878 | ---- | M] () -- \Users\Dida\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.serialovysvet.cz%2Fimages%2Ffavicon.png
[2012/10/12 20:07:25 | 000,000,191 | ---- | M] () -- \Users\Dida\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.serialspot.cz%2Ffavicon.png
[2012/01/20 19:31:59 | 000,000,456 | ---- | M] () -- \Users\Dida\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.serialycesky.cz%2Ffavicon.png
[2013/02/12 19:38:37 | 000,000,365 | ---- | M] () -- \Users\Dida\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.serialycesky.cz%2Ficons%2Fimg%2Fonesolution.png
[2013/04/27 14:31:02 | 000,000,673 | ---- | M] () -- \Users\Dida\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.serialycz.cz%2Fwp-content%2Fuploads%2Ffavicon1.png
[2011/11/27 10:30:19 | 000,000,581 | ---- | M] () -- \Users\Dida\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.serialzone.cz%2Ffavicon.png
[2013/02/12 19:39:35 | 000,000,544 | ---- | M] () -- \Users\Dida\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.sledujuserialy.cz%2Ffavicon.png
[2012/10/12 08:17:32 | 000,000,318 | ---- | M] () -- \Users\Dida\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.televizniserial.cz%2Ftvi.png
[2013/03/19 21:26:09 | 000,000,452 | ---- | M] () -- \Users\Dida\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.top-serialy.cz%2Ffavicon.png
[2013/03/19 21:43:13 | 000,000,628 | ---- | M] () -- \Users\Dida\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.topserialyonline.cz%2Ftemplates%2Frt_metropolis%2Ffavicon.png
[2009/03/30 05:42:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2008/04/17 11:33:50 | 000,081,920 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2008/04/17 11:37:56 | 000,122,880 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_el_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2010/04/12 13:21:01 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2011/12/17 16:41:01 | 002,346,496 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\4b4c359912c1241246f50a4c47dbab3c\System.Runtime.Serialization.ni.dll
[2011/12/17 16:06:46 | 002,346,496 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\8956038e00dfe9da1a536959bbb607d4\System.Runtime.Serialization.ni.dll
[2011/12/17 15:54:39 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e2c7aa4752b968c96989bbfba59f5183\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011/12/17 16:41:13 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f97b31da89858b85c70b4eb45bc91ace\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011/12/17 16:46:33 | 000,310,272 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\d0ff3383438d688a0118d0fa19ed1dc4\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011/12/17 16:46:28 | 002,625,024 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\e9f8a45b1063d6c6a62718c88a5623d1\System.Runtime.Serialization.ni.dll
[2011/12/17 16:39:29 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011/12/17 16:39:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2009/03/30 05:42:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010/04/12 13:21:15 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010/03/18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010/03/18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2008/01/21 03:23:51 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2006/11/02 09:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2014/01/11 22:55:58 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys.bak
[2006/11/02 08:41:49 | 001,010,560 | ---- | M] () -- \Windows\System32\drivers\smserial.sys
[2014/01/11 22:55:59 | 001,010,560 | ---- | M] () -- \Windows\System32\drivers\smserial.sys.bak
[2006/11/02 13:41:26 | 000,004,096 | ---- | M] () -- \Windows\System32\drivers\en-US\grserial.sys.mui
[2006/11/02 13:40:54 | 000,010,752 | ---- | M] () -- \Windows\System32\drivers\en-US\serial.sys.mui
[2008/01/21 03:23:26 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\hiddigi.inf_33048ac2\serial.sys
[2006/11/02 09:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\hiddigi.inf_9d4661e2\serial.sys
[2006/11/02 08:41:49 | 001,010,560 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_91bbdacd\smserial.sys
[2008/01/21 03:23:01 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_44880ea7\serial.sys
[2006/11/02 09:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_ac874de4\serial.sys
[2006/11/02 09:51:28 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_a24cc104\grserial.sys
[2008/01/21 03:23:22 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_bec36faa\grserial.sys
[2008/04/17 11:43:27 | 000,005,632 | ---- | M] () -- \Windows\System32\sk-SK\serialui.dll.mui
[2011/12/17 15:26:47 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61.manifest
[2011/12/17 15:26:47 | 000,017,384 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61_kdcom.dll_db5e7744
[2008/04/17 11:43:57 | 000,005,632 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6000.16386_sk-sk_77c6875313d8fdd7_serialui.dll.mui_7d29d2a3
[2011/12/17 15:27:32 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6002.18005_none_f6ed1a9a1bcc8805_serialui.dll_bea29328
[2006/11/02 13:33:50 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16386_none_d24e4473b7df83f3.manifest
[2008/06/23 03:05:53 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16708_none_d2461403b7e6edc1.manifest
[2008/06/23 03:02:26 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.20864_none_bb7eca1fd1887f4d.manifest
[2008/01/21 03:21:15 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18000_none_d222c62fb8372cbf.manifest
[2008/06/23 03:40:19 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18096_none_d22b4019b82faa94.manifest
[2010/04/12 19:45:00 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18457_none_d2272799b833601d.manifest
[2008/06/23 02:58:46 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.22208_none_bb54690bd1df5a1e.manifest
[2010/04/12 19:51:10 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.22668_none_bb5a6a37d1d9f36c.manifest
[2009/04/11 00:16:00 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18005_none_d1fe4b6bb888c0d3.manifest
[2010/04/12 19:29:50 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18239_none_d200f0e1b88673fe.manifest
[2010/04/12 20:40:05 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22380_none_bb39189bd2286c0e.manifest
[2008/04/17 11:32:25 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_cs-cz_5ff98b2cc72ba40d.manifest
[2008/04/17 11:36:30 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_el-gr_bb1eba0702d0c85e.manifest
[2006/11/02 13:39:55 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_en-us_bb16054302d6ef1f.manifest
[2008/06/23 03:30:17 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16708_en-us_bb0dd4d302de58ed.manifest
[2008/06/23 03:23:53 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20864_en-us_a4468aef1c7fea79.manifest
[2008/06/23 03:32:13 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18096_en-us_baf300e9032715c0.manifest
[2010/04/12 18:23:06 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18457_en-us_baeee869032acb49.manifest
[2008/06/23 03:09:44 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22208_en-us_a41c29db1cd6c54a.manifest
[2010/04/12 18:31:55 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22668_en-us_a4222b071cd15e98.manifest
[2010/04/12 23:15:50 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_cs-cz_5fac379ac7d29418.manifest
[2010/04/12 22:12:52 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_el-gr_bad166750377b869.manifest
[2010/04/12 18:44:55 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_en-us_bac8b1b1037ddf2a.manifest
[2010/04/12 23:51:48 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_cs-cz_48e45f54e1748c28.manifest
[2010/04/12 23:30:10 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_el-gr_a4098e2f1d19b079.manifest
[2010/04/12 19:41:31 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_en-us_a400d96b1d1fd73a.manifest
[2006/11/02 13:33:50 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16386_none_02917a0ddf868526.manifest
[2008/06/23 03:05:31 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16708_none_0289499ddf8deef4.manifest
[2008/06/23 03:02:01 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.20864_none_ebc1ffb9f92f8080.manifest
[2008/01/21 03:21:15 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18000_none_0265fbc9dfde2df2.manifest
[2008/06/23 03:39:55 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18096_none_026e75b3dfd6abc7.manifest
[2010/04/12 19:44:39 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18457_none_026a5d33dfda6150.manifest
[2008/06/23 02:58:14 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.22208_none_eb979ea5f9865b51.manifest
[2010/04/12 19:50:49 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.22668_none_eb9d9fd1f980f49f.manifest
[2009/04/11 00:15:32 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18005_none_02418105e02fc206.manifest
[2010/04/12 19:29:29 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18239_none_0244267be02d7531.manifest
[2010/04/12 20:39:45 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22380_none_eb7c4e35f9cf6d41.manifest
[2006/11/02 11:18:20 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6000.16386_none_0f7ecb22afbfde41.manifest
[2008/01/21 03:20:08 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6001.18000_none_11b58d1eacaaef15.manifest
[2009/04/11 00:13:32 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61.manifest
[2006/11/02 11:02:09 | 000,001,406 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.0.6000.16386_none_2a8610ec098ae6c4.manifest
[2006/11/02 13:33:50 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16386_none_076c25db205d1f68.manifest
[2008/06/23 03:08:38 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16708_none_0763f56b20648936.manifest
[2008/06/23 03:05:46 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.20864_none_f09cab873a061ac2.manifest
[2008/01/21 03:21:11 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18000_none_0740a79720b4c834.manifest
[2008/06/23 03:43:41 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18096_none_0749218120ad4609.manifest
[2010/04/12 19:47:49 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18457_none_0745090120b0fb92.manifest
[2008/06/23 03:02:24 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.22208_none_f0724a733a5cf593.manifest
[2010/04/12 19:53:39 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.22668_none_f0784b9f3a578ee1.manifest
[2009/04/11 00:18:56 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18005_none_071c2cd321065c48.manifest
[2010/04/12 19:32:33 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18239_none_071ed24921040f73.manifest
[2010/04/12 20:42:39 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22380_none_f056fa033aa60783.manifest
[2006/10/20 02:14:53 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6000.16386_none_483e6ea12378b3a8\System.Runtime.Serialization.Formatters.Soap.dll
[2008/07/27 19:00:27 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6000.16720_none_4838f505237d831c\System.Runtime.Serialization.Formatters.Soap.dll
[2008/07/27 18:55:55 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6000.20883_none_31710ba93d1fc80f\System.Runtime.Serialization.Formatters.Soap.dll
[2008/01/21 03:23:53 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6001.18000_none_4812f05d23d05c74\System.Runtime.Serialization.Formatters.Soap.dll
[2008/07/27 19:03:15 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6001.18111_none_4813d9bb23cf8fbd\System.Runtime.Serialization.Formatters.Soap.dll
[2008/07/27 18:58:35 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6001.22230_none_31484a573d7508d0\System.Runtime.Serialization.Formatters.Soap.dll
[2009/03/30 05:42:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6002.18005_none_47ee75992421f088\System.Runtime.Serialization.Formatters.Soap.dll
[2006/11/02 13:36:03 | 000,888,832 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16386_none_d24e4473b7df83f3\System.Runtime.Serialization.dll
[2008/06/20 02:17:50 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16708_none_d2461403b7e6edc1\System.Runtime.Serialization.dll
[2008/06/20 02:12:45 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.20864_none_bb7eca1fd1887f4d\System.Runtime.Serialization.dll
[2008/01/21 03:25:23 | 000,929,792 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18000_none_d222c62fb8372cbf\System.Runtime.Serialization.dll
[2008/06/20 02:14:31 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18096_none_d22b4019b82faa94\System.Runtime.Serialization.dll
[2010/04/12 13:20:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18457_none_d2272799b833601d\System.Runtime.Serialization.dll
[2008/06/20 02:13:19 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.22208_none_bb54690bd1df5a1e\System.Runtime.Serialization.dll
[2010/04/12 13:22:02 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.22668_none_bb5a6a37d1d9f36c\System.Runtime.Serialization.dll
[2009/02/18 19:38:43 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18005_none_d1fe4b6bb888c0d3\System.Runtime.Serialization.dll
[2010/04/12 13:21:15 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18239_none_d200f0e1b88673fe\System.Runtime.Serialization.dll
[2010/04/12 13:22:02 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22380_none_bb39189bd2286c0e\System.Runtime.Serialization.dll
[2008/04/17 11:33:50 | 000,081,920 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_cs-cz_5ff98b2cc72ba40d\System.RunTime.Serialization.Resources.dll
[2008/04/17 11:37:56 | 000,122,880 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_el-gr_bb1eba0702d0c85e\System.RunTime.Serialization.Resources.dll
[2009/04/16 08:41:45 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_cs-cz_5fac379ac7d29418\System.RunTime.Serialization.Resources.dll
[2009/04/16 08:46:49 | 000,135,168 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_el-gr_bad166750377b869\System.RunTime.Serialization.Resources.dll
[2009/04/16 07:17:56 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_cs-cz_48e45f54e1748c28\System.RunTime.Serialization.Resources.dll
[2009/04/16 07:22:08 | 000,135,168 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_el-gr_a4098e2f1d19b079\System.RunTime.Serialization.Resources.dll
