
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o preventívnu kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Prosím o preventívnu kontrolu
Zdravím.
Prosím o preventívnu kontrolu
Logfile of random's system information tool 1.09 (written by random/random)
Run by Andrej at 2014-01-25 12:37:38
Microsoft Windows 7 Ultimate
System drive C: has 135 GB (87%) free of 155 GB
Total RAM: 3063 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:37:48, on 25. 1. 2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Siemens\WinCC\bin\CCUCSurrogate.exe
C:\Program Files\TechSmith\Snagit 9\Snagit32.exe
C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\TechSmith\Snagit 9\TSCHelp.exe
C:\Program Files\TechSmith\Snagit 9\SnagPriv.exe
C:\Program Files\TechSmith\Snagit 9\snagiteditor.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Andrej\Downloads\RSIT.exe
C:\Program Files\trend micro\Andrej.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: maucampo - {5d7d4fb9-aca5-4013-8879-c58dcd4df9f1} - C:\Program Files\maucampo\maucampobho.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [CCUCSurrogate.exe] C:\Program Files\Siemens\WinCC\bin\CCUCSurrogate.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Andrej\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Snagit 9.lnk = C:\Program Files\TechSmith\Snagit 9\Snagit32.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Automation License Manager Service (almservice) - SIEMENS AG - C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: CCAgent - SIEMENS AG - C:\Program Files\Common Files\Siemens\ACE\bin\CCAgent.exe
O23 - Service: SIMATIC WinCC CCAlgIAlarmDataCollector (CCAlgIAlarmDataCollector) - SIEMENS AG - C:\Program Files\Siemens\WinCC\bin\CCAlgIAlarmDataCollector.exe
O23 - Service: SIMATIC WinCC CCAlgRtServer (CCAlgRtServer) - SIEMENS AG - C:\Program Files\Siemens\WinCC\bin\CcAlgRtServer.exe
O23 - Service: CCArchiveManagerService - SIEMENS AG - C:\Program Files\Common Files\Siemens\CommonArchiving\CCArchiveManager.exe
O23 - Service: SIMATIC WinCC CCCSigRTServer (CCCSigRTServer) - SIEMENS AG - C:\Program Files\Siemens\WinCC\bin\CCCSigRTServer.exe
O23 - Service: CCDBUtils - SIEMENS AG - C:\Program Files\Common Files\Siemens\CommonArchiving\CCDBUtils.exe
O23 - Service: SIMATIC WinCC CCDeltaLoader (CCDeltaLoader) - SIEMENS AG - C:\Program Files\Siemens\WinCC\bin\CCDeltaLoader.exe
O23 - Service: CCEClient - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe
O23 - Service: CCEServer - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe
O23 - Service: SIMATIC WinCC CCLBMRTServer (CCLBMRTServer) - SIEMENS AG - C:\Program Files\Siemens\WinCC\bin\CCLBMRTServer.exe
O23 - Service: SIMATIC WinCC License Service (CCLicenseService) - SIEMENS AG - C:\Program Files\Common Files\Siemens\bin\CCLicenseService.exe
O23 - Service: SIMATIC WinCC CCNSInfo2Provider (CCNSInfo2Provider) - SIEMENS AG - C:\Program Files\Siemens\WinCC\bin\CCNSInfo2Provider.exe
O23 - Service: CCOPC.UAWrapper - SIEMENS AG - C:\Program Files\Siemens\WinCC\opc\UAWrapper\DA2UA.exe
O23 - Service: CCOPC.XMLWrapper - SIEMENS AG - C:\Program Files\Siemens\WinCC\opc\XMLDataAccess\bin\DA2XML.exe
O23 - Service: SIMATIC WinCC CCPackageMgr (CCPackageMgr) - SIEMENS AG - C:\Program Files\Siemens\WinCC\bin\CCPackageMgr.exe
O23 - Service: CCPerfMon - SIEMENS AG - C:\Program Files\Common Files\Siemens\bin\CCPerfMon.exe
O23 - Service: SIMATIC WinCC CCProfileServer (CCProfileServer) - SIEMENS AG - C:\Program Files\Siemens\WinCC\bin\CCProfileServer.exe
O23 - Service: SIMATIC WinCC CCProjectMgr (CCProjectMgr) - SIEMENS AG - C:\Program Files\Siemens\WinCC\bin\CCProjectMgr.exe
O23 - Service: SIMATIC WinCC CCPtmRTServer (CCPtmRTServer) - SIEMENS AG - C:\Program Files\Siemens\WinCC\bin\CCPtmRTServer.exe
O23 - Service: CCRedundancyAgent-Service - SIEMENS AG - C:\Program Files\Common Files\Siemens\CommonArchiving\CCRedundancyAgent.exe
O23 - Service: SIMATIC WinCC Data Manager (CCRtsLoader) - SIEMENS AG - C:\Program Files\Siemens\WinCC\bin\CCRtsLoader.exe
O23 - Service: SIMATIC WinCC CCSsmRTServer (CCSsmRTServer) - SIEMENS AG - C:\Program Files\Siemens\WinCC\bin\CCSsmRTServer.exe
O23 - Service: SIMATIC WinCC TextServer (CCTextServer) - SIEMENS AG - C:\Program Files\Siemens\WinCC\bin\CCTextServer.exe
O23 - Service: SIMATIC WinCC CCTlgServer (CCTlgServer) - SIEMENS AG - C:\Program Files\Siemens\WinCC\bin\CCTlgServer.exe
O23 - Service: SIMATIC WinCC CCTMTimeSyncServer (CCTMTimeSyncServer) - SIEMENS AG - C:\Program Files\Siemens\WinCC\bin\CCTMTimeSyncServer.exe
O23 - Service: SIMATIC WinCC CCUsrAcv (CCUsrAcv) - SIEMENS AG - C:\Program Files\Siemens\WinCC\bin\CCUsrAcv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
O23 - Service: OpcEnum - OPC Foundation - C:\Windows\system32\OpcEnum.exe
O23 - Service: RedundancyControl - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe
O23 - Service: RedundancyState - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\RedundancyState.exe
O23 - Service: SIMATIC IEPG Help Service (s7oiehsx) - SIEMENS AG - C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
O23 - Service: S7TraceServiceX - SIEMENS AG - C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe
O23 - Service: SCSFsX - SIEMENS AG - C:\Program Files\Common Files\Siemens\ACE\bin\SCSFsX.exe
O23 - Service: SCSMonitor - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe
O23 - Service: Update maucampo - Unknown owner - C:\Program Files\maucampo\updatemaucampo.exe
O23 - Service: Util maucampo - Unknown owner - C:\Program Files\maucampo\bin\utilmaucampo.exe
O23 - Service: XR_CCOPC.UAWrapper - SIEMENS AG - C:\Program Files\Siemens\WinCC\opc\UAWrapper\CCRT2UA.exe
O23 - Service: XR_CCOPC.XMLWrapper - SIEMENS AG - C:\Program Files\Siemens\WinCC\opc\XMLDataAccess\bin\CCRT2XML.exe
--
End of file - 8926 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default
prefs.js - "browser.startup.homepage" - "www.google.sk"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.43 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll
C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll [2009-10-15 68936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5d7d4fb9-aca5-4013-8879-c58dcd4df9f1}]