[2006/11/02 13:36:03 | 000,888,832 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16386_none_02917a0ddf868526\System.Runtime.Serialization.dll
[2008/06/20 02:17:48 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16708_none_0289499ddf8deef4\System.Runtime.Serialization.dll
[2008/06/20 02:12:43 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.20864_none_ebc1ffb9f92f8080\System.Runtime.Serialization.dll
[2008/01/21 03:25:23 | 000,929,792 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18000_none_0265fbc9dfde2df2\System.Runtime.Serialization.dll
[2008/06/20 02:14:29 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18096_none_026e75b3dfd6abc7\System.Runtime.Serialization.dll
[2010/04/12 13:19:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18457_none_026a5d33dfda6150\System.Runtime.Serialization.dll
[2008/06/20 02:13:17 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.22208_none_eb979ea5f9865b51\System.Runtime.Serialization.dll
[2010/04/12 13:21:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.22668_none_eb9d9fd1f980f49f\System.Runtime.Serialization.dll
[2009/02/18 19:38:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18005_none_02418105e02fc206\System.Runtime.Serialization.dll
[2010/04/12 13:21:01 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18239_none_0244267be02d7531\System.Runtime.Serialization.dll
[2010/04/12 13:21:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22380_none_eb7c4e35f9cf6d41\System.Runtime.Serialization.dll
[2006/11/02 13:41:26 | 000,010,752 | ---- | M] () -- \Windows\winsxs\x86_hiddigi.inf.resources_31bf3856ad364e35_6.0.6000.16386_en-us_34b5f355d987afa1\serial.sys.mui
[2008/01/21 03:23:26 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_hiddigi.inf_31bf3856ad364e35_6.0.6001.18000_none_955c449145dbf667\serial.sys
[2008/04/17 11:43:27 | 000,005,632 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6000.16386_sk-sk_77c6875313d8fdd7\serialui.dll.mui
[2008/01/21 03:23:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6001.18000_none_f501a18e1eaabcb9\serialui.dll
[2008/01/21 03:23:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6002.18005_none_f6ed1a9a1bcc8805\serialui.dll
[2008/04/17 11:33:50 | 000,081,920 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_5b3d50955593c887\System.RunTime.Serialization.Resources.dll
[2008/04/17 11:37:56 | 000,122,880 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6000.16386_el-gr_9e38f38b3cc581ae\System.RunTime.Serialization.Resources.dll
[2006/11/02 13:40:54 | 000,010,752 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.0.6000.16386_en-us_05d5abe6364bafaf\serial.sys.mui
[2008/01/21 03:23:01 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.0.6001.18000_none_f897b0b1b85e4433\serial.sys
[2006/11/02 13:41:26 | 000,004,096 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf.resources_31bf3856ad364e35_6.0.6000.16386_en-us_f75d56acd8933ebf\grserial.sys.mui
[2008/01/21 03:23:22 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.0.6001.18000_none_72a9e15f343dcd03\grserial.sys
[2006/11/02 13:36:02 | 000,888,832 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16386_none_076c25db205d1f68\System.Runtime.Serialization.dll
[2008/06/20 02:17:48 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16708_none_0763f56b20648936\System.Runtime.Serialization.dll
[2008/06/20 02:12:43 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.20864_none_f09cab873a061ac2\System.Runtime.Serialization.dll
[2008/01/21 03:25:21 | 000,929,792 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18000_none_0740a79720b4c834\System.Runtime.Serialization.dll
[2008/06/20 02:14:29 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18096_none_0749218120ad4609\System.Runtime.Serialization.dll
[2010/04/12 13:19:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18457_none_0745090120b0fb92\System.Runtime.Serialization.dll
[2008/06/20 02:13:17 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.22208_none_f0724a733a5cf593\System.Runtime.Serialization.dll
[2010/04/12 13:21:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.22668_none_f0784b9f3a578ee1\System.Runtime.Serialization.dll
[2009/02/18 19:38:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18005_none_071c2cd321065c48\System.Runtime.Serialization.dll
[2010/04/12 13:21:01 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18239_none_071ed24921040f73\System.Runtime.Serialization.dll
[2010/04/12 13:21:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22380_none_f056fa033aa60783\System.Runtime.Serialization.dll
< *w7lxe* /s >
========== Files - Unicode (All) ==========
[2013/11/21 13:07:18 | 105,505,507 | ---- | M] ()(C:\Windows\System32\????) -- C:\Windows\System32\ᝤ뒔ᨼ
[2013/11/17 18:28:10 | 105,505,507 | ---- | C] ()(C:\Windows\System32\????) -- C:\Windows\System32\ᝤ뒔ᨼ
[2013/11/11 20:23:27 | 103,792,856 | ---- | M] ()(C:\Windows\System32\????) -- C:\Windows\System32\㻅뒽ᨼ
[2013/10/19 19:28:39 | 103,792,856 | ---- | C] ()(C:\Windows\System32\????) -- C:\Windows\System32\㻅뒽ᨼ
[2013/10/16 13:09:02 | 101,393,623 | ---- | M] ()(C:\Windows\System32\#???) -- C:\Windows\System32\#傼ᨼ
[2013/10/12 19:05:50 | 101,393,623 | ---- | C] ()(C:\Windows\System32\#???) -- C:\Windows\System32\#傼ᨼ
[2013/10/06 19:01:04 | 099,477,982 | ---- | M] ()(C:\Windows\System32\????) -- C:\Windows\System32\쓳팀ᨼ
[2013/10/02 10:50:28 | 099,477,982 | ---- | C] ()(C:\Windows\System32\????) -- C:\Windows\System32\쓳팀ᨼ
[2013/10/02 04:50:32 | 098,689,490 | ---- | M] ()(C:\Windows\System32\????) -- C:\Windows\System32\犀㬿ᨼ
[2013/09/29 17:42:57 | 098,689,490 | ---- | C] ()(C:\Windows\System32\????) -- C:\Windows\System32\犀㬿ᨼ
[2013/09/28 19:25:47 | 098,442,955 | ---- | M] ()(C:\Windows\System32\???©) -- C:\Windows\System32\諸פֿᨼ©
[2013/09/26 21:41:31 | 098,442,955 | ---- | C] ()(C:\Windows\System32\???©) -- C:\Windows\System32\諸פֿᨼ©
[2013/09/25 18:57:00 | 097,787,360 | ---- | M] ()(C:\Windows\System32\???¤) -- C:\Windows\System32\옥ᨼ¤
[2013/09/22 14:53:12 | 097,787,360 | ---- | C] ()(C:\Windows\System32\???¤) -- C:\Windows\System32\옥ᨼ¤
[2013/09/10 17:23:00 | 096,985,259 | ---- | M] ()(C:\Windows\System32\????) -- C:\Windows\System32\鰍䆸᭄
[2013/09/10 17:23:00 | 096,985,259 | ---- | C] ()(C:\Windows\System32\????) -- C:\Windows\System32\鰍䆸᭄
[2013/09/09 19:34:54 | 096,772,628 | ---- | M] ()(C:\Windows\System32\???¦) -- C:\Windows\System32\ᣱ᭄¦
[2013/09/09 09:58:03 | 096,772,628 | ---- | C] ()(C:\Windows\System32\???¦) -- C:\Windows\System32\ᣱ᭄¦
[2013/09/08 15:55:00 | 096,566,691 | ---- | M] ()(C:\Windows\System32\????) -- C:\Windows\System32\쏾貍᭄
[2013/09/04 19:36:42 | 096,566,691 | ---- | C] ()(C:\Windows\System32\????) -- C:\Windows\System32\쏾貍᭄
[2013/08/25 18:35:30 | 100,156,396 | ---- | M] ()(C:\Windows\System32\???¬) -- C:\Windows\System32\裕咩᭄¬
[2013/08/25 18:35:30 | 100,156,396 | ---- | C] ()(C:\Windows\System32\???¬) -- C:\Windows\System32\裕咩᭄¬
[2013/08/22 03:37:14 | 099,750,289 | ---- | M] ()(C:\Windows\System32\???) -- C:\Windows\System32\ઋ䰶᭄
[2013/08/21 20:57:15 | 099,750,289 | ---- | C] ()(C:\Windows\System32\???) -- C:\Windows\System32\ઋ䰶᭄
========== Alternate Data Streams ==========
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:AC0FFFAF
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:88BFF41D
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:D1B5B4F1
< End of report >
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
virus?
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: virus?
extras
1/2
OTL Extras logfile created on: 12. 1. 2014 10:17:41 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dida\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy
2,97 Gb Total Physical Memory | 1,69 Gb Available Physical Memory | 57,06% Memory free
6,13 Gb Paging File | 4,90 Gb Available in Paging File | 79,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 38,87 Gb Free Space | 26,08% Space Free | Partition Type: NTFS
Drive D: | 137,32 Gb Total Space | 126,21 Gb Free Space | 91,91% Space Free | Partition Type: NTFS
Computer Name: DIDA-PC | User Name: Dida | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1748391619-1199234601-265589567-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Photo Manager 12.Manage] -- "C:\Program Files\ACD Systems\ACDSee\12.0\ACDSeeQV12.exe" "%1" (ACD Systems International Inc.)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1748391619-1199234601-265589567-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0154F9A8-9C43-4FA9-AAC5-DD41B41A2BDA}" = lport=445 | protocol=6 | dir=in | app=system |
"{0294BB2F-6178-459D-8C46-8D1C40D6AD6B}" = rport=445 | protocol=6 | dir=out | app=system |
"{057550CC-1C7E-4C7B-A2F8-3A8DDC978C8C}" = lport=138 | protocol=17 | dir=in | app=system |
"{08E024BB-596A-4DFF-A430-159062EB67CE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{16D217A1-1FBA-42A1-B140-6BA5FCDB824A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{19A5737B-0BEE-43C8-BCD3-3CC714AA4FD3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{21517546-DC46-4442-9D21-53B2967CB80E}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{25B9D31D-64EC-44F5-900B-17177C3E5D3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2869C48F-3A7D-4C53-AF1B-01B57AC4E386}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{295EF879-34FC-4A05-A484-51AA1443280E}" = lport=445 | protocol=6 | dir=in | app=system |
"{296E1DED-4DCE-4865-8E1B-99E960691A52}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2FA65B31-3A9D-4C20-AFC6-469495F0EF44}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{36082D9A-BEE0-4F8B-95D1-C92BF5E413D7}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{360E379E-9819-40B0-AFA2-8D5B31D35C2B}" = rport=137 | protocol=17 | dir=out | app=system |
"{4084E937-EAAA-47EE-9520-7BE7CE434C09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4BF5EB07-06A2-40E2-B5B6-244EF5C49A0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5456EA1E-AF45-48BD-9C96-AB99A6CCF1D9}" = lport=139 | protocol=6 | dir=in | app=system |
"{6364B77A-8796-4078-B3CC-5963A3E70B4F}" = rport=139 | protocol=6 | dir=out | app=system |
"{67A01D18-CB10-4715-9170-40A51C23C5EC}" = rport=138 | protocol=17 | dir=out | app=system |
"{689AC591-2A63-4A61-8952-C59E42B444CE}" = lport=138 | protocol=17 | dir=in | app=system |
"{6EFD3216-D4DB-448C-81DA-E8838C66FFD2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7365340E-EAAA-40C1-ADAC-A8C93D15EF80}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{7C7BD74E-D59D-40F9-8481-A74C4729E9DD}" = rport=138 | protocol=17 | dir=out | app=system |
"{83C64BA2-BA9E-4895-8F32-499EFA5802C6}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{84145FB8-CA72-4612-9B27-A43A3970D800}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{86444BB3-291D-4D31-A046-BB4AA3243C28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8A23ED2E-BCBF-4412-B199-374A6A7E7EBC}" = lport=137 | protocol=17 | dir=in | app=system |
"{9943CB93-85B9-456F-8DDC-23A2F6610B11}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{AF8150A9-8B4A-4262-900E-D368942052B3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B69C18DF-FACE-4689-8EEB-FC15A1A13385}" = lport=3756 | protocol=17 | dir=in | name=canon capt port |
"{BE10AB93-C4A6-464B-BE93-069E778BFF99}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C232D951-55E7-4D04-9346-F88A07FC0B22}" = lport=137 | protocol=17 | dir=in | app=system |
"{C428A183-FD79-40B5-990D-895328F43AC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CF0676E6-E2EC-438A-9741-7029DEBD00CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E6D9862C-C711-4964-9214-4AD35058822F}" = lport=62704 | protocol=17 | dir=in | name=canon capt port |
"{E75AC0B9-90DC-4DF9-8133-960F21A1273D}" = lport=139 | protocol=6 | dir=in | app=system |
"{E784816F-4C03-404D-B95E-53E30C21E1D7}" = rport=445 | protocol=6 | dir=out | app=system |
"{E978250A-20BB-45FF-8D0D-00F5E7FEA583}" = rport=139 | protocol=6 | dir=out | app=system |
"{F07C1E94-3176-41E8-88EB-BA0570479F46}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F534D21D-02A4-4E48-A237-A3745ED5E6D3}" = rport=137 | protocol=17 | dir=out | app=system |
"{F9C1EEE5-72B7-40C6-BC7C-64E9DF7DEB39}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{003C7A18-60D9-4C89-94D8-DE42C1AA1D76}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{006DA958-164F-4D07-A46B-8262C57B78CA}" = protocol=17 | dir=in | app=c:\program files (x86)\crashplan\crashplanservice.exe |
"{011B238A-1BD5-47AD-81F0-29464D97205F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{02A4D600-582A-4C14-ADFE-C125CF0CB18F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{03362B39-84A0-4EE7-A675-30FED1F580BD}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{06D0208F-94DB-46D3-BFA7-0E3AAD874AA5}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{1016EAF2-D1F7-4DAD-9F0A-969F159888D1}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{110B9A97-29F3-4C6D-B8F3-C5A7989D76A3}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{11FE1907-6203-4A8A-8269-C42BBF293DAE}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{11FE3A96-9441-41B1-B20B-422A7915287F}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{12F4E486-B8BA-4295-99B2-BBA974D78510}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{1415AEE0-4CBC-4B54-9180-2714A7BB7AD1}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{1473D86F-6F04-46A3-9153-CD04272511DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{17273A2A-5344-42E2-B84A-C769E5B0736E}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{1D637F03-6067-40EC-98D3-F73AED7A2ADF}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{1E934E17-0037-41FB-B2FC-7A59FC130DAE}" = protocol=6 | dir=in | app=c:\windows\system32\cnab5rpd.exe |
"{24311495-3C78-459F-875C-5B06DE679A08}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{2568122B-E821-463D-8DDD-220E5D9D46F0}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{29F19F4D-4B63-431E-9073-E7B7B6817BCD}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{2BD9B5FD-5526-4260-A39B-5612C6BA6143}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{2CC8FC33-BA57-4747-8B4F-2889613BE881}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{2E76EF95-CCA8-4297-8C7F-6E0891CBCADC}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{306ECEDA-04C7-4295-B62D-6FE7D5CFA527}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{32DC8E53-A696-4C93-A7B9-72AEAC3FA1CF}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{35728421-BA60-41FD-9DF9-1312CAF5F9B3}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{35F79786-F7D6-4C93-9950-D83FE64DDC3B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{36D9A52A-785C-4004-8B6F-29E49ED1D680}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{37CCE2F8-3F60-4222-9BFD-77893EA8939D}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{38E055E1-F6A0-4644-A3B2-E7464B3AABC6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{3A7A4B3A-9CC1-4FE7-B2E8-3E9114DEEFE7}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{40C7A70A-D410-43C0-9B10-4B02D52F7669}" = protocol=17 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