maucampo - C:\Program Files\maucampo\maucampobho.dll [2014-01-16 249624]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-12 1138536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - Snagit - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll [2009-10-15 211272]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-12 1138536]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-01-12 3764024]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"CCUCSurrogate.exe"=C:\Program Files\Siemens\WinCC\bin\CCUCSurrogate.exe [2011-11-23 243200]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"cz.seznam.software.autoupdate"=C:\Users\Andrej\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Snagit 9.lnk - C:\Program Files\TechSmith\Snagit 9\Snagit32.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-01-25 12:37:38 ----D---- C:\rsit
2014-01-25 12:37:38 ----D---- C:\Program Files\trend micro
2014-01-25 11:22:04 ----D---- C:\Users\Andrej\AppData\Roaming\vlc
2014-01-25 11:21:40 ----D---- C:\Program Files\VideoLAN
2014-01-24 21:03:26 ----D---- C:\Users\Andrej\AppData\Roaming\Nitro
2014-01-24 21:03:26 ----D---- C:\Users\Andrej\AppData\Roaming\FileOpen
2014-01-24 21:03:26 ----D---- C:\ProgramData\FileOpen
2014-01-24 21:03:13 ----A---- C:\Windows\system32\nitrolocalui2.dll
2014-01-24 21:03:13 ----A---- C:\Windows\system32\nitrolocalmon2.dll
2014-01-24 21:03:06 ----D---- C:\ProgramData\Nitro
2014-01-24 21:03:06 ----D---- C:\Program Files\Nitro
2014-01-24 21:03:06 ----D---- C:\Program Files\Common Files\Nitro
2014-01-24 21:01:14 ----D---- C:\Users\Andrej\AppData\Roaming\Downloaded Installations
2014-01-22 20:21:55 ----D---- C:\Users\Andrej\AppData\Roaming\Siemens
2014-01-22 20:21:10 ----A---- C:\Windows\ODBC.INI
2014-01-22 20:15:09 ----A---- C:\Windows\winhlp32.exe
2014-01-22 20:15:09 ----A---- C:\Windows\system32\ftsrch.dll
2014-01-22 20:15:09 ----A---- C:\Windows\system32\ftlx041e.dll
2014-01-22 20:15:09 ----A---- C:\Windows\system32\ftlx0411.dll
2014-01-22 20:14:30 ----D---- C:\Program Files\WINCC
2014-01-22 20:10:01 ----A---- C:\Windows\PDLSERV.INI
2014-01-22 20:00:07 ----D---- C:\Program Files\Siemens
2014-01-22 20:00:07 ----D---- C:\Program Files\Common Files\Siemens
2014-01-22 19:39:49 ----D---- C:\Program Files\Microsoft Analysis Services
2014-01-22 19:39:31 ----D---- C:\Program Files\Microsoft.NET
2014-01-22 19:39:31 ----D---- C:\Program Files\Microsoft Office
2014-01-22 19:38:58 ----D---- C:\Windows\PCHEALTH
2014-01-22 19:38:39 ----D---- C:\Program Files\Microsoft SQL Server
2014-01-22 19:38:37 ----D---- C:\Program Files\Common Files\Merge Modules
2014-01-22 19:38:30 ----D---- C:\Program Files\OPC Foundation
2014-01-22 19:38:30 ----D---- C:\Program Files\Common Files\OPC Foundation
2014-01-22 19:38:04 ----D---- C:\Program Files\Common Files\Designer
2014-01-22 19:31:54 ----D---- C:\Windows\system32\msmq
2014-01-22 19:24:00 ----D---- C:\ProgramData\Siemens
2014-01-20 20:17:26 ----D---- C:\Users\Andrej\AppData\Roaming\Malwarebytes
2014-01-20 20:17:12 ----D---- C:\ProgramData\Malwarebytes
2014-01-20 20:17:11 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2014-01-20 20:17:11 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-01-20 19:51:16 ----D---- C:\ProgramData\Microsoft Help
2014-01-20 19:50:24 ----RHD---- C:\MSOCache
2014-01-20 19:45:41 ----D---- C:\Program Files\maucampo
2014-01-20 19:45:24 ----D---- C:\Program Files\Seznam.cz
2014-01-20 19:44:40 ----D---- C:\Users\Andrej\AppData\Roaming\Seznam.cz
2014-01-20 19:33:11 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2014-01-20 19:33:07 ----D---- C:\Users\Andrej\AppData\Roaming\DAEMON Tools Lite
2014-01-20 19:33:05 ----D---- C:\Program Files\DAEMON Tools Lite
2014-01-20 19:32:30 ----D---- C:\ProgramData\DAEMON Tools Lite
2014-01-19 20:50:22 ----D---- C:\Users\Andrej\AppData\Roaming\Macromedia
2014-01-19 20:50:22 ----D---- C:\Users\Andrej\AppData\Roaming\Adobe
2014-01-19 20:33:42 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-01-19 20:33:40 ----D---- C:\Windows\system32\Macromed
2014-01-12 21:14:45 ----D---- C:\Users\Andrej\AppData\Roaming\AVAST Software
2014-01-12 21:09:40 ----D---- C:\Program Files\Google
2014-01-12 21:09:34 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-01-12 21:09:34 ----A---- C:\Windows\system32\drivers\aswstm.sys
2014-01-12 21:09:33 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2014-01-12 21:09:32 ----A---- C:\Windows\system32\drivers\aswSP.sys
2014-01-12 21:09:32 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-01-12 21:09:32 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-01-12 21:09:31 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-01-12 21:09:29 ----A---- C:\Windows\system32\aswBoot.exe
2014-01-12 21:09:28 ----A---- C:\Windows\avastSS.scr
2014-01-12 21:09:12 ----D---- C:\Program Files\AVAST Software
2014-01-12 21:08:41 ----D---- C:\ProgramData\AVAST Software
2014-01-12 20:52:45 ----N---- C:\Windows\system32\MpSigStub.exe
2014-01-12 20:35:28 ----D---- C:\Users\Andrej\AppData\Roaming\Mozilla
2014-01-12 20:35:18 ----D---- C:\ProgramData\Mozilla
2014-01-12 20:35:18 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-01-12 20:35:17 ----D---- C:\Program Files\Mozilla Firefox
2014-01-12 20:13:03 ----A---- C:\Windows\system32\drivers\athr.sys
2014-01-12 20:13:02 ----D---- C:\Users\Andrej\AppData\Roaming\InstallShield
2014-01-12 20:13:02 ----D---- C:\temp
2014-01-12 20:13:02 ----D---- C:\Program Files\Lenovo
2014-01-12 19:31:42 ----D---- C:\Program Files\Realtek
2014-01-12 19:31:42 ----A---- C:\Windows\system32\RTNUninst32.dll
2014-01-12 19:31:42 ----A---- C:\Windows\system32\RtNicProp32.dll
2014-01-12 19:31:42 ----A---- C:\Windows\system32\drivers\Rt86win7.sys
2014-01-12 19:31:41 ----HD---- C:\Program Files\InstallShield Installation Information
2014-01-12 19:28:59 ----D---- C:\Drivers
2014-01-12 13:51:40 ----D---- C:\Program Files\AIMP2
2014-01-12 13:27:33 ----D---- C:\ProgramData\7. Realtek LAN Driver
2014-01-12 13:21:47 ----D---- C:\ProgramData\TechSmith
2014-01-12 13:21:46 ----D---- C:\Program Files\TechSmith
2014-01-12 13:20:36 ----SHD---- C:\Windows\Installer
2014-01-12 13:20:01 ----D---- C:\Users\Andrej\AppData\Roaming\WinRAR
2014-01-12 13:19:44 ----D---- C:\Program Files\WinRAR
2014-01-12 13:17:52 ----D---- C:\Users\Andrej\AppData\Roaming\GHISLER
2014-01-12 13:17:52 ----D---- C:\Program Files\totalcmd
2014-01-12 13:17:52 ----A---- C:\Windows\UC.PIF
2014-01-12 13:17:52 ----A---- C:\Windows\RAR.PIF
2014-01-12 13:17:52 ----A---- C:\Windows\PKZIP.PIF
2014-01-12 13:17:52 ----A---- C:\Windows\PKUNZIP.PIF
2014-01-12 13:17:52 ----A---- C:\Windows\NOCLOSE.PIF
2014-01-12 13:17:52 ----A---- C:\Windows\LHA.PIF
2014-01-12 13:17:52 ----A---- C:\Windows\ARJ.PIF
2014-01-12 13:08:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-01-12 13:05:06 ----D---- C:\Users\Andrej\AppData\Roaming\Identities
2014-01-12 13:04:57 ----SD---- C:\Users\Andrej\AppData\Roaming\Microsoft
2014-01-12 13:04:57 ----D---- C:\Users\Andrej\AppData\Roaming\Media Center Programs
2014-01-12 13:04:47 ----SHD---- C:\Recovery
2014-01-12 13:04:47 ----SHD---- C:\ProgramData\Šablony
2014-01-12 13:04:47 ----SHD---- C:\ProgramData\Plocha
2014-01-12 13:04:47 ----SHD---- C:\ProgramData\Oblíbené položky
2014-01-12 13:04:47 ----SHD---- C:\ProgramData\Nabídka Start
2014-01-12 13:04:47 ----SHD---- C:\ProgramData\Dokumenty
2014-01-12 13:04:47 ----SHD---- C:\ProgramData\Data aplikací
2014-01-12 12:54:06 ----D---- C:\Windows\SoftwareDistribution
2014-01-12 12:51:33 ----D---- C:\Windows\Prefetch
2014-01-12 12:51:18 ----ASH---- C:\pagefile.sys
2014-01-12 12:51:15 ----SHD---- C:\System Volume Information
2014-01-12 12:51:15 ----ASH---- C:\hiberfil.sys
2014-01-12 12:50:47 ----D---- C:\Windows\Panther
======List of files/folders modified in the last 1 month======
2014-01-25 12:37:44 ----D---- C:\Windows\Temp
2014-01-25 12:37:38 ----RD---- C:\Program Files
2014-01-25 10:09:15 ----D---- C:\Windows\System32
2014-01-25 10:09:15 ----D---- C:\Windows\inf
2014-01-24 21:03:26 ----HD---- C:\ProgramData
2014-01-24 21:03:06 ----D---- C:\Program Files\Common Files
2014-01-22 20:21:16 ----D---- C:\Windows
2014-01-22 20:15:20 ----D---- C:\Windows\winsxs
2014-01-22 20:15:18 ----D---- C:\Windows\system32\cs-CZ
2014-01-22 20:15:18 ----D---- C:\Windows\cs-CZ
2014-01-22 20:15:16 ----D---- C:\Windows\system32\catroot
2014-01-22 20:14:57 ----D---- C:\Windows\system32\config
2014-01-22 20:14:54 ----D---- C:\Windows\Logs
2014-01-22 20:09:35 ----D---- C:\Windows\Setup
2014-01-22 20:08:52 ----D---- C:\Windows\system32\DriverStore
2014-01-22 20:08:27 ----D---- C:\Windows\system32\drivers
2014-01-22 20:03:58 ----RSD---- C:\Windows\assembly
2014-01-22 20:03:31 ----RSD---- C:\Windows\Fonts
2014-01-22 19:47:33 ----SD---- C:\ProgramData\Microsoft
2014-01-22 19:46:21 ----D---- C:\Program Files\Common Files\microsoft shared
2014-01-22 19:41:55 ----D---- C:\Windows\Registration
2014-01-22 19:35:55 ----D---- C:\Windows\security
2014-01-20 19:50:22 ----D---- C:\Windows\system32\catroot2
2014-01-19 20:33:43 ----D---- C:\Windows\Tasks
2014-01-19 20:33:43 ----D---- C:\Windows\system32\Tasks
2014-01-19 12:36:18 ----D---- C:\Windows\system32\wdi
2014-01-12 19:29:49 ----D---- C:\Windows\system32\NDF
2014-01-12 13:44:01 ----D---- C:\Windows\Microsoft.NET
2014-01-12 13:26:50 ----D---- C:\Windows\system32\drivers\UMDF
2014-01-12 13:21:22 ----D---- C:\Windows\system32\restore
2014-01-12 13:08:27 ----D---- C:\Windows\system32\wbem
2014-01-12 13:05:04 ----SHD---- C:\$Recycle.Bin
2014-01-12 13:04:54 ----D---- C:\Windows\system32\CodeIntegrity
2014-01-12 13:04:52 ----RD---- C:\Users
2014-01-12 13:04:47 ----D---- C:\Program Files\Windows NT
2014-01-12 13:04:31 ----D---- C:\Windows\rescache
2014-01-12 13:04:03 ----D---- C:\Windows\debug
2014-01-12 12:53:53 ----D---- C:\Windows\system32\sysprep
2014-01-12 12:51:59 ----D---- C:\Windows\CSC
2014-01-12 12:50:21 ----D---- C:\Windows\system32\oobe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-01-12 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-01-12 180248]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2014-01-12 79720]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2014-01-12 775952]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2014-01-12 410528]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 dpmconv;SIMATIC NET DP Driver; C:\Windows\system32\DRIVERS\dpmconv32.sys [2011-04-19 288256]
R1 DPMTRCDD;SIMATIC NET Softnet Trace Driver; C:\Windows\system32\DRIVERS\DPMTRCDD32.sys [2010-03-22 72248]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-01-20 243128]
R1 vsnl2ada;SIMATIC NET FDL Driver; C:\Windows\system32\DRIVERS\vsnl2ada32.sys [2011-04-19 140288]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2014-01-12 67824]
R2 s7ousbu32x;SIMATIC USB Service; C:\Windows\system32\DRIVERS\s7ousbu32x.sys [2011-09-29 641280]
R2 s7sn2srtx;PROFINET IO RT-Protocol V2.0; C:\Windows\system32\DRIVERS\s7sn2srtx.sys [2011-06-16 63104]
R2 SNTIE;SIMATIC Industrial Ethernet (ISO); C:\Windows\system32\DRIVERS\sntie.sys [2011-10-11 343888]
R3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2014-01-12 64168]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-11-06 1227776]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
R3 MQAC;@mqutil.dll,-6101; C:\Windows\system32\drivers\mqac.sys [2009-07-14 141824]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-08-21 189440]
R3 S7odpx2x32;SIMATIC Knotentaufe; C:\Windows\System32\Drivers\S7odpx2x32.sys [2011-05-06 87552]
R3 S7otranx32;SIMATIC Transport; C:\Windows\System32\Drivers\S7otranx32.sys [2011-05-06 521216]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 almservice;Automation License Manager Service; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe [2011-12-11 1138312]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-01-12 50344]
R2 CCAgent;CCAgent; C:\Program Files\Common Files\Siemens\ACE\bin\CCAgent.exe [2011-11-14 363008]
R2 CCDBUtils;CCDBUtils; C:\Program Files\Common Files\Siemens\CommonArchiving\CCDBUtils.exe [2011-11-23 98304]
R2 CCEServer;CCEServer; C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe [2011-11-14 245248]
R2 CCProjectMgr;SIMATIC WinCC CCProjectMgr; C:\Program Files\Siemens\WinCC\bin\CCProjectMgr.exe [2011-11-23 1464832]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MsDtsServer;SQL Server Integration Services; C:\Program Files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe [2010-12-10 202592]
R2 MSMQ;@mqutil.dll,-6102; C:\Windows\system32\mqsvc.exe [2009-07-14 8704]
R2 MSSQL$WINCC;SQL Server (WINCC); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