"{41C55472-E8E8-4648-A2D2-CE731B0A97A5}" = protocol=6 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
"{425AB0F1-B307-4F29-A760-4ACA7472D54F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{44513E08-C767-4405-B251-7D447275EDE2}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{44DAF380-AAC8-4E93-880B-3C7E7A6271D1}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{46D7B946-5AE3-473C-9543-E3AEC7D8A733}" = protocol=6 | dir=in | app=c:\program files (x86)\crashplan\crashplanservice.exe |
"{48313126-5415-499D-8443-85726B0AE96A}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{4849799C-D8E9-4360-8F9A-6B5F2BCC7EA4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{4BC5B1FC-0A9B-4212-BE16-ECCFE6E13274}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{523A79AB-0DD6-4E5B-B5B3-FB96519A2E07}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{55F914DF-4C7F-423F-AAA3-69FF43BDF4FD}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{56E808A1-BFD0-4B79-B567-B9FA848D697F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{57728190-1896-401B-8258-FBE1576EF139}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{5892A2F6-23B6-424E-81DA-A1558794E876}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{58D2DB3D-4797-4622-92EC-5307D9D92841}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{5BBDB9C8-4284-432B-BAC7-2F88CE0CE968}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{5C69E701-CE65-430D-973E-7BF5412D572F}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{5D25A658-6916-4688-B20C-2E38969E8D52}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{5F98041B-1883-4AEA-89F4-FF1012EDBE2D}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{62F27534-2769-4D2F-B42F-E96E62F64F44}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{64272630-9568-4656-BB26-827DCBFAF1FD}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{64FCD6EE-B732-4907-BD49-F31C2834E779}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{65901CFC-D156-4C8F-90EA-C26D256CA195}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6603066F-823D-490F-B822-E641A53244BB}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{689EAF8B-D5D0-4BFE-9388-92F0110669F2}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{68F6992D-6E9D-4F14-88EC-3E0B8BEC7EFF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{699D6C2E-CE4B-48B2-8F0D-7EB3D1690BE5}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{6B8E2289-3569-45F9-BB10-785E441CA6BD}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{6BDC0148-E613-4BBE-88C2-FBDB9EFA9026}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{6E795A06-D51A-4E9F-A326-C6F8DDFD6976}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{6F763DE4-1147-42A9-9803-6A0B3DCE9311}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{70F1C216-4B44-418D-9C27-7B691B7A8CBD}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{713B269E-BF9E-470E-8237-5F279D6F5C24}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{7198E948-2A16-4291-A8D1-A8CEE148287E}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{72CF1D04-31DC-4E81-95F8-249A41A8A5D9}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{7826820F-7052-4765-BD71-2E648BEB582C}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{792D3AAC-BA47-4F9B-A715-4F23B50DB288}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{7CABD9D5-E51C-4CD2-86CD-82F941E7B349}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{7D313B88-B975-47D2-AA93-788CE249CC9B}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{7EBB189F-08CE-414C-88D3-6061FDDF3FE5}" = protocol=17 | dir=in | app=c:\windows\system32\cnab5rpd.exe |
"{82DBF72A-CAE0-41E7-980D-51CA2EE94BFF}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{849740DC-4222-499A-89AF-E0C035F3B92B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{862A9381-0ACA-4327-8C8E-8CCF9F4F9AC3}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{8642AF85-31DC-4BB3-8E9D-1E478C224084}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8946F4E7-94E1-49BC-8DB9-4CE67B384A17}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{8A02BC6D-612E-4CBA-990C-F63443D8BC2F}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{8C311575-BE57-43B0-9146-4F37673E46D9}" = protocol=58 | dir=in | app=system |
"{8C3C142D-4A01-4D9E-9644-2E0F4DFAAA7B}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{912D705C-FDEC-460D-AC7C-FF8C762ACBEA}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{91C7DF13-9FB2-4228-B5C9-8536DFD1B3EB}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{92A2BCD0-A8C8-40F5-8D0E-97FFE0F372DE}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{95DD4AA0-2BE6-4576-8740-56ECBDCB65C1}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{95E4CFD9-AD6F-4D82-916F-592E74D1CABF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{95FB42DD-451A-4553-ACDD-E4A56C96BCEF}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{96458948-9A7F-4A44-A426-FF9FBD674E09}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{9735A037-1396-471B-9BA3-EE760DA93C84}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{9B2A026C-AD01-4315-9A5D-769DACC33167}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{9B6C15C6-0FFE-43B9-9E0F-4AAF7EF98382}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{9C42BF2E-0B51-494B-8A8C-CE73B99CA29B}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{9F6BE705-0926-4C15-8C0E-5B8830A59606}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{A0F25827-F13A-4F0B-9125-5906480E8D24}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{A1032C91-D268-47DA-99B0-848AFA7290CE}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{A28AFE86-8B56-47E1-A237-E1730E3AA04B}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{A2F99E03-DB50-416B-8CE1-A6728A2920C5}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{A40BF473-E19A-4DFA-910C-863767EF7F11}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{A5589677-56C4-46C1-A86B-1F0B5425786F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A8444455-6FB9-4E27-A986-6C86C45F8E97}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{A87B86DD-80E7-4B78-9F6D-82F74DF7F8D1}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{AB3FBA72-52C3-4476-9A38-230DBE05659B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AC3C7AAC-FC28-4282-8D9C-058B35FFEBE9}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{B3426C71-D68D-4C14-83EB-442B28D8CADF}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{B72CD41D-96F4-4AD5-AB2E-E41B60E2A399}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{BAA54629-692A-4E08-8A8C-EFA025DDDC1C}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{BB2D4BE0-5796-4FDC-A427-B6C57FF2F798}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{BBC648E4-AD89-4A24-9607-2F370FBB635E}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{BBEE7150-CE9C-45D2-96DB-59D13307C29D}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{BC7833D1-AE4B-4CAB-BDD5-6EA587E5C763}" = protocol=6 | dir=out | app=system |
"{BD0A71D3-B5E4-4AB8-BCEE-2468B51179EA}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{BF8246BB-6CAC-44E6-950F-A469C4C171C6}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{C00EB358-0A75-4764-AAE0-C53566154842}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{C0E6EEF9-D37C-4B71-9294-0D2C6E9DE95B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{C18FDC6B-5492-4E0A-ABE3-3152CA5D002B}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{C3B33677-9466-476A-9614-28685BC17645}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{C6541B56-33A3-4720-91C0-EF9A977F1FFB}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{CA49C244-C54F-499B-A5AD-243D1B393B63}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{CE103E5F-EF98-49A4-91F0-2B5447094517}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{CE504808-152F-4073-8BB9-0F8E7C4D30C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CE5B8204-725E-4864-BC80-DDE8E6AD77BC}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{CF55F084-7385-49DC-8758-CA92D52F09D1}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{D1B66D31-5508-479E-B06C-ABD17F6EBEE9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{D324686A-0397-40A0-A534-2FF0AD8990F6}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D7CACCEF-8D57-46BA-80D3-A6BF0D0723B5}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{D80AB360-892C-4589-B25F-8C430A152778}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{D9196062-2D6A-4EE0-938B-31473BC5EFF5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{DB3B05B5-66FD-4FF2-A63E-F637667B7144}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{DB6D7180-23D9-4CBB-9BD6-772496B00D16}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{DE7EED6D-46F1-47C0-95BE-C9A619E2CB4B}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{E08D8AB3-6E9B-433A-9DCD-A97644B2E67F}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{E372CB59-D3DF-4698-A35A-DDE814E50A7D}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{E542DAE3-949B-4B7A-9C7B-C181AA742E9B}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{E55E20D7-0981-4A06-98F0-B86D05F7CF67}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E6AEA0E5-270F-4234-A99D-B69D15930FF6}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{E8715BB0-E132-4617-B344-62E03BFE2C1C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E926E57D-011D-4F63-BCC5-FFCFDC28D091}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E9D36503-D420-4CDA-84C3-1B2D1BB4A059}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{EAD9561D-4948-4ADB-B5AD-657C50C9694B}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{EDF40E6F-5B76-44C2-9815-4BD699D837C0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{EE787823-A9F7-4DF5-9617-D2270E41B375}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{EFA98652-B437-42AA-B7D3-EFFD71ED4ECD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F45C638A-0D65-45A2-A257-22B93C46A381}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{F6E19BA7-47BC-4FE4-B16E-EA2F5D1343B8}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{F7DCF881-DB9D-4779-8D1C-CCCBAC7C73FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FDCEF3CC-1755-4C3E-8352-50256E957BBE}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
1/2
OTL Extras logfile created on: 12. 1. 2014 10:17:41 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dida\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy
2,97 Gb Total Physical Memory | 1,69 Gb Available Physical Memory | 57,06% Memory free
6,13 Gb Paging File | 4,90 Gb Available in Paging File | 79,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 38,87 Gb Free Space | 26,08% Space Free | Partition Type: NTFS
Drive D: | 137,32 Gb Total Space | 126,21 Gb Free Space | 91,91% Space Free | Partition Type: NTFS
Computer Name: DIDA-PC | User Name: Dida | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1748391619-1199234601-265589567-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Photo Manager 12.Manage] -- "C:\Program Files\ACD Systems\ACDSee\12.0\ACDSeeQV12.exe" "%1" (ACD Systems International Inc.)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1748391619-1199234601-265589567-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0154F9A8-9C43-4FA9-AAC5-DD41B41A2BDA}" = lport=445 | protocol=6 | dir=in | app=system |
"{0294BB2F-6178-459D-8C46-8D1C40D6AD6B}" = rport=445 | protocol=6 | dir=out | app=system |
"{057550CC-1C7E-4C7B-A2F8-3A8DDC978C8C}" = lport=138 | protocol=17 | dir=in | app=system |
"{08E024BB-596A-4DFF-A430-159062EB67CE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{16D217A1-1FBA-42A1-B140-6BA5FCDB824A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{19A5737B-0BEE-43C8-BCD3-3CC714AA4FD3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{21517546-DC46-4442-9D21-53B2967CB80E}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{25B9D31D-64EC-44F5-900B-17177C3E5D3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2869C48F-3A7D-4C53-AF1B-01B57AC4E386}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{295EF879-34FC-4A05-A484-51AA1443280E}" = lport=445 | protocol=6 | dir=in | app=system |
"{296E1DED-4DCE-4865-8E1B-99E960691A52}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2FA65B31-3A9D-4C20-AFC6-469495F0EF44}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{36082D9A-BEE0-4F8B-95D1-C92BF5E413D7}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{360E379E-9819-40B0-AFA2-8D5B31D35C2B}" = rport=137 | protocol=17 | dir=out | app=system |
"{4084E937-EAAA-47EE-9520-7BE7CE434C09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4BF5EB07-06A2-40E2-B5B6-244EF5C49A0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5456EA1E-AF45-48BD-9C96-AB99A6CCF1D9}" = lport=139 | protocol=6 | dir=in | app=system |
"{6364B77A-8796-4078-B3CC-5963A3E70B4F}" = rport=139 | protocol=6 | dir=out | app=system |
"{67A01D18-CB10-4715-9170-40A51C23C5EC}" = rport=138 | protocol=17 | dir=out | app=system |
"{689AC591-2A63-4A61-8952-C59E42B444CE}" = lport=138 | protocol=17 | dir=in | app=system |
"{6EFD3216-D4DB-448C-81DA-E8838C66FFD2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7365340E-EAAA-40C1-ADAC-A8C93D15EF80}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{7C7BD74E-D59D-40F9-8481-A74C4729E9DD}" = rport=138 | protocol=17 | dir=out | app=system |
"{83C64BA2-BA9E-4895-8F32-499EFA5802C6}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{84145FB8-CA72-4612-9B27-A43A3970D800}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{86444BB3-291D-4D31-A046-BB4AA3243C28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8A23ED2E-BCBF-4412-B199-374A6A7E7EBC}" = lport=137 | protocol=17 | dir=in | app=system |