R2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3; C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [2013-07-26 196624]
R2 s7oiehsx;SIMATIC IEPG Help Service; C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe [2011-11-04 412808]
R2 S7TraceServiceX;S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe [2011-11-04 556168]
R2 SCSMonitor;SCSMonitor; C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe [2011-11-14 163328]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880]
R2 Update maucampo;Update maucampo; C:\Program Files\maucampo\updatemaucampo.exe [2014-01-16 97048]
R2 Util maucampo;Util maucampo; C:\Program Files\maucampo\bin\utilmaucampo.exe [2014-01-20 97048]
R3 CCEClient;CCEClient; C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe [2011-11-14 264704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-19 257928]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 CCAlgIAlarmDataCollector;SIMATIC WinCC CCAlgIAlarmDataCollector; C:\Program Files\Siemens\WinCC\bin\CCAlgIAlarmDataCollector.exe [2011-11-23 361984]
S3 CCAlgRtServer;SIMATIC WinCC CCAlgRtServer; C:\Program Files\Siemens\WinCC\bin\CcAlgRtServer.exe [2011-11-23 119808]
S3 CCArchiveManagerService;CCArchiveManagerService; C:\Program Files\Common Files\Siemens\CommonArchiving\CCArchiveManager.exe [2011-11-23 757760]
S3 CCCSigRTServer;SIMATIC WinCC CCCSigRTServer; C:\Program Files\Siemens\WinCC\bin\CCCSigRTServer.exe [2011-11-23 436736]
S3 CCDeltaLoader;SIMATIC WinCC CCDeltaLoader; C:\Program Files\Siemens\WinCC\bin\CCDeltaLoader.exe [2011-11-23 757760]
S3 CCLBMRTServer;SIMATIC WinCC CCLBMRTServer; C:\Program Files\Siemens\WinCC\bin\CCLBMRTServer.exe [2011-11-23 195072]
S3 CCLicenseService;SIMATIC WinCC License Service; C:\Program Files\Common Files\Siemens\bin\CCLicenseService.exe [2011-11-23 489472]
S3 CCNSInfo2Provider;SIMATIC WinCC CCNSInfo2Provider; C:\Program Files\Siemens\WinCC\bin\CCNSInfo2Provider.exe [2011-11-23 646144]
S3 CCOPC.UAWrapper;CCOPC.UAWrapper; C:\Program Files\Siemens\WinCC\opc\UAWrapper\DA2UA.exe [2011-11-23 344064]
S3 CCOPC.XMLWrapper;CCOPC.XMLWrapper; C:\Program Files\Siemens\WinCC\opc\XMLDataAccess\bin\DA2XML.exe [2011-11-23 344064]
S3 CCPackageMgr;SIMATIC WinCC CCPackageMgr; C:\Program Files\Siemens\WinCC\bin\CCPackageMgr.exe [2011-11-23 450560]
S3 CCPerfMon;CCPerfMon; C:\Program Files\Common Files\Siemens\bin\CCPerfMon.exe [2011-11-10 716288]
S3 CCProfileServer;SIMATIC WinCC CCProfileServer; C:\Program Files\Siemens\WinCC\bin\CCProfileServer.exe [2011-11-23 72192]
S3 CCPtmRTServer;SIMATIC WinCC CCPtmRTServer; C:\Program Files\Siemens\WinCC\bin\CCPtmRTServer.exe [2011-11-23 331776]
S3 CCRedundancyAgent-Service;CCRedundancyAgent-Service; C:\Program Files\Common Files\Siemens\CommonArchiving\CCRedundancyAgent.exe [2011-11-23 856064]
S3 CCRtsLoader;SIMATIC WinCC Data Manager; C:\Program Files\Siemens\WinCC\bin\CCRtsLoader.exe [2011-11-23 100352]
S3 CCSsmRTServer;SIMATIC WinCC CCSsmRTServer; C:\Program Files\Siemens\WinCC\bin\CCSsmRTServer.exe [2011-11-23 332800]
S3 CCTextServer;SIMATIC WinCC TextServer; C:\Program Files\Siemens\WinCC\bin\CCTextServer.exe [2011-11-23 372224]
S3 CCTlgServer;SIMATIC WinCC CCTlgServer; C:\Program Files\Siemens\WinCC\bin\CCTlgServer.exe [2011-11-23 91648]
S3 CCTMTimeSyncServer;SIMATIC WinCC CCTMTimeSyncServer; C:\Program Files\Siemens\WinCC\bin\CCTMTimeSyncServer.exe [2011-11-23 299520]
S3 CCUsrAcv;SIMATIC WinCC CCUsrAcv; C:\Program Files\Siemens\WinCC\bin\CCUsrAcv.exe [2011-11-23 1311232]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-05 119408]
S3 OpcEnum;OpcEnum; C:\Windows\system32\OpcEnum.exe [2009-02-05 139488]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 RedundancyControl;RedundancyControl; C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe [2011-11-14 486400]
S3 RedundancyState;RedundancyState; C:\Program Files\Common Files\Siemens\ace\bin\RedundancyState.exe [2011-11-14 198144]
S3 SCSFsX;SCSFsX; C:\Program Files\Common Files\Siemens\ACE\bin\SCSFsX.exe [2011-11-14 101888]
S3 SQLAgent$WINCC;SQL Server Agent (WINCC); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE [2010-12-10 346976]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 XR_CCOPC.UAWrapper;XR_CCOPC.UAWrapper; C:\Program Files\Siemens\WinCC\opc\UAWrapper\CCRT2UA.exe [2011-11-23 188416]
S3 XR_CCOPC.XMLWrapper;XR_CCOPC.XMLWrapper; C:\Program Files\Siemens\WinCC\opc\XMLDataAccess\bin\CCRT2XML.exe [2011-11-23 188416]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 OPCServer.WinCC;OPCServer.WinCC; C:\Program Files\Siemens\WinCC\OPC\DataAccess\bin\sopcsrvrwincc.exe [2011-11-23 348160]
S4 OPCServerAE.WinCC;OPCServerAE.WinCC; C:\Program Files\Siemens\WinCC\OPC\AlarmEvent\bin\sopcaesrvrwincc.exe [2011-11-23 261632]
S4 OPCServerHDA.WinCC;OPCServerHDA.WinCC; C:\Program Files\Siemens\WinCC\OPC\HistDataAccess\bin\sopchdasrvrwincc.exe [2011-11-23 346112]
-----------------EOF-----------------
Prosím o preventívnu kontrolu
Logfile of random's system information tool 1.09 (written by random/random)
Run by Andrej at 2014-01-25 12:37:38
Microsoft Windows 7 Ultimate
System drive C: has 135 GB (87%) free of 155 GB
Total RAM: 3063 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:37:48, on 25. 1. 2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Siemens\WinCC\bin\CCUCSurrogate.exe
C:\Program Files\TechSmith\Snagit 9\Snagit32.exe
C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\TechSmith\Snagit 9\TSCHelp.exe
C:\Program Files\TechSmith\Snagit 9\SnagPriv.exe
C:\Program Files\TechSmith\Snagit 9\snagiteditor.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Andrej\Downloads\RSIT.exe
C:\Program Files\trend micro\Andrej.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: maucampo - {5d7d4fb9-aca5-4013-8879-c58dcd4df9f1} - C:\Program Files\maucampo\maucampobho.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [CCUCSurrogate.exe] C:\Program Files\Siemens\WinCC\bin\CCUCSurrogate.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Andrej\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Snagit 9.lnk = C:\Program Files\TechSmith\Snagit 9\Snagit32.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Automation License Manager Service (almservice) - SIEMENS AG - C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: CCAgent - SIEMENS AG - C:\Program Files\Common Files\Siemens\ACE\bin\CCAgent.exe
O23 - Service: SIMATIC WinCC CCAlgIAlarmDataCollector (CCAlgIAlarmDataCollector) - SIEMENS AG - C:\Program Files\Siemens\WinCC\bin\CCAlgIAlarmDataCollector.exe
O23 - Service: SIMATIC WinCC CCAlgRtServer (CCAlgRtServer) - SIEMENS AG - C:\Program Files\Siemens\WinCC\bin\CcAlgRtServer.exe
O23 - Service: CCArchiveManagerService - SIEMENS AG - C:\Program Files\Common Files\Siemens\CommonArchiving\CCArchiveManager.exe
O23 - Service: SIMATIC WinCC CCCSigRTServer (CCCSigRTServer) - SIEMENS AG - C:\Program Files\Siemens\WinCC\bin\CCCSigRTServer.exe
O23 - Service: CCDBUtils - SIEMENS AG - C:\Program Files\Common Files\Siemens\CommonArchiving\CCDBUtils.exe
O23 - Service: SIMATIC WinCC CCDeltaLoader (CCDeltaLoader) - SIEMENS AG - C:\Program Files\Siemens\WinCC\bin\CCDeltaLoader.exe
O23 - Service: CCEClient - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe
O23 - Service: CCEServer - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe
O23 - Service: SIMATIC WinCC CCLBMRTServer (CCLBMRTServer) - SIEMENS AG - C:\Program Files\Siemens\WinCC\bin\CCLBMRTServer.exe
O23 - Service: SIMATIC WinCC License Service (CCLicenseService) - SIEMENS AG - C:\Program Files\Common Files\Siemens\bin\CCLicenseService.exe
O23 - Service: SIMATIC WinCC CCNSInfo2Provider (CCNSInfo2Provider) - SIEMENS AG - C:\Program Files\Siemens\WinCC\bin\CCNSInfo2Provider.exe
O23 - Service: CCOPC.UAWrapper - SIEMENS AG - C:\Program Files\Siemens\WinCC\opc\UAWrapper\DA2UA.exe
O23 - Service: CCOPC.XMLWrapper - SIEMENS AG - C:\Program Files\Siemens\WinCC\opc\XMLDataAccess\bin\DA2XML.exe
O23 - Service: SIMATIC WinCC CCPackageMgr (CCPackageMgr) - SIEMENS AG - C:\Program Files\Siemens\WinCC\bin\CCPackageMgr.exe
O23 - Service: CCPerfMon - SIEMENS AG - C:\Program Files\Common Files\Siemens\bin\CCPerfMon.exe
O23 - Service: SIMATIC WinCC CCProfileServer (CCProfileServer) - SIEMENS AG - C:\Program Files\Siemens\WinCC\bin\CCProfileServer.exe
O23 - Service: SIMATIC WinCC CCProjectMgr (CCProjectMgr) - SIEMENS AG - C:\Program Files\Siemens\WinCC\bin\CCProjectMgr.exe
O23 - Service: SIMATIC WinCC CCPtmRTServer (CCPtmRTServer) - SIEMENS AG - C:\Program Files\Siemens\WinCC\bin\CCPtmRTServer.exe
O23 - Service: CCRedundancyAgent-Service - SIEMENS AG - C:\Program Files\Common Files\Siemens\CommonArchiving\CCRedundancyAgent.exe
O23 - Service: SIMATIC WinCC Data Manager (CCRtsLoader) - SIEMENS AG - C:\Program Files\Siemens\WinCC\bin\CCRtsLoader.exe
O23 - Service: SIMATIC WinCC CCSsmRTServer (CCSsmRTServer) - SIEMENS AG - C:\Program Files\Siemens\WinCC\bin\CCSsmRTServer.exe
O23 - Service: SIMATIC WinCC TextServer (CCTextServer) - SIEMENS AG - C:\Program Files\Siemens\WinCC\bin\CCTextServer.exe
O23 - Service: SIMATIC WinCC CCTlgServer (CCTlgServer) - SIEMENS AG - C:\Program Files\Siemens\WinCC\bin\CCTlgServer.exe
O23 - Service: SIMATIC WinCC CCTMTimeSyncServer (CCTMTimeSyncServer) - SIEMENS AG - C:\Program Files\Siemens\WinCC\bin\CCTMTimeSyncServer.exe
O23 - Service: SIMATIC WinCC CCUsrAcv (CCUsrAcv) - SIEMENS AG - C:\Program Files\Siemens\WinCC\bin\CCUsrAcv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
O23 - Service: OpcEnum - OPC Foundation - C:\Windows\system32\OpcEnum.exe
O23 - Service: RedundancyControl - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe
O23 - Service: RedundancyState - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\RedundancyState.exe
O23 - Service: SIMATIC IEPG Help Service (s7oiehsx) - SIEMENS AG - C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
O23 - Service: S7TraceServiceX - SIEMENS AG - C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe
O23 - Service: SCSFsX - SIEMENS AG - C:\Program Files\Common Files\Siemens\ACE\bin\SCSFsX.exe
O23 - Service: SCSMonitor - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe
O23 - Service: Update maucampo - Unknown owner - C:\Program Files\maucampo\updatemaucampo.exe
O23 - Service: Util maucampo - Unknown owner - C:\Program Files\maucampo\bin\utilmaucampo.exe
O23 - Service: XR_CCOPC.UAWrapper - SIEMENS AG - C:\Program Files\Siemens\WinCC\opc\UAWrapper\CCRT2UA.exe
O23 - Service: XR_CCOPC.XMLWrapper - SIEMENS AG - C:\Program Files\Siemens\WinCC\opc\XMLDataAccess\bin\CCRT2XML.exe
--
End of file - 8926 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default
prefs.js - "browser.startup.homepage" - "www.google.sk"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.43 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll
C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll [2009-10-15 68936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5d7d4fb9-aca5-4013-8879-c58dcd4df9f1}]
maucampo - C:\Program Files\maucampo\maucampobho.dll [2014-01-16 249624]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-12 1138536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - Snagit - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll [2009-10-15 211272]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-12 1138536]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-01-12 3764024]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"CCUCSurrogate.exe"=C:\Program Files\Siemens\WinCC\bin\CCUCSurrogate.exe [2011-11-23 243200]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"cz.seznam.software.autoupdate"=C:\Users\Andrej\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Snagit 9.lnk - C:\Program Files\TechSmith\Snagit 9\Snagit32.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-01-25 12:37:38 ----D---- C:\rsit
2014-01-25 12:37:38 ----D---- C:\Program Files\trend micro
2014-01-25 11:22:04 ----D---- C:\Users\Andrej\AppData\Roaming\vlc
2014-01-25 11:21:40 ----D---- C:\Program Files\VideoLAN
2014-01-24 21:03:26 ----D---- C:\Users\Andrej\AppData\Roaming\Nitro
2014-01-24 21:03:26 ----D---- C:\Users\Andrej\AppData\Roaming\FileOpen
2014-01-24 21:03:26 ----D---- C:\ProgramData\FileOpen
2014-01-24 21:03:13 ----A---- C:\Windows\system32\nitrolocalui2.dll
2014-01-24 21:03:13 ----A---- C:\Windows\system32\nitrolocalmon2.dll
2014-01-24 21:03:06 ----D---- C:\ProgramData\Nitro
2014-01-24 21:03:06 ----D---- C:\Program Files\Nitro
2014-01-24 21:03:06 ----D---- C:\Program Files\Common Files\Nitro
2014-01-24 21:01:14 ----D---- C:\Users\Andrej\AppData\Roaming\Downloaded Installations