"{9943CB93-85B9-456F-8DDC-23A2F6610B11}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{AF8150A9-8B4A-4262-900E-D368942052B3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B69C18DF-FACE-4689-8EEB-FC15A1A13385}" = lport=3756 | protocol=17 | dir=in | name=canon capt port |
"{BE10AB93-C4A6-464B-BE93-069E778BFF99}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C232D951-55E7-4D04-9346-F88A07FC0B22}" = lport=137 | protocol=17 | dir=in | app=system |
"{C428A183-FD79-40B5-990D-895328F43AC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CF0676E6-E2EC-438A-9741-7029DEBD00CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E6D9862C-C711-4964-9214-4AD35058822F}" = lport=62704 | protocol=17 | dir=in | name=canon capt port |
"{E75AC0B9-90DC-4DF9-8133-960F21A1273D}" = lport=139 | protocol=6 | dir=in | app=system |
"{E784816F-4C03-404D-B95E-53E30C21E1D7}" = rport=445 | protocol=6 | dir=out | app=system |
"{E978250A-20BB-45FF-8D0D-00F5E7FEA583}" = rport=139 | protocol=6 | dir=out | app=system |
"{F07C1E94-3176-41E8-88EB-BA0570479F46}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F534D21D-02A4-4E48-A237-A3745ED5E6D3}" = rport=137 | protocol=17 | dir=out | app=system |
"{F9C1EEE5-72B7-40C6-BC7C-64E9DF7DEB39}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{003C7A18-60D9-4C89-94D8-DE42C1AA1D76}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{006DA958-164F-4D07-A46B-8262C57B78CA}" = protocol=17 | dir=in | app=c:\program files (x86)\crashplan\crashplanservice.exe |
"{011B238A-1BD5-47AD-81F0-29464D97205F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{02A4D600-582A-4C14-ADFE-C125CF0CB18F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{03362B39-84A0-4EE7-A675-30FED1F580BD}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{06D0208F-94DB-46D3-BFA7-0E3AAD874AA5}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{1016EAF2-D1F7-4DAD-9F0A-969F159888D1}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{110B9A97-29F3-4C6D-B8F3-C5A7989D76A3}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{11FE1907-6203-4A8A-8269-C42BBF293DAE}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{11FE3A96-9441-41B1-B20B-422A7915287F}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{12F4E486-B8BA-4295-99B2-BBA974D78510}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{1415AEE0-4CBC-4B54-9180-2714A7BB7AD1}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{1473D86F-6F04-46A3-9153-CD04272511DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{17273A2A-5344-42E2-B84A-C769E5B0736E}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{1D637F03-6067-40EC-98D3-F73AED7A2ADF}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{1E934E17-0037-41FB-B2FC-7A59FC130DAE}" = protocol=6 | dir=in | app=c:\windows\system32\cnab5rpd.exe |
"{24311495-3C78-459F-875C-5B06DE679A08}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{2568122B-E821-463D-8DDD-220E5D9D46F0}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{29F19F4D-4B63-431E-9073-E7B7B6817BCD}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{2BD9B5FD-5526-4260-A39B-5612C6BA6143}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{2CC8FC33-BA57-4747-8B4F-2889613BE881}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{2E76EF95-CCA8-4297-8C7F-6E0891CBCADC}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{306ECEDA-04C7-4295-B62D-6FE7D5CFA527}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{32DC8E53-A696-4C93-A7B9-72AEAC3FA1CF}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{35728421-BA60-41FD-9DF9-1312CAF5F9B3}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{35F79786-F7D6-4C93-9950-D83FE64DDC3B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{36D9A52A-785C-4004-8B6F-29E49ED1D680}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{37CCE2F8-3F60-4222-9BFD-77893EA8939D}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{38E055E1-F6A0-4644-A3B2-E7464B3AABC6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{3A7A4B3A-9CC1-4FE7-B2E8-3E9114DEEFE7}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{40C7A70A-D410-43C0-9B10-4B02D52F7669}" = protocol=17 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
"{41C55472-E8E8-4648-A2D2-CE731B0A97A5}" = protocol=6 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
"{425AB0F1-B307-4F29-A760-4ACA7472D54F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{44513E08-C767-4405-B251-7D447275EDE2}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{44DAF380-AAC8-4E93-880B-3C7E7A6271D1}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{46D7B946-5AE3-473C-9543-E3AEC7D8A733}" = protocol=6 | dir=in | app=c:\program files (x86)\crashplan\crashplanservice.exe |
"{48313126-5415-499D-8443-85726B0AE96A}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{4849799C-D8E9-4360-8F9A-6B5F2BCC7EA4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{4BC5B1FC-0A9B-4212-BE16-ECCFE6E13274}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{523A79AB-0DD6-4E5B-B5B3-FB96519A2E07}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{55F914DF-4C7F-423F-AAA3-69FF43BDF4FD}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{56E808A1-BFD0-4B79-B567-B9FA848D697F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{57728190-1896-401B-8258-FBE1576EF139}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{5892A2F6-23B6-424E-81DA-A1558794E876}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{58D2DB3D-4797-4622-92EC-5307D9D92841}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{5BBDB9C8-4284-432B-BAC7-2F88CE0CE968}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{5C69E701-CE65-430D-973E-7BF5412D572F}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{5D25A658-6916-4688-B20C-2E38969E8D52}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{5F98041B-1883-4AEA-89F4-FF1012EDBE2D}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{62F27534-2769-4D2F-B42F-E96E62F64F44}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{64272630-9568-4656-BB26-827DCBFAF1FD}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{64FCD6EE-B732-4907-BD49-F31C2834E779}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{65901CFC-D156-4C8F-90EA-C26D256CA195}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6603066F-823D-490F-B822-E641A53244BB}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{689EAF8B-D5D0-4BFE-9388-92F0110669F2}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{68F6992D-6E9D-4F14-88EC-3E0B8BEC7EFF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{699D6C2E-CE4B-48B2-8F0D-7EB3D1690BE5}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{6B8E2289-3569-45F9-BB10-785E441CA6BD}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{6BDC0148-E613-4BBE-88C2-FBDB9EFA9026}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{6E795A06-D51A-4E9F-A326-C6F8DDFD6976}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{6F763DE4-1147-42A9-9803-6A0B3DCE9311}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{70F1C216-4B44-418D-9C27-7B691B7A8CBD}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{713B269E-BF9E-470E-8237-5F279D6F5C24}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{7198E948-2A16-4291-A8D1-A8CEE148287E}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{72CF1D04-31DC-4E81-95F8-249A41A8A5D9}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{7826820F-7052-4765-BD71-2E648BEB582C}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{792D3AAC-BA47-4F9B-A715-4F23B50DB288}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{7CABD9D5-E51C-4CD2-86CD-82F941E7B349}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{7D313B88-B975-47D2-AA93-788CE249CC9B}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{7EBB189F-08CE-414C-88D3-6061FDDF3FE5}" = protocol=17 | dir=in | app=c:\windows\system32\cnab5rpd.exe |
"{82DBF72A-CAE0-41E7-980D-51CA2EE94BFF}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{849740DC-4222-499A-89AF-E0C035F3B92B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{862A9381-0ACA-4327-8C8E-8CCF9F4F9AC3}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{8642AF85-31DC-4BB3-8E9D-1E478C224084}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8946F4E7-94E1-49BC-8DB9-4CE67B384A17}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{8A02BC6D-612E-4CBA-990C-F63443D8BC2F}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{8C311575-BE57-43B0-9146-4F37673E46D9}" = protocol=58 | dir=in | app=system |
"{8C3C142D-4A01-4D9E-9644-2E0F4DFAAA7B}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{912D705C-FDEC-460D-AC7C-FF8C762ACBEA}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{91C7DF13-9FB2-4228-B5C9-8536DFD1B3EB}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{92A2BCD0-A8C8-40F5-8D0E-97FFE0F372DE}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{95DD4AA0-2BE6-4576-8740-56ECBDCB65C1}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{95E4CFD9-AD6F-4D82-916F-592E74D1CABF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{95FB42DD-451A-4553-ACDD-E4A56C96BCEF}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{96458948-9A7F-4A44-A426-FF9FBD674E09}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{9735A037-1396-471B-9BA3-EE760DA93C84}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{9B2A026C-AD01-4315-9A5D-769DACC33167}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{9B6C15C6-0FFE-43B9-9E0F-4AAF7EF98382}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{9C42BF2E-0B51-494B-8A8C-CE73B99CA29B}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{9F6BE705-0926-4C15-8C0E-5B8830A59606}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{A0F25827-F13A-4F0B-9125-5906480E8D24}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{A1032C91-D268-47DA-99B0-848AFA7290CE}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{A28AFE86-8B56-47E1-A237-E1730E3AA04B}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{A2F99E03-DB50-416B-8CE1-A6728A2920C5}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{A40BF473-E19A-4DFA-910C-863767EF7F11}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{A5589677-56C4-46C1-A86B-1F0B5425786F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A8444455-6FB9-4E27-A986-6C86C45F8E97}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{A87B86DD-80E7-4B78-9F6D-82F74DF7F8D1}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{AB3FBA72-52C3-4476-9A38-230DBE05659B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AC3C7AAC-FC28-4282-8D9C-058B35FFEBE9}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{B3426C71-D68D-4C14-83EB-442B28D8CADF}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{B72CD41D-96F4-4AD5-AB2E-E41B60E2A399}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{BAA54629-692A-4E08-8A8C-EFA025DDDC1C}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{BB2D4BE0-5796-4FDC-A427-B6C57FF2F798}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{BBC648E4-AD89-4A24-9607-2F370FBB635E}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{BBEE7150-CE9C-45D2-96DB-59D13307C29D}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{BC7833D1-AE4B-4CAB-BDD5-6EA587E5C763}" = protocol=6 | dir=out | app=system |
"{BD0A71D3-B5E4-4AB8-BCEE-2468B51179EA}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{BF8246BB-6CAC-44E6-950F-A469C4C171C6}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{C00EB358-0A75-4764-AAE0-C53566154842}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{C0E6EEF9-D37C-4B71-9294-0D2C6E9DE95B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{C18FDC6B-5492-4E0A-ABE3-3152CA5D002B}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{C3B33677-9466-476A-9614-28685BC17645}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{C6541B56-33A3-4720-91C0-EF9A977F1FFB}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{CA49C244-C54F-499B-A5AD-243D1B393B63}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{CE103E5F-EF98-49A4-91F0-2B5447094517}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{CE504808-152F-4073-8BB9-0F8E7C4D30C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CE5B8204-725E-4864-BC80-DDE8E6AD77BC}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{CF55F084-7385-49DC-8758-CA92D52F09D1}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{D1B66D31-5508-479E-B06C-ABD17F6EBEE9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{D324686A-0397-40A0-A534-2FF0AD8990F6}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D7CACCEF-8D57-46BA-80D3-A6BF0D0723B5}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{D80AB360-892C-4589-B25F-8C430A152778}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{D9196062-2D6A-4EE0-938B-31473BC5EFF5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{DB3B05B5-66FD-4FF2-A63E-F637667B7144}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{DB6D7180-23D9-4CBB-9BD6-772496B00D16}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{DE7EED6D-46F1-47C0-95BE-C9A619E2CB4B}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{E08D8AB3-6E9B-433A-9DCD-A97644B2E67F}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{E372CB59-D3DF-4698-A35A-DDE814E50A7D}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{E542DAE3-949B-4B7A-9C7B-C181AA742E9B}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{E55E20D7-0981-4A06-98F0-B86D05F7CF67}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E6AEA0E5-270F-4234-A99D-B69D15930FF6}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{E8715BB0-E132-4617-B344-62E03BFE2C1C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E926E57D-011D-4F63-BCC5-FFCFDC28D091}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E9D36503-D420-4CDA-84C3-1B2D1BB4A059}" = protocol=17 | dir=in | app=c:\program files (x86)\escan\trayicos.exe |
"{EAD9561D-4948-4ADB-B5AD-657C50C9694B}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
"{EDF40E6F-5B76-44C2-9815-4BD699D837C0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{EE787823-A9F7-4DF5-9617-D2270E41B375}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\download.exe |
"{EFA98652-B437-42AA-B7D3-EFFD71ED4ECD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F45C638A-0D65-45A2-A257-22B93C46A381}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{F6E19BA7-47BC-4FE4-B16E-EA2F5D1343B8}" = protocol=6 | dir=in | app=c:\program files (x86)\escan\license.exe |
"{F7DCF881-DB9D-4779-8D1C-CCCBAC7C73FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FDCEF3CC-1755-4C3E-8352-50256E957BBE}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\microworld\agent\mwagent.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
Re: virus?