2014-01-22 20:21:55 ----D---- C:\Users\Andrej\AppData\Roaming\Siemens
2014-01-22 20:21:10 ----A---- C:\Windows\ODBC.INI
2014-01-22 20:15:09 ----A---- C:\Windows\winhlp32.exe
2014-01-22 20:15:09 ----A---- C:\Windows\system32\ftsrch.dll
2014-01-22 20:15:09 ----A---- C:\Windows\system32\ftlx041e.dll
2014-01-22 20:15:09 ----A---- C:\Windows\system32\ftlx0411.dll
2014-01-22 20:14:30 ----D---- C:\Program Files\WINCC
2014-01-22 20:10:01 ----A---- C:\Windows\PDLSERV.INI
2014-01-22 20:00:07 ----D---- C:\Program Files\Siemens
2014-01-22 20:00:07 ----D---- C:\Program Files\Common Files\Siemens
2014-01-22 19:39:49 ----D---- C:\Program Files\Microsoft Analysis Services
2014-01-22 19:39:31 ----D---- C:\Program Files\Microsoft.NET
2014-01-22 19:39:31 ----D---- C:\Program Files\Microsoft Office
2014-01-22 19:38:58 ----D---- C:\Windows\PCHEALTH
2014-01-22 19:38:39 ----D---- C:\Program Files\Microsoft SQL Server
2014-01-22 19:38:37 ----D---- C:\Program Files\Common Files\Merge Modules
2014-01-22 19:38:30 ----D---- C:\Program Files\OPC Foundation
2014-01-22 19:38:30 ----D---- C:\Program Files\Common Files\OPC Foundation
2014-01-22 19:38:04 ----D---- C:\Program Files\Common Files\Designer
2014-01-22 19:31:54 ----D---- C:\Windows\system32\msmq
2014-01-22 19:24:00 ----D---- C:\ProgramData\Siemens
2014-01-20 20:17:26 ----D---- C:\Users\Andrej\AppData\Roaming\Malwarebytes
2014-01-20 20:17:12 ----D---- C:\ProgramData\Malwarebytes
2014-01-20 20:17:11 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2014-01-20 20:17:11 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-01-20 19:51:16 ----D---- C:\ProgramData\Microsoft Help
2014-01-20 19:50:24 ----RHD---- C:\MSOCache
2014-01-20 19:45:41 ----D---- C:\Program Files\maucampo
2014-01-20 19:45:24 ----D---- C:\Program Files\Seznam.cz
2014-01-20 19:44:40 ----D---- C:\Users\Andrej\AppData\Roaming\Seznam.cz
2014-01-20 19:33:11 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2014-01-20 19:33:07 ----D---- C:\Users\Andrej\AppData\Roaming\DAEMON Tools Lite
2014-01-20 19:33:05 ----D---- C:\Program Files\DAEMON Tools Lite
2014-01-20 19:32:30 ----D---- C:\ProgramData\DAEMON Tools Lite
2014-01-19 20:50:22 ----D---- C:\Users\Andrej\AppData\Roaming\Macromedia
2014-01-19 20:50:22 ----D---- C:\Users\Andrej\AppData\Roaming\Adobe
2014-01-19 20:33:42 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-01-19 20:33:40 ----D---- C:\Windows\system32\Macromed
2014-01-12 21:14:45 ----D---- C:\Users\Andrej\AppData\Roaming\AVAST Software
2014-01-12 21:09:40 ----D---- C:\Program Files\Google
2014-01-12 21:09:34 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-01-12 21:09:34 ----A---- C:\Windows\system32\drivers\aswstm.sys
2014-01-12 21:09:33 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2014-01-12 21:09:32 ----A---- C:\Windows\system32\drivers\aswSP.sys
2014-01-12 21:09:32 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-01-12 21:09:32 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-01-12 21:09:31 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-01-12 21:09:29 ----A---- C:\Windows\system32\aswBoot.exe
2014-01-12 21:09:28 ----A---- C:\Windows\avastSS.scr
2014-01-12 21:09:12 ----D---- C:\Program Files\AVAST Software
2014-01-12 21:08:41 ----D---- C:\ProgramData\AVAST Software
2014-01-12 20:52:45 ----N---- C:\Windows\system32\MpSigStub.exe
2014-01-12 20:35:28 ----D---- C:\Users\Andrej\AppData\Roaming\Mozilla
2014-01-12 20:35:18 ----D---- C:\ProgramData\Mozilla
2014-01-12 20:35:18 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-01-12 20:35:17 ----D---- C:\Program Files\Mozilla Firefox
2014-01-12 20:13:03 ----A---- C:\Windows\system32\drivers\athr.sys
2014-01-12 20:13:02 ----D---- C:\Users\Andrej\AppData\Roaming\InstallShield
2014-01-12 20:13:02 ----D---- C:\temp
2014-01-12 20:13:02 ----D---- C:\Program Files\Lenovo
2014-01-12 19:31:42 ----D---- C:\Program Files\Realtek
2014-01-12 19:31:42 ----A---- C:\Windows\system32\RTNUninst32.dll
2014-01-12 19:31:42 ----A---- C:\Windows\system32\RtNicProp32.dll
2014-01-12 19:31:42 ----A---- C:\Windows\system32\drivers\Rt86win7.sys
2014-01-12 19:31:41 ----HD---- C:\Program Files\InstallShield Installation Information
2014-01-12 19:28:59 ----D---- C:\Drivers
2014-01-12 13:51:40 ----D---- C:\Program Files\AIMP2
2014-01-12 13:27:33 ----D---- C:\ProgramData\7. Realtek LAN Driver
2014-01-12 13:21:47 ----D---- C:\ProgramData\TechSmith
2014-01-12 13:21:46 ----D---- C:\Program Files\TechSmith
2014-01-12 13:20:36 ----SHD---- C:\Windows\Installer
2014-01-12 13:20:01 ----D---- C:\Users\Andrej\AppData\Roaming\WinRAR
2014-01-12 13:19:44 ----D---- C:\Program Files\WinRAR
2014-01-12 13:17:52 ----D---- C:\Users\Andrej\AppData\Roaming\GHISLER
2014-01-12 13:17:52 ----D---- C:\Program Files\totalcmd
2014-01-12 13:17:52 ----A---- C:\Windows\UC.PIF
2014-01-12 13:17:52 ----A---- C:\Windows\RAR.PIF
2014-01-12 13:17:52 ----A---- C:\Windows\PKZIP.PIF
2014-01-12 13:17:52 ----A---- C:\Windows\PKUNZIP.PIF
2014-01-12 13:17:52 ----A---- C:\Windows\NOCLOSE.PIF
2014-01-12 13:17:52 ----A---- C:\Windows\LHA.PIF
2014-01-12 13:17:52 ----A---- C:\Windows\ARJ.PIF
2014-01-12 13:08:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-01-12 13:05:06 ----D---- C:\Users\Andrej\AppData\Roaming\Identities
2014-01-12 13:04:57 ----SD---- C:\Users\Andrej\AppData\Roaming\Microsoft
2014-01-12 13:04:57 ----D---- C:\Users\Andrej\AppData\Roaming\Media Center Programs
2014-01-12 13:04:47 ----SHD---- C:\Recovery
2014-01-12 13:04:47 ----SHD---- C:\ProgramData\Šablony
2014-01-12 13:04:47 ----SHD---- C:\ProgramData\Plocha
2014-01-12 13:04:47 ----SHD---- C:\ProgramData\Oblíbené položky
2014-01-12 13:04:47 ----SHD---- C:\ProgramData\Nabídka Start
2014-01-12 13:04:47 ----SHD---- C:\ProgramData\Dokumenty
2014-01-12 13:04:47 ----SHD---- C:\ProgramData\Data aplikací
2014-01-12 12:54:06 ----D---- C:\Windows\SoftwareDistribution
2014-01-12 12:51:33 ----D---- C:\Windows\Prefetch
2014-01-12 12:51:18 ----ASH---- C:\pagefile.sys
2014-01-12 12:51:15 ----SHD---- C:\System Volume Information
2014-01-12 12:51:15 ----ASH---- C:\hiberfil.sys
2014-01-12 12:50:47 ----D---- C:\Windows\Panther
======List of files/folders modified in the last 1 month======
2014-01-25 12:37:44 ----D---- C:\Windows\Temp