2/2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}" = Windows Live Call
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{08E9C35A-A0AE-43FA-AEA1-E4F58A87FBD1}" = Arcanum
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0E931A51-A183-4E66-8562-D82896E74C67}" = CoolYou Gadget
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{11B83AD3-7A46-4C2E-A568-9505981D4C6F}" = HP Update
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{1C513D14-D7AB-4B44-AA8F-25606CD17290}" = Lotus Challenge PC
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{2208D65A-1BF9-485E-A308-1BA6CADCDC1D}" = Windows Live Movie Maker Beta
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F290582-3F4E-4B96-009C-E0BABAA40C42}" = The Battle for Middle-earth (tm)
"{3F4BA3A2-7BE0-48EA-B4BC-CA4D842A409A}" = Cisco EAP-FAST Module
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{49F5285B-64F9-EB45-1355-4CBD0B715434}" = Coolyou
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4B6B024F-F6D4-4A7B-8ADA-F9F8370320CC}" = SRS Premium Sound
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{567C654B-7FE9-4970-8323-56E8191D1941}" = ASUS FancyStart
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116922920}" = Sky Kingdoms
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8FDC1610-3FB5-4EF2-A0D0-CEDC3A525A25}" = THE SETTLERS - Dědictví králů
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2010
"{90140000-0015-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2010
"{90140000-0016-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2010
"{90140000-0018-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2010
"{90140000-0019-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2010
"{90140000-001A-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2010
"{90140000-001B-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}_Office14.PROPLUS_{2304F942-79D2-46F7-A512-269A7F5B7EFC}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2010
"{90140000-001F-040E-0000-0000000FF1CE}_Office14.PROPLUS_{71431694-851E-4BC7-92A9-4BB9D196E24F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-0000-0000000FF1CE}_Office14.PROPLUS_{A162C5E6-7778-4D5B-9F0A-38F0122DD859}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2010
"{90140000-002C-041B-0000-0000000FF1CE}_Office14.PROPLUS_{93F2D01D-F7E6-46E5-9A7C-316262461F9F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2010
"{90140000-0044-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2010
"{90140000-006E-041B-0000-0000000FF1CE}_Office14.PROPLUS_{56405E5D-9583-4644-B183-AFB3E19D80B3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-041B-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2010
"{90140000-00A1-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-041B-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Slovak) 2010
"{90140000-00BA-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{934B3B19-8193-467A-B356-E73F82647D38}" = Cisco LEAP Module
"{93D81091-3E67-4791-A84E-1F8B339A7B01}" = Tikkurila Colour Planner 2.5
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97A58F57-5F50-4B0E-92BA-D41AF806E1B3}" = Asistent pri prihlasovaní v sieti Windows Live
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{A5CBD7C5-CF16-443F-A4F2-3503C9DE311B}" = ACDSee Photo Manager 12
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.6)
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BAD1449B-DF0C-4118-B76D-68C54009576C}" = Cisco PEAP Module
"{BF91B300-EEBC-4223-96F3-0FCBF7241B50}" = AmIcoSingLun
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{c6922d7f-c698-4d9e-9671-8b3de04d1511}" = DJ_AIO_03_F2200_Software_Min
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D77D43B5-ED55-426b-B67B-E21F804F6102}" = HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials
"{DA41F9E9-B878-467F-95E7-27E4D1943533}" = Multimedia Card Reader
"{db18dc72-cd20-4801-be82-f5d2caeec4d7}" = DJ_AIO_03_F2200_Software
"{DC509FE5-1445-46C9-827C-6120429CB942}" = Windows Live Family Safety
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F73A5B18-EB75-4B2C-B32D-9457576E2417}" = Windows Live Photo Gallery
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-x86 7.0.5.1 WHQL
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"InstallShield_{1C513D14-D7AB-4B44-AA8F-25606CD17290}" = Lotus Challenge PC
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{BF91B300-EEBC-4223-96F3-0FCBF7241B50}" = AmIcoSingLun
"Kubíkovacie tabuľky_is1" = Kubíkovacie tabuľky v 1.16
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 26.0 (x86 sk)" = Mozilla Firefox 26.0 (x86 sk)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Opera 12.16.1860" = Opera 12.16
"RocketDock_is1" = RocketDock 1.3.5
"Shop for HP Supplies" = Shop for HP Supplies
"TC UP" = Total Commander Ultima Prime 5.4.0.0
"The KMPlayer" = The KMPlayer (remove only)
"TVWiz" = Intel(R) TV Wizard
"UltraISO_is1" = UltraISO Premium V9.36
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
"USB Mass Storage Filter Driver" = Multimedia Card Reader
"VLC media player" = VLC media player 1.1.9
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archivátor
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1748391619-1199234601-265589567-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player
"Winamp Detect" = Winamp Detector Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 8. 1. 2014 0:32:00 | Computer Name = Dida-PC | Source = WinMgmt | ID = 10
Description =
Error - 9. 1. 2014 11:13:47 | Computer Name = Dida-PC | Source = WinMgmt | ID = 10
Description =
Error - 9. 1. 2014 12:10:56 | Computer Name = Dida-PC | Source = EventSystem | ID = 4609
Description =
Error - 9. 1. 2014 12:12:17 | Computer Name = Dida-PC | Source = WinMgmt | ID = 10
Description =
Error - 9. 1. 2014 13:55:13 | Computer Name = Dida-PC | Source = Microsoft-Windows-CAPI2 | ID = 131584
Description =
Error - 9. 1. 2014 13:57:34 | Computer Name = Dida-PC | Source = WinMgmt | ID = 10
Description =
Error - 9. 1. 2014 13:59:12 | Computer Name = Dida-PC | Source = WinMgmt | ID = 10
Description =
Error - 9. 1. 2014 14:01:22 | Computer Name = Dida-PC | Source = EventSystem | ID = 4609
Description =
Error - 9. 1. 2014 14:02:43 | Computer Name = Dida-PC | Source = WinMgmt | ID = 10
Description =
Error - 9. 1. 2014 14:22:01 | Computer Name = Dida-PC | Source = WinMgmt | ID = 10
Description =
[ Media Center Events ]
Error - 13. 5. 2013 8:01:54 | Computer Name = Dida-PC | Source = Media Center Guide | ID = 0
Description = Informácie o udalosti: ERROR: SqmApiWrapper.SqmFlushSession failed;
Win32 GetLastError returned 0D Proces: DefaultDomain Názov objektu: Media Center
Guide
[ System Events ]
Error - 11. 1. 2014 17:34:41 | Computer Name = Dida-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 11. 1. 2014 17:35:41 | Computer Name = Dida-PC | Source = DCOM | ID = 10005
Description =
Error - 11. 1. 2014 17:35:48 | Computer Name = Dida-PC | Source = DCOM | ID = 10005
Description =
Error - 11. 1. 2014 17:35:50 | Computer Name = Dida-PC | Source = DCOM | ID = 10005
Description =
Error - 11. 1. 2014 17:35:54 | Computer Name = Dida-PC | Source = DCOM | ID = 10005
Description =
Error - 11. 1. 2014 17:35:56 | Computer Name = Dida-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =
Error - 11. 1. 2014 17:37:06 | Computer Name = Dida-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 11. 1. 2014 17:37:06 | Computer Name = Dida-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 11. 1. 2014 17:40:01 | Computer Name = Dida-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 11. 1. 2014 17:41:02 | Computer Name = Dida-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
< End of report >
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}" = Windows Live Call
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{08E9C35A-A0AE-43FA-AEA1-E4F58A87FBD1}" = Arcanum
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0E931A51-A183-4E66-8562-D82896E74C67}" = CoolYou Gadget
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{11B83AD3-7A46-4C2E-A568-9505981D4C6F}" = HP Update
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{1C513D14-D7AB-4B44-AA8F-25606CD17290}" = Lotus Challenge PC
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{2208D65A-1BF9-485E-A308-1BA6CADCDC1D}" = Windows Live Movie Maker Beta
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F290582-3F4E-4B96-009C-E0BABAA40C42}" = The Battle for Middle-earth (tm)
"{3F4BA3A2-7BE0-48EA-B4BC-CA4D842A409A}" = Cisco EAP-FAST Module
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{49F5285B-64F9-EB45-1355-4CBD0B715434}" = Coolyou
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4B6B024F-F6D4-4A7B-8ADA-F9F8370320CC}" = SRS Premium Sound
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{567C654B-7FE9-4970-8323-56E8191D1941}" = ASUS FancyStart
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116922920}" = Sky Kingdoms
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8FDC1610-3FB5-4EF2-A0D0-CEDC3A525A25}" = THE SETTLERS - Dědictví králů
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2010
"{90140000-0015-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2010
"{90140000-0016-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2010
"{90140000-0018-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2010
"{90140000-0019-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2010
"{90140000-001A-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2010
"{90140000-001B-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}_Office14.PROPLUS_{2304F942-79D2-46F7-A512-269A7F5B7EFC}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2010
"{90140000-001F-040E-0000-0000000FF1CE}_Office14.PROPLUS_{71431694-851E-4BC7-92A9-4BB9D196E24F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-0000-0000000FF1CE}_Office14.PROPLUS_{A162C5E6-7778-4D5B-9F0A-38F0122DD859}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2010
"{90140000-002C-041B-0000-0000000FF1CE}_Office14.PROPLUS_{93F2D01D-F7E6-46E5-9A7C-316262461F9F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2010
"{90140000-0044-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2010
"{90140000-006E-041B-0000-0000000FF1CE}_Office14.PROPLUS_{56405E5D-9583-4644-B183-AFB3E19D80B3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-041B-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2010
"{90140000-00A1-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-041B-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Slovak) 2010
"{90140000-00BA-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{934B3B19-8193-467A-B356-E73F82647D38}" = Cisco LEAP Module
"{93D81091-3E67-4791-A84E-1F8B339A7B01}" = Tikkurila Colour Planner 2.5
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97A58F57-5F50-4B0E-92BA-D41AF806E1B3}" = Asistent pri prihlasovaní v sieti Windows Live
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{A5CBD7C5-CF16-443F-A4F2-3503C9DE311B}" = ACDSee Photo Manager 12
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.6)
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BAD1449B-DF0C-4118-B76D-68C54009576C}" = Cisco PEAP Module
"{BF91B300-EEBC-4223-96F3-0FCBF7241B50}" = AmIcoSingLun
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{c6922d7f-c698-4d9e-9671-8b3de04d1511}" = DJ_AIO_03_F2200_Software_Min
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D77D43B5-ED55-426b-B67B-E21F804F6102}" = HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials
"{DA41F9E9-B878-467F-95E7-27E4D1943533}" = Multimedia Card Reader
"{db18dc72-cd20-4801-be82-f5d2caeec4d7}" = DJ_AIO_03_F2200_Software
"{DC509FE5-1445-46C9-827C-6120429CB942}" = Windows Live Family Safety
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F73A5B18-EB75-4B2C-B32D-9457576E2417}" = Windows Live Photo Gallery
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-x86 7.0.5.1 WHQL
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"InstallShield_{1C513D14-D7AB-4B44-AA8F-25606CD17290}" = Lotus Challenge PC
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{BF91B300-EEBC-4223-96F3-0FCBF7241B50}" = AmIcoSingLun
"Kubíkovacie tabuľky_is1" = Kubíkovacie tabuľky v 1.16
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 26.0 (x86 sk)" = Mozilla Firefox 26.0 (x86 sk)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Opera 12.16.1860" = Opera 12.16
"RocketDock_is1" = RocketDock 1.3.5
"Shop for HP Supplies" = Shop for HP Supplies
"TC UP" = Total Commander Ultima Prime 5.4.0.0
"The KMPlayer" = The KMPlayer (remove only)
"TVWiz" = Intel(R) TV Wizard
"UltraISO_is1" = UltraISO Premium V9.36
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
"USB Mass Storage Filter Driver" = Multimedia Card Reader
"VLC media player" = VLC media player 1.1.9
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archivátor
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1748391619-1199234601-265589567-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player
"Winamp Detect" = Winamp Detector Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 8. 1. 2014 0:32:00 | Computer Name = Dida-PC | Source = WinMgmt | ID = 10
Description =
Error - 9. 1. 2014 11:13:47 | Computer Name = Dida-PC | Source = WinMgmt | ID = 10
Description =
Error - 9. 1. 2014 12:10:56 | Computer Name = Dida-PC | Source = EventSystem | ID = 4609
Description =
Error - 9. 1. 2014 12:12:17 | Computer Name = Dida-PC | Source = WinMgmt | ID = 10
Description =
Error - 9. 1. 2014 13:55:13 | Computer Name = Dida-PC | Source = Microsoft-Windows-CAPI2 | ID = 131584
Description =
Error - 9. 1. 2014 13:57:34 | Computer Name = Dida-PC | Source = WinMgmt | ID = 10
Description =
Error - 9. 1. 2014 13:59:12 | Computer Name = Dida-PC | Source = WinMgmt | ID = 10
Description =
Error - 9. 1. 2014 14:01:22 | Computer Name = Dida-PC | Source = EventSystem | ID = 4609
Description =
Error - 9. 1. 2014 14:02:43 | Computer Name = Dida-PC | Source = WinMgmt | ID = 10
Description =
Error - 9. 1. 2014 14:22:01 | Computer Name = Dida-PC | Source = WinMgmt | ID = 10
Description =
[ Media Center Events ]
Error - 13. 5. 2013 8:01:54 | Computer Name = Dida-PC | Source = Media Center Guide | ID = 0
Description = Informácie o udalosti: ERROR: SqmApiWrapper.SqmFlushSession failed;
Win32 GetLastError returned 0D Proces: DefaultDomain Názov objektu: Media Center
Guide
[ System Events ]
Error - 11. 1. 2014 17:34:41 | Computer Name = Dida-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 11. 1. 2014 17:35:41 | Computer Name = Dida-PC | Source = DCOM | ID = 10005
Description =
Error - 11. 1. 2014 17:35:48 | Computer Name = Dida-PC | Source = DCOM | ID = 10005
Description =
Error - 11. 1. 2014 17:35:50 | Computer Name = Dida-PC | Source = DCOM | ID = 10005
Description =
Error - 11. 1. 2014 17:35:54 | Computer Name = Dida-PC | Source = DCOM | ID = 10005
Description =
Error - 11. 1. 2014 17:35:56 | Computer Name = Dida-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =
Error - 11. 1. 2014 17:37:06 | Computer Name = Dida-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 11. 1. 2014 17:37:06 | Computer Name = Dida-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 11. 1. 2014 17:40:01 | Computer Name = Dida-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 11. 1. 2014 17:41:02 | Computer Name = Dida-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
< End of report >
Re: virus?
Ten antivir nainstalovat nesel? 
Znovu spustte OTL jako spravceDo spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)
Kód: Vybrat vše
:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]
:services
AdobeARMservice
AdobeFlashPlayerUpdateSvc
trufos
eRootDrv
:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\rundll16.exe
C:\Windows\logo1_.exe
C:\ProgramData\Avira
C:\ProgramData\Kaspersky Lab Setup Files
C:\Windows\System32\drivers\trufos.sys
C:\Windows\System32\drivers\eRootDrv.sys
:otl
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1748391619-1199234601-265589567-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
File not found (No name found) -- C:\USERS\DIDA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6JNAX4F7.DEFAULT\EXTENSIONS\{C4A4F5A0-4B89-4392-AFAC-D58010E349AF}.XPI
File not found (No name found) -- C:\USERS\DIDA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6JNAX4F7.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI
File not found (No name found) -- C:\USERS\DIDA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6JNAX4F7.DEFAULT\EXTENSIONS\{FB03E2DD-24F9-EC9D-03B1-8B5B4738179C}
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
[2014/01/11 22:42:30 | 000,343,456 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\trufos.sys.bak
[2014/01/10 20:56:03 | 000,028,136 | ---- | C] (MicroWorld Technologies Inc.) -- C:\Windows\System32\drivers\eRootDrv.sys
[2014/01/10 20:32:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2014/01/10 20:24:33 | 221,425,472 | ---- | C] (Kaspersky Lab) -- C:\Users\Dida\Documents\kav14.0.0.4651en_5447_trial.exe
[1 C:\Users\Dida\Desktop\*.tmp files -> C:\Users\Dida\Desktop\*.tmp -> ]
[8 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> ]
[1 C:\Windows\twain_32\*.tmp files -> C:\Windows\twain_32\*.tmp -> ]
[2012/06/03 14:50:48 | 000,002,430 | ---- | M] () -- \Windows\System32\Tasks\AutoKMS
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:AC0FFFAF
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:88BFF41D
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:D1B5B4F1
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=-
Po restartu se objevi novy log, ten sem dejte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: virus?
aha pardon ja som si v rychlosti nevsimla ze mam stiahnut navast ja som sla rovno na OTL. tak mam instalovat avast a potom toto co ste mi teraz napisali ci to otl co som robila predtym?
Re: virus?
Ted provedte krok s OTL, tedy to co jsem napsal ted naposled. Po restartu pocitace sem dejte log co na vas vyskoci a zkuste nainstalovat Avast, pripadne jiny antivir, pokud vam Avast nevyhovuje. No a napiste, zda se to povedlo.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: virus?
ked sa zrestartoval tak nabehla svetlosiva obrazovka a nic viac, neviem ci som urobila dobre ale znovu som ho zrestartovala, nabehol normalne ale log mi nevyskocil. tak teraz neviem kde ho najdem, a avast som este nenainstalovala mam to urobit teraz?
Re: virus?
Mozna po tom restartu jeste program pracoval 
Log by mel byt zde C:\_OTL\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)
Zkuste ten Avast
Log by mel byt zde C:\_OTL\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)
Zkuste ten Avast
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: virus?
ok vdaka tu je log
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Dida
->Temp folder emptied: 1745135 bytes
->Temporary Internet Files folder emptied: 44627 bytes
->Java cache emptied: 15825592 bytes
->FireFox cache emptied: 75166439 bytes
->Opera cache emptied: 28731394 bytes
->Flash cache emptied: 621 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 130936 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 116,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Dida
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service trufos stopped successfully!
Service trufos deleted successfully!
Service eRootDrv stopped successfully!
Service eRootDrv deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\rundll16.exe folder moved successfully.
C:\Windows\logo1_.exe folder moved successfully.
C:\ProgramData\Avira folder moved successfully.
C:\ProgramData\Kaspersky Lab Setup Files\KAV14.0.0.4651.0.1412.0\slideshow folder moved successfully.
C:\ProgramData\Kaspersky Lab Setup Files\KAV14.0.0.4651.0.1412.0 folder moved successfully.
C:\ProgramData\Kaspersky Lab Setup Files folder moved successfully.
C:\Windows\System32\drivers\trufos.sys moved successfully.
C:\Windows\System32\drivers\eRootDrv.sys moved successfully.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1748391619-1199234601-265589567-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ not found.
File C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
File C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
File C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll not found.
C:\Windows\System32\drivers\trufos.sys.bak moved successfully.
File C:\Windows\System32\drivers\eRootDrv.sys not found.
Folder C:\ProgramData\Kaspersky Lab Setup Files\ not found.
C:\Users\Dida\Documents\kav14.0.0.4651en_5447_trial.exe moved successfully.
C:\Users\Dida\Desktop\~WRL0003.tmp deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2DF2.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5C42.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP672D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP81A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP96C3.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPCC91.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE752.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEEF0.tmp folder deleted successfully.
C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt455A.tmp deleted successfully.
C:\Windows\twain_32\hpqgnds2.tmp deleted successfully.
File move failed. \Windows\System32\Tasks\AutoKMS scheduled to be moved on reboot.
ADS C:\ProgramData\Temp:AC0FFFAF deleted successfully.
ADS C:\ProgramData\Temp:88BFF41D deleted successfully.
ADS C:\ProgramData\Temp:D1B5B4F1 deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update deleted successfully.
OTL by OldTimer - Version 3.2.69.0 log created on 01122014_112728
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Dida
->Temp folder emptied: 1745135 bytes
->Temporary Internet Files folder emptied: 44627 bytes
->Java cache emptied: 15825592 bytes
->FireFox cache emptied: 75166439 bytes
->Opera cache emptied: 28731394 bytes
->Flash cache emptied: 621 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 130936 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 116,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Dida
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service trufos stopped successfully!
Service trufos deleted successfully!
Service eRootDrv stopped successfully!
Service eRootDrv deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\rundll16.exe folder moved successfully.
C:\Windows\logo1_.exe folder moved successfully.
C:\ProgramData\Avira folder moved successfully.
C:\ProgramData\Kaspersky Lab Setup Files\KAV14.0.0.4651.0.1412.0\slideshow folder moved successfully.
C:\ProgramData\Kaspersky Lab Setup Files\KAV14.0.0.4651.0.1412.0 folder moved successfully.
C:\ProgramData\Kaspersky Lab Setup Files folder moved successfully.
C:\Windows\System32\drivers\trufos.sys moved successfully.
C:\Windows\System32\drivers\eRootDrv.sys moved successfully.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1748391619-1199234601-265589567-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ not found.
File C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
File C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
File C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll not found.
C:\Windows\System32\drivers\trufos.sys.bak moved successfully.
File C:\Windows\System32\drivers\eRootDrv.sys not found.
Folder C:\ProgramData\Kaspersky Lab Setup Files\ not found.
C:\Users\Dida\Documents\kav14.0.0.4651en_5447_trial.exe moved successfully.
C:\Users\Dida\Desktop\~WRL0003.tmp deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2DF2.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5C42.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP672D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP81A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP96C3.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPCC91.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE752.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEEF0.tmp folder deleted successfully.
C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt455A.tmp deleted successfully.
C:\Windows\twain_32\hpqgnds2.tmp deleted successfully.
File move failed. \Windows\System32\Tasks\AutoKMS scheduled to be moved on reboot.
ADS C:\ProgramData\Temp:AC0FFFAF deleted successfully.
ADS C:\ProgramData\Temp:88BFF41D deleted successfully.
ADS C:\ProgramData\Temp:D1B5B4F1 deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update deleted successfully.
OTL by OldTimer - Version 3.2.69.0 log created on 01122014_112728
Re: virus?
Ten log z OTL je v poradku. Sel nainstalovat ten antivir?
Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)
Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.
Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.
Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat
Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak napiste, jak je na tom pc.
Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce) Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat. vyosek píše:
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.
Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustteKliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat
Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
Defragmentujte disk(y)Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak napiste, jak je na tom pc.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: virus?
ano isiel
idem na to
dakujem
idem na to
dakujem
Re: virus?
To je dobre znamenialanida2 píše:ano isiel
Tak smele do toho
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: virus?
premenovala som combofix a spustila ho ale neodinstaloval sa namiesto otoho znovu zoscanoval PC mam aj log. co s tym?
mam pokracovat u dalsich programov?
mam pokracovat u dalsich programov?