2014-01-25 12:37:38 ----RD---- C:\Program Files
2014-01-25 10:09:15 ----D---- C:\Windows\System32
2014-01-25 10:09:15 ----D---- C:\Windows\inf
2014-01-24 21:03:26 ----HD---- C:\ProgramData
2014-01-24 21:03:06 ----D---- C:\Program Files\Common Files
2014-01-22 20:21:16 ----D---- C:\Windows
2014-01-22 20:15:20 ----D---- C:\Windows\winsxs
2014-01-22 20:15:18 ----D---- C:\Windows\system32\cs-CZ
2014-01-22 20:15:18 ----D---- C:\Windows\cs-CZ
2014-01-22 20:15:16 ----D---- C:\Windows\system32\catroot
2014-01-22 20:14:57 ----D---- C:\Windows\system32\config
2014-01-22 20:14:54 ----D---- C:\Windows\Logs
2014-01-22 20:09:35 ----D---- C:\Windows\Setup
2014-01-22 20:08:52 ----D---- C:\Windows\system32\DriverStore
2014-01-22 20:08:27 ----D---- C:\Windows\system32\drivers
2014-01-22 20:03:58 ----RSD---- C:\Windows\assembly
2014-01-22 20:03:31 ----RSD---- C:\Windows\Fonts
2014-01-22 19:47:33 ----SD---- C:\ProgramData\Microsoft
2014-01-22 19:46:21 ----D---- C:\Program Files\Common Files\microsoft shared
2014-01-22 19:41:55 ----D---- C:\Windows\Registration
2014-01-22 19:35:55 ----D---- C:\Windows\security
2014-01-20 19:50:22 ----D---- C:\Windows\system32\catroot2
2014-01-19 20:33:43 ----D---- C:\Windows\Tasks
2014-01-19 20:33:43 ----D---- C:\Windows\system32\Tasks
2014-01-19 12:36:18 ----D---- C:\Windows\system32\wdi
2014-01-12 19:29:49 ----D---- C:\Windows\system32\NDF
2014-01-12 13:44:01 ----D---- C:\Windows\Microsoft.NET
2014-01-12 13:26:50 ----D---- C:\Windows\system32\drivers\UMDF
2014-01-12 13:21:22 ----D---- C:\Windows\system32\restore
2014-01-12 13:08:27 ----D---- C:\Windows\system32\wbem
2014-01-12 13:05:04 ----SHD---- C:\$Recycle.Bin
2014-01-12 13:04:54 ----D---- C:\Windows\system32\CodeIntegrity
2014-01-12 13:04:52 ----RD---- C:\Users
2014-01-12 13:04:47 ----D---- C:\Program Files\Windows NT
2014-01-12 13:04:31 ----D---- C:\Windows\rescache
2014-01-12 13:04:03 ----D---- C:\Windows\debug
2014-01-12 12:53:53 ----D---- C:\Windows\system32\sysprep
2014-01-12 12:51:59 ----D---- C:\Windows\CSC
2014-01-12 12:50:21 ----D---- C:\Windows\system32\oobe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-01-12 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-01-12 180248]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2014-01-12 79720]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2014-01-12 775952]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2014-01-12 410528]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 dpmconv;SIMATIC NET DP Driver; C:\Windows\system32\DRIVERS\dpmconv32.sys [2011-04-19 288256]
R1 DPMTRCDD;SIMATIC NET Softnet Trace Driver; C:\Windows\system32\DRIVERS\DPMTRCDD32.sys [2010-03-22 72248]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-01-20 243128]
R1 vsnl2ada;SIMATIC NET FDL Driver; C:\Windows\system32\DRIVERS\vsnl2ada32.sys [2011-04-19 140288]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2014-01-12 67824]
R2 s7ousbu32x;SIMATIC USB Service; C:\Windows\system32\DRIVERS\s7ousbu32x.sys [2011-09-29 641280]
R2 s7sn2srtx;PROFINET IO RT-Protocol V2.0; C:\Windows\system32\DRIVERS\s7sn2srtx.sys [2011-06-16 63104]
R2 SNTIE;SIMATIC Industrial Ethernet (ISO); C:\Windows\system32\DRIVERS\sntie.sys [2011-10-11 343888]
R3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2014-01-12 64168]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-11-06 1227776]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
R3 MQAC;@mqutil.dll,-6101; C:\Windows\system32\drivers\mqac.sys [2009-07-14 141824]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-08-21 189440]
R3 S7odpx2x32;SIMATIC Knotentaufe; C:\Windows\System32\Drivers\S7odpx2x32.sys [2011-05-06 87552]
R3 S7otranx32;SIMATIC Transport; C:\Windows\System32\Drivers\S7otranx32.sys [2011-05-06 521216]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 almservice;Automation License Manager Service; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe [2011-12-11 1138312]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-01-12 50344]
R2 CCAgent;CCAgent; C:\Program Files\Common Files\Siemens\ACE\bin\CCAgent.exe [2011-11-14 363008]
R2 CCDBUtils;CCDBUtils; C:\Program Files\Common Files\Siemens\CommonArchiving\CCDBUtils.exe [2011-11-23 98304]
R2 CCEServer;CCEServer; C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe [2011-11-14 245248]
R2 CCProjectMgr;SIMATIC WinCC CCProjectMgr; C:\Program Files\Siemens\WinCC\bin\CCProjectMgr.exe [2011-11-23 1464832]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MsDtsServer;SQL Server Integration Services; C:\Program Files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe [2010-12-10 202592]
R2 MSMQ;@mqutil.dll,-6102; C:\Windows\system32\mqsvc.exe [2009-07-14 8704]
R2 MSSQL$WINCC;SQL Server (WINCC); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
R2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3; C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [2013-07-26 196624]
R2 s7oiehsx;SIMATIC IEPG Help Service; C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe [2011-11-04 412808]
R2 S7TraceServiceX;S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe [2011-11-04 556168]
R2 SCSMonitor;SCSMonitor; C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe [2011-11-14 163328]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880]
R2 Update maucampo;Update maucampo; C:\Program Files\maucampo\updatemaucampo.exe [2014-01-16 97048]
R2 Util maucampo;Util maucampo; C:\Program Files\maucampo\bin\utilmaucampo.exe [2014-01-20 97048]
R3 CCEClient;CCEClient; C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe [2011-11-14 264704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-19 257928]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 CCAlgIAlarmDataCollector;SIMATIC WinCC CCAlgIAlarmDataCollector; C:\Program Files\Siemens\WinCC\bin\CCAlgIAlarmDataCollector.exe [2011-11-23 361984]
S3 CCAlgRtServer;SIMATIC WinCC CCAlgRtServer; C:\Program Files\Siemens\WinCC\bin\CcAlgRtServer.exe [2011-11-23 119808]
S3 CCArchiveManagerService;CCArchiveManagerService; C:\Program Files\Common Files\Siemens\CommonArchiving\CCArchiveManager.exe [2011-11-23 757760]
S3 CCCSigRTServer;SIMATIC WinCC CCCSigRTServer; C:\Program Files\Siemens\WinCC\bin\CCCSigRTServer.exe [2011-11-23 436736]
S3 CCDeltaLoader;SIMATIC WinCC CCDeltaLoader; C:\Program Files\Siemens\WinCC\bin\CCDeltaLoader.exe [2011-11-23 757760]