Re: virus?
No kdyz uz ten log je, dejte mi ho sem.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: virus?
tu je
ComboFix 14-01-08.03 - Dida . 01. 2014 12:04:38.5.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.421.1051.18.3036.1595 [GMT 1:00]
Running from: c:\users\Dida\Documents\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2013-12-12 to 2014-01-12 )))))))))))))))))))))))))))))))
.
.
2014-01-12 11:15 . 2014-01-12 11:15 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-01-12 11:15 . 2014-01-12 11:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-12 10:57 . 2014-01-12 10:57 -------- d-----w- c:\users\Dida\AppData\Roaming\AVAST Software
2014-01-12 10:53 . 2014-01-12 10:53 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2014-01-12 10:53 . 2014-01-12 10:53 180248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-01-12 10:53 . 2014-01-12 10:53 775952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-01-12 10:53 . 2014-01-12 10:53 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-01-12 10:53 . 2014-01-12 10:53 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2014-01-12 10:53 . 2014-01-12 10:53 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-01-12 10:53 . 2014-01-12 10:53 410528 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-01-12 10:53 . 2014-01-12 10:53 270240 ----a-w- c:\windows\system32\aswBoot.exe
2014-01-12 10:53 . 2014-01-12 10:53 43152 ----a-w- c:\windows\avastSS.scr
2014-01-12 10:50 . 2014-01-12 10:50 -------- d-----w- c:\program files\AVAST Software
2014-01-12 10:27 . 2014-01-12 10:27 -------- d-----w- C:\_OTL
2014-01-12 09:19 . 2014-01-12 09:19 512 ----a-w- C:\PhysicalMBR.bin
2014-01-11 22:06 . 2014-01-12 08:04 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-01-11 22:06 . 2014-01-11 22:06 104664 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-01-11 22:04 . 2014-01-11 22:04 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-01-11 19:50 . 2014-01-11 21:29 -------- d-----w- C:\AdwCleaner
2014-01-10 21:57 . 2014-01-12 09:02 -------- d-----w- c:\program files\trend micro
2014-01-10 21:57 . 2014-01-10 21:59 -------- d-----w- C:\rsit
2014-01-10 19:13 . 2014-01-12 10:49 -------- d-----w- c:\programdata\AVAST Software
2014-01-10 16:15 . 2014-01-10 19:44 -------- d-----w- C:\OETemp
2014-01-08 16:23 . 2014-01-08 16:27 -------- d-----w- c:\users\Dida\AppData\Local\Adrvworks
2014-01-08 16:20 . 2014-01-08 17:09 -------- d-----w- c:\programdata\lVlXn373
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-12 10:31 . 2009-07-27 16:50 45056 ----a-w- c:\windows\system32\acovcnt.exe
2014-01-12 10:31 . 2009-07-27 15:21 17408 ----a-w- c:\windows\system32\rpcnetp.exe
2014-01-12 10:31 . 2011-08-08 13:50 58288 ----a-w- c:\windows\system32\rpcnet.dll
2014-01-11 21:56 . 2014-01-11 21:42 194048 ----a-w- c:\windows\system32\drivers\yk60x86.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 83328 ----a-w- c:\windows\system32\drivers\WUDFRd.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 51200 ----a-w- c:\windows\system32\drivers\WUDFPf.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 40448 ----a-w- c:\windows\system32\drivers\WpdUsb.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 17976 ----a-w- c:\windows\system32\drivers\wmilib.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 15872 ----a-w- c:\windows\system32\drivers\ws2ifsl.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 11264 ----a-w- c:\windows\system32\drivers\wmiacpi.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 131000 ----a-w- c:\windows\system32\drivers\WimFltr.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 503864 ----a-w- c:\windows\system32\drivers\Wdf01000.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 35896 ----a-w- c:\windows\system32\drivers\WdfLdr.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 11520 ----a-w- c:\windows\system32\drivers\wdcsam.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 62464 ----a-w- c:\windows\system32\drivers\wanarp.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 33280 ----a-w- c:\windows\system32\drivers\watchdog.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 22072 ----a-w- c:\windows\system32\drivers\wd.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 20608 ----a-w- c:\windows\system32\drivers\wacompen.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 130616 ----a-w- c:\windows\system32\drivers\vsmraid.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 52792 ----a-w- c:\windows\system32\drivers\volmgr.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 292840 ----a-w- c:\windows\system32\drivers\volmgrx.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 226280 ----a-w- c:\windows\system32\drivers\volsnap.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 110080 ----a-w- c:\windows\system32\drivers\videoprt.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 20024 ----a-w- c:\windows\system32\drivers\viaide.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 984064 ----a-w- c:\windows\system32\drivers\viahduaa.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 56888 ----a-w- c:\windows\system32\drivers\VIAAGP.SYS.bak
2014-01-11 21:56 . 2014-01-11 21:42 41472 ----a-w- c:\windows\system32\drivers\viac7.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 26112 ----a-w- c:\windows\system32\drivers\vgapnp.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 25088 ----a-w- c:\windows\system32\drivers\vga.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 24680 ----a-w- c:\windows\system32\drivers\vd_filedisk.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 134016 ----a-w- c:\windows\system32\drivers\usbvideo.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 65536 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS.bak
2014-01-11 21:56 . 2014-01-11 21:42 35328 ----a-w- c:\windows\system32\drivers\usbscan.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 23552 ----a-w- c:\windows\system32\drivers\usbuhci.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 18944 ----a-w- c:\windows\system32\drivers\usbprint.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 226304 ----a-w- c:\windows\system32\drivers\usbport.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 19456 ----a-w- c:\windows\system32\drivers\usbohci.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 196096 ----a-w- c:\windows\system32\drivers\usbhub.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 73216 ----a-w- c:\windows\system32\drivers\usbccgp.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 68608 ----a-w- c:\windows\system32\drivers\usbcir.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 5888 ----a-w- c:\windows\system32\drivers\usbd.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 39936 ----a-w- c:\windows\system32\drivers\usbehci.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 25856 ----a-w- c:\windows\system32\drivers\USBCAMD2.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 25856 ----a-w- c:\windows\system32\drivers\USBCAMD.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 7680 ----a-w- c:\windows\system32\drivers\umpass.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 34816 ----a-w- c:\windows\system32\drivers\umbus.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 98408 ----a-w- c:\windows\system32\drivers\ulsata.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 60984 ----a-w- c:\windows\system32\drivers\ULIAGPKX.SYS.bak
2014-01-11 21:56 . 2014-01-11 21:42 238648 ----a-w- c:\windows\system32\drivers\uliahci.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 115816 ----a-w- c:\windows\system32\drivers\ulsata2.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 226816 ----a-w- c:\windows\system32\drivers\udfs.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 59448 ----a-w- c:\windows\system32\drivers\UAGP35.SYS.bak
2014-01-11 21:56 . 2014-01-11 21:42 23040 ----a-w- c:\windows\system32\drivers\tunnel.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 23552 ----a-w- c:\windows\system32\drivers\tssecsrv.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS.bak
2014-01-11 21:56 . 2014-01-11 21:42 72192 ----a-w- c:\windows\system32\drivers\tdx.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 53224 ----a-w- c:\windows\system32\drivers\termdd.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 29184 ----a-w- c:\windows\system32\drivers\tdtcp.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 17920 ----a-w- c:\windows\system32\drivers\tdpipe.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 20992 ----a-w- c:\windows\system32\drivers\tdi.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 34920 ----a-w- c:\windows\system32\drivers\sym_u3.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 31848 ----a-w- c:\windows\system32\drivers\sym_hi.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 24576 ----a-w- c:\windows\system32\drivers\tape.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 35944 ----a-w- c:\windows\system32\drivers\symc8xx.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 52992 ----a-w- c:\windows\system32\drivers\stream.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 15288 ----a-w- c:\windows\system32\drivers\swenum.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 122344 ----a-w- c:\windows\system32\drivers\Storport.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 5632 ----a-w- c:\windows\system32\drivers\StarOpen.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 146432 ----a-w- c:\windows\system32\drivers\srv2.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 305152 ----a-w- c:\windows\system32\drivers\srv.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 684032 ----a-w- c:\windows\system32\drivers\spsys.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 230952 ----a-w- c:\windows\system32\drivers\SRS_PremiumSound_i386.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 21048 ----a-w- c:\windows\system32\drivers\spldr.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 28672 ----a-w- c:\windows\system32\drivers\sncduvc.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 1752704 ----a-w- c:\windows\system32\drivers\snp2uvc.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 74808 ----a-w- c:\windows\system32\drivers\sisraid4.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 66560 ----a-w- c:\windows\system32\drivers\smb.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 17408 ----a-w- c:\windows\system32\drivers\smclib.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 1010560 ----a-w- c:\windows\system32\drivers\smserial.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 41016 ----a-w- c:\windows\system32\drivers\sisraid2.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 55864 ----a-w- c:\windows\system32\drivers\SISAGP.SYS.bak
2014-01-11 21:55 . 2014-01-11 21:42 19968 ----a-w- c:\windows\system32\drivers\sermouse.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 13312 ----a-w- c:\windows\system32\drivers\sfloppy.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 13312 ----a-w- c:\windows\system32\drivers\sffdisk.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 12288 ----a-w- c:\windows\system32\drivers\sffp_mmc.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 11776 ----a-w- c:\windows\system32\drivers\sffp_sd.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 83456 ----a-w- c:\windows\system32\drivers\serial.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 20480 ----a-w- c:\windows\system32\drivers\secdrv.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 17920 ----a-w- c:\windows\system32\drivers\serenum.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 88576 ----a-w- c:\windows\system32\drivers\sdbus.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 142904 ----a-w- c:\windows\system32\drivers\scsiport.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 8192 ----a-w- c:\windows\system32\drivers\rootmdm.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 76392 ----a-w- c:\windows\system32\drivers\sbp2port.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 60416 ----a-w- c:\windows\system32\drivers\rspndr.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys.bak
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-01-12 10:53 259464 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Adrvworks"="regsvr32.exe" [2006-11-02 14336]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-19 104936]
"P2Go_Menu"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-03-23 17149952]
"AmIcoSinglun"="c:\program files\AmIcoSingLun\AmIcoSinglun.exe" [2008-09-30 237568]
"HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2008-08-18 98304]
"ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2009-03-04 8392704]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2008-12-29 159744]
"ADSMTray"="c:\program files\ASUS\ASUS Data Security Manager\ADSMTray.exe" [2008-04-01 266240]
"ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2008-10-01 851968]
"Wireless Console 3"="c:\program files\ASUS\Wireless Console 3\wcourier.exe" [2009-02-06 1593344]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2009-07-27 3054136]
"ASUS Camera ScreenSaver"="c:\windows\AsScrProlog.exe" [2009-07-27 47672]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-03-06 424352]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-01-12 3764024]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableVirtualization"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\rpcnet]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1748391619-1199234601-265589567-1000]
"EnableNotificationsRef"=dword:00000001
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ASWMONFLT
*NewlyCreated* - ASWRDR
*NewlyCreated* - ASWSNX
*NewlyCreated* - ASWSP
*NewlyCreated* - ASWTDI
*NewlyCreated* - ASWVMM
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-01-12 10:56 1210320 ----a-w- c:\program files\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-01-12 10:53]
.
2014-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-01-12 10:53]
.
.
------- Supplementary Scan -------
.
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Dida\AppData\Roaming\Mozilla\Firefox\Profiles\6jnax4f7.default\
FF - prefs.js: browser.startup.homepage -
FF - ExtSQL: !HIDDEN! 1970-05-29 12:51; {0165D79E-ECB2-45ED-70EF-9E1A7E09C3D2}; -
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-{49F5285B-64F9-EB45-1355-4CBD0B715434} - c:\programdata\Coolyou\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-01-12 12:15
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\VDeck\VDeck.exe -r???????????????????????????????????????????????
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TrueSight]
"ImagePath"="\??\"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(704)
c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT.dll
.
- - - - - - - > 'Explorer.exe'(5556)
c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
Completion time: 2014-01-12 12:22:52
ComboFix-quarantined-files.txt 2014-01-12 11:22
ComboFix2.txt 2014-01-11 19:31
ComboFix3.txt 2014-01-10 23:47
ComboFix4.txt 2012-10-28 19:12
ComboFix5.txt 2014-01-12 11:03
.
Pre-Run: 39 936 327 680 bytes free
Post-Run: 39 792 439 296 bytes free
.
- - End Of File - - 56635A46AD5792CF5D4A6E00FA4BE305
64B1E91C5C6C2157642651010728F90F
ComboFix 14-01-08.03 - Dida . 01. 2014 12:04:38.5.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.421.1051.18.3036.1595 [GMT 1:00]
Running from: c:\users\Dida\Documents\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2013-12-12 to 2014-01-12 )))))))))))))))))))))))))))))))
.
.
2014-01-12 11:15 . 2014-01-12 11:15 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-01-12 11:15 . 2014-01-12 11:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-12 10:57 . 2014-01-12 10:57 -------- d-----w- c:\users\Dida\AppData\Roaming\AVAST Software
2014-01-12 10:53 . 2014-01-12 10:53 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2014-01-12 10:53 . 2014-01-12 10:53 180248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-01-12 10:53 . 2014-01-12 10:53 775952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-01-12 10:53 . 2014-01-12 10:53 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-01-12 10:53 . 2014-01-12 10:53 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2014-01-12 10:53 . 2014-01-12 10:53 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-01-12 10:53 . 2014-01-12 10:53 410528 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-01-12 10:53 . 2014-01-12 10:53 270240 ----a-w- c:\windows\system32\aswBoot.exe
2014-01-12 10:53 . 2014-01-12 10:53 43152 ----a-w- c:\windows\avastSS.scr
2014-01-12 10:50 . 2014-01-12 10:50 -------- d-----w- c:\program files\AVAST Software
2014-01-12 10:27 . 2014-01-12 10:27 -------- d-----w- C:\_OTL
2014-01-12 09:19 . 2014-01-12 09:19 512 ----a-w- C:\PhysicalMBR.bin
2014-01-11 22:06 . 2014-01-12 08:04 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-01-11 22:06 . 2014-01-11 22:06 104664 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-01-11 22:04 . 2014-01-11 22:04 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-01-11 19:50 . 2014-01-11 21:29 -------- d-----w- C:\AdwCleaner
2014-01-10 21:57 . 2014-01-12 09:02 -------- d-----w- c:\program files\trend micro
2014-01-10 21:57 . 2014-01-10 21:59 -------- d-----w- C:\rsit
2014-01-10 19:13 . 2014-01-12 10:49 -------- d-----w- c:\programdata\AVAST Software
2014-01-10 16:15 . 2014-01-10 19:44 -------- d-----w- C:\OETemp
2014-01-08 16:23 . 2014-01-08 16:27 -------- d-----w- c:\users\Dida\AppData\Local\Adrvworks
2014-01-08 16:20 . 2014-01-08 17:09 -------- d-----w- c:\programdata\lVlXn373
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-12 10:31 . 2009-07-27 16:50 45056 ----a-w- c:\windows\system32\acovcnt.exe
2014-01-12 10:31 . 2009-07-27 15:21 17408 ----a-w- c:\windows\system32\rpcnetp.exe
2014-01-12 10:31 . 2011-08-08 13:50 58288 ----a-w- c:\windows\system32\rpcnet.dll
2014-01-11 21:56 . 2014-01-11 21:42 194048 ----a-w- c:\windows\system32\drivers\yk60x86.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 83328 ----a-w- c:\windows\system32\drivers\WUDFRd.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 51200 ----a-w- c:\windows\system32\drivers\WUDFPf.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 40448 ----a-w- c:\windows\system32\drivers\WpdUsb.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 17976 ----a-w- c:\windows\system32\drivers\wmilib.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 15872 ----a-w- c:\windows\system32\drivers\ws2ifsl.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 11264 ----a-w- c:\windows\system32\drivers\wmiacpi.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 131000 ----a-w- c:\windows\system32\drivers\WimFltr.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 503864 ----a-w- c:\windows\system32\drivers\Wdf01000.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 35896 ----a-w- c:\windows\system32\drivers\WdfLdr.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 11520 ----a-w- c:\windows\system32\drivers\wdcsam.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 62464 ----a-w- c:\windows\system32\drivers\wanarp.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 33280 ----a-w- c:\windows\system32\drivers\watchdog.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 22072 ----a-w- c:\windows\system32\drivers\wd.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 20608 ----a-w- c:\windows\system32\drivers\wacompen.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 130616 ----a-w- c:\windows\system32\drivers\vsmraid.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 52792 ----a-w- c:\windows\system32\drivers\volmgr.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 292840 ----a-w- c:\windows\system32\drivers\volmgrx.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 226280 ----a-w- c:\windows\system32\drivers\volsnap.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 110080 ----a-w- c:\windows\system32\drivers\videoprt.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 20024 ----a-w- c:\windows\system32\drivers\viaide.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 984064 ----a-w- c:\windows\system32\drivers\viahduaa.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 56888 ----a-w- c:\windows\system32\drivers\VIAAGP.SYS.bak
2014-01-11 21:56 . 2014-01-11 21:42 41472 ----a-w- c:\windows\system32\drivers\viac7.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 26112 ----a-w- c:\windows\system32\drivers\vgapnp.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 25088 ----a-w- c:\windows\system32\drivers\vga.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 24680 ----a-w- c:\windows\system32\drivers\vd_filedisk.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 134016 ----a-w- c:\windows\system32\drivers\usbvideo.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 65536 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS.bak
2014-01-11 21:56 . 2014-01-11 21:42 35328 ----a-w- c:\windows\system32\drivers\usbscan.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 23552 ----a-w- c:\windows\system32\drivers\usbuhci.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 18944 ----a-w- c:\windows\system32\drivers\usbprint.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 226304 ----a-w- c:\windows\system32\drivers\usbport.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 19456 ----a-w- c:\windows\system32\drivers\usbohci.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 196096 ----a-w- c:\windows\system32\drivers\usbhub.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 73216 ----a-w- c:\windows\system32\drivers\usbccgp.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 68608 ----a-w- c:\windows\system32\drivers\usbcir.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 5888 ----a-w- c:\windows\system32\drivers\usbd.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 39936 ----a-w- c:\windows\system32\drivers\usbehci.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 25856 ----a-w- c:\windows\system32\drivers\USBCAMD2.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 25856 ----a-w- c:\windows\system32\drivers\USBCAMD.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 7680 ----a-w- c:\windows\system32\drivers\umpass.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 34816 ----a-w- c:\windows\system32\drivers\umbus.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 98408 ----a-w- c:\windows\system32\drivers\ulsata.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 60984 ----a-w- c:\windows\system32\drivers\ULIAGPKX.SYS.bak
2014-01-11 21:56 . 2014-01-11 21:42 238648 ----a-w- c:\windows\system32\drivers\uliahci.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 115816 ----a-w- c:\windows\system32\drivers\ulsata2.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 226816 ----a-w- c:\windows\system32\drivers\udfs.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 59448 ----a-w- c:\windows\system32\drivers\UAGP35.SYS.bak
2014-01-11 21:56 . 2014-01-11 21:42 23040 ----a-w- c:\windows\system32\drivers\tunnel.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 23552 ----a-w- c:\windows\system32\drivers\tssecsrv.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS.bak
2014-01-11 21:56 . 2014-01-11 21:42 72192 ----a-w- c:\windows\system32\drivers\tdx.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 53224 ----a-w- c:\windows\system32\drivers\termdd.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 29184 ----a-w- c:\windows\system32\drivers\tdtcp.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 17920 ----a-w- c:\windows\system32\drivers\tdpipe.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 20992 ----a-w- c:\windows\system32\drivers\tdi.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 34920 ----a-w- c:\windows\system32\drivers\sym_u3.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 31848 ----a-w- c:\windows\system32\drivers\sym_hi.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 24576 ----a-w- c:\windows\system32\drivers\tape.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 35944 ----a-w- c:\windows\system32\drivers\symc8xx.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 52992 ----a-w- c:\windows\system32\drivers\stream.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 15288 ----a-w- c:\windows\system32\drivers\swenum.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 122344 ----a-w- c:\windows\system32\drivers\Storport.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 5632 ----a-w- c:\windows\system32\drivers\StarOpen.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 146432 ----a-w- c:\windows\system32\drivers\srv2.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 305152 ----a-w- c:\windows\system32\drivers\srv.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 684032 ----a-w- c:\windows\system32\drivers\spsys.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 230952 ----a-w- c:\windows\system32\drivers\SRS_PremiumSound_i386.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 21048 ----a-w- c:\windows\system32\drivers\spldr.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 28672 ----a-w- c:\windows\system32\drivers\sncduvc.sys.bak
2014-01-11 21:56 . 2014-01-11 21:42 1752704 ----a-w- c:\windows\system32\drivers\snp2uvc.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 74808 ----a-w- c:\windows\system32\drivers\sisraid4.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 66560 ----a-w- c:\windows\system32\drivers\smb.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 17408 ----a-w- c:\windows\system32\drivers\smclib.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 1010560 ----a-w- c:\windows\system32\drivers\smserial.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 41016 ----a-w- c:\windows\system32\drivers\sisraid2.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 55864 ----a-w- c:\windows\system32\drivers\SISAGP.SYS.bak
2014-01-11 21:55 . 2014-01-11 21:42 19968 ----a-w- c:\windows\system32\drivers\sermouse.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 13312 ----a-w- c:\windows\system32\drivers\sfloppy.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 13312 ----a-w- c:\windows\system32\drivers\sffdisk.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 12288 ----a-w- c:\windows\system32\drivers\sffp_mmc.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 11776 ----a-w- c:\windows\system32\drivers\sffp_sd.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 83456 ----a-w- c:\windows\system32\drivers\serial.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 20480 ----a-w- c:\windows\system32\drivers\secdrv.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 17920 ----a-w- c:\windows\system32\drivers\serenum.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 88576 ----a-w- c:\windows\system32\drivers\sdbus.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 142904 ----a-w- c:\windows\system32\drivers\scsiport.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 8192 ----a-w- c:\windows\system32\drivers\rootmdm.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 76392 ----a-w- c:\windows\system32\drivers\sbp2port.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 60416 ----a-w- c:\windows\system32\drivers\rspndr.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys.bak
2014-01-11 21:55 . 2014-01-11 21:42 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys.bak
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-01-12 10:53 259464 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Adrvworks"="regsvr32.exe" [2006-11-02 14336]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-19 104936]
"P2Go_Menu"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-03-23 17149952]
"AmIcoSinglun"="c:\program files\AmIcoSingLun\AmIcoSinglun.exe" [2008-09-30 237568]
"HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2008-08-18 98304]
"ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2009-03-04 8392704]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2008-12-29 159744]
"ADSMTray"="c:\program files\ASUS\ASUS Data Security Manager\ADSMTray.exe" [2008-04-01 266240]
"ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2008-10-01 851968]
"Wireless Console 3"="c:\program files\ASUS\Wireless Console 3\wcourier.exe" [2009-02-06 1593344]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2009-07-27 3054136]
"ASUS Camera ScreenSaver"="c:\windows\AsScrProlog.exe" [2009-07-27 47672]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-03-06 424352]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-01-12 3764024]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableVirtualization"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\rpcnet]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1748391619-1199234601-265589567-1000]
"EnableNotificationsRef"=dword:00000001
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ASWMONFLT
*NewlyCreated* - ASWRDR
*NewlyCreated* - ASWSNX
*NewlyCreated* - ASWSP
*NewlyCreated* - ASWTDI
*NewlyCreated* - ASWVMM
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-01-12 10:56 1210320 ----a-w- c:\program files\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-01-12 10:53]
.
2014-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-01-12 10:53]
.
.
------- Supplementary Scan -------
.
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Dida\AppData\Roaming\Mozilla\Firefox\Profiles\6jnax4f7.default\
FF - prefs.js: browser.startup.homepage -
FF - ExtSQL: !HIDDEN! 1970-05-29 12:51; {0165D79E-ECB2-45ED-70EF-9E1A7E09C3D2}; -
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-{49F5285B-64F9-EB45-1355-4CBD0B715434} - c:\programdata\Coolyou\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-01-12 12:15
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\VDeck\VDeck.exe -r???????????????????????????????????????????????
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TrueSight]
"ImagePath"="\??\"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(704)
c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT.dll
.
- - - - - - - > 'Explorer.exe'(5556)
c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
Completion time: 2014-01-12 12:22:52
ComboFix-quarantined-files.txt 2014-01-12 11:22
ComboFix2.txt 2014-01-11 19:31
ComboFix3.txt 2014-01-10 23:47
ComboFix4.txt 2012-10-28 19:12
ComboFix5.txt 2014-01-12 11:03
.
Pre-Run: 39 936 327 680 bytes free
Post-Run: 39 792 439 296 bytes free
.
- - End Of File - - 56635A46AD5792CF5D4A6E00FA4BE305
64B1E91C5C6C2157642651010728F90F
Přispějete na provoz fóra?