S3 CCLBMRTServer;SIMATIC WinCC CCLBMRTServer; C:\Program Files\Siemens\WinCC\bin\CCLBMRTServer.exe [2011-11-23 195072]
S3 CCLicenseService;SIMATIC WinCC License Service; C:\Program Files\Common Files\Siemens\bin\CCLicenseService.exe [2011-11-23 489472]
S3 CCNSInfo2Provider;SIMATIC WinCC CCNSInfo2Provider; C:\Program Files\Siemens\WinCC\bin\CCNSInfo2Provider.exe [2011-11-23 646144]
S3 CCOPC.UAWrapper;CCOPC.UAWrapper; C:\Program Files\Siemens\WinCC\opc\UAWrapper\DA2UA.exe [2011-11-23 344064]
S3 CCOPC.XMLWrapper;CCOPC.XMLWrapper; C:\Program Files\Siemens\WinCC\opc\XMLDataAccess\bin\DA2XML.exe [2011-11-23 344064]
S3 CCPackageMgr;SIMATIC WinCC CCPackageMgr; C:\Program Files\Siemens\WinCC\bin\CCPackageMgr.exe [2011-11-23 450560]
S3 CCPerfMon;CCPerfMon; C:\Program Files\Common Files\Siemens\bin\CCPerfMon.exe [2011-11-10 716288]
S3 CCProfileServer;SIMATIC WinCC CCProfileServer; C:\Program Files\Siemens\WinCC\bin\CCProfileServer.exe [2011-11-23 72192]
S3 CCPtmRTServer;SIMATIC WinCC CCPtmRTServer; C:\Program Files\Siemens\WinCC\bin\CCPtmRTServer.exe [2011-11-23 331776]
S3 CCRedundancyAgent-Service;CCRedundancyAgent-Service; C:\Program Files\Common Files\Siemens\CommonArchiving\CCRedundancyAgent.exe [2011-11-23 856064]
S3 CCRtsLoader;SIMATIC WinCC Data Manager; C:\Program Files\Siemens\WinCC\bin\CCRtsLoader.exe [2011-11-23 100352]
S3 CCSsmRTServer;SIMATIC WinCC CCSsmRTServer; C:\Program Files\Siemens\WinCC\bin\CCSsmRTServer.exe [2011-11-23 332800]
S3 CCTextServer;SIMATIC WinCC TextServer; C:\Program Files\Siemens\WinCC\bin\CCTextServer.exe [2011-11-23 372224]
S3 CCTlgServer;SIMATIC WinCC CCTlgServer; C:\Program Files\Siemens\WinCC\bin\CCTlgServer.exe [2011-11-23 91648]
S3 CCTMTimeSyncServer;SIMATIC WinCC CCTMTimeSyncServer; C:\Program Files\Siemens\WinCC\bin\CCTMTimeSyncServer.exe [2011-11-23 299520]
S3 CCUsrAcv;SIMATIC WinCC CCUsrAcv; C:\Program Files\Siemens\WinCC\bin\CCUsrAcv.exe [2011-11-23 1311232]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-05 119408]
S3 OpcEnum;OpcEnum; C:\Windows\system32\OpcEnum.exe [2009-02-05 139488]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 RedundancyControl;RedundancyControl; C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe [2011-11-14 486400]
S3 RedundancyState;RedundancyState; C:\Program Files\Common Files\Siemens\ace\bin\RedundancyState.exe [2011-11-14 198144]
S3 SCSFsX;SCSFsX; C:\Program Files\Common Files\Siemens\ACE\bin\SCSFsX.exe [2011-11-14 101888]
S3 SQLAgent$WINCC;SQL Server Agent (WINCC); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE [2010-12-10 346976]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 XR_CCOPC.UAWrapper;XR_CCOPC.UAWrapper; C:\Program Files\Siemens\WinCC\opc\UAWrapper\CCRT2UA.exe [2011-11-23 188416]
S3 XR_CCOPC.XMLWrapper;XR_CCOPC.XMLWrapper; C:\Program Files\Siemens\WinCC\opc\XMLDataAccess\bin\CCRT2XML.exe [2011-11-23 188416]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 OPCServer.WinCC;OPCServer.WinCC; C:\Program Files\Siemens\WinCC\OPC\DataAccess\bin\sopcsrvrwincc.exe [2011-11-23 348160]
S4 OPCServerAE.WinCC;OPCServerAE.WinCC; C:\Program Files\Siemens\WinCC\OPC\AlarmEvent\bin\sopcaesrvrwincc.exe [2011-11-23 261632]
S4 OPCServerHDA.WinCC;OPCServerHDA.WinCC; C:\Program Files\Siemens\WinCC\OPC\HistDataAccess\bin\sopchdasrvrwincc.exe [2011-11-23 346112]
-----------------EOF-----------------
Re: Prosím o preventívnu kontrolu
Zdravim 
Jedna se o domaci pc, nebo nejaky firemni/pracovni?
Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).




Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o preventívnu kontrolu
PC je môj domáci
Tu sú logy:
OTL.txt
OTL logfile created on: 25. 1. 2014 14:07:13 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Andrej\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
2,99 Gb Total Physical Memory | 1,64 Gb Available Physical Memory | 54,94% Memory free
5,98 Gb Paging File | 4,52 Gb Available in Paging File | 75,66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 151,42 Gb Total Space | 130,95 Gb Free Space | 86,48% Space Free | Partition Type: NTFS
Drive D: | 299,39 Gb Total Space | 91,77 Gb Free Space | 30,65% Space Free | Partition Type: NTFS
Drive G: | 6,54 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: ANDREJ-PC | User Name: Andrej | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/01/25 13:46:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Andrej\Desktop\OTL.exe
PRC - [2014/01/20 20:46:09 | 000,097,048 | ---- | M] () -- C:\Program Files\maucampo\bin\utilmaucampo.exe
PRC - [2014/01/19 20:33:42 | 001,863,048 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
PRC - [2014/01/16 01:37:30 | 000,097,048 | ---- | M] () -- C:\Program Files\maucampo\updatemaucampo.exe
PRC - [2014/01/12 21:09:27 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/01/12 21:09:27 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/12/05 20:34:42 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/07/26 06:48:28 | 000,196,624 | ---- | M] (Nitro PDF Software) -- C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
PRC - [2013/04/12 09:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
PRC - [2011/12/11 21:07:24 | 001,138,312 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe
PRC - [2011/11/23 23:12:38 | 000,243,200 | ---- | M] () -- C:\Program Files\Siemens\WinCC\bin\CCUCSurrogate.exe
PRC - [2011/11/23 22:26:56 | 001,464,832 | ---- | M] (SIEMENS AG) -- C:\Program Files\Siemens\WinCC\bin\CCProjectMgr.exe
PRC - [2011/11/23 13:01:10 | 000,098,304 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\commonarchiving\CCDBUtils.exe
PRC - [2011/11/14 20:21:20 | 000,245,248 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe
PRC - [2011/11/14 16:18:46 | 000,163,328 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe
PRC - [2011/11/14 14:47:58 | 000,264,704 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe
PRC - [2011/11/14 14:37:24 | 000,363,008 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\ace\bin\CCAgent.exe
PRC - [2011/11/04 01:41:34 | 000,556,168 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe
PRC - [2011/11/04 01:41:30 | 000,412,808 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
PRC - [2011/10/25 11:23:08 | 009,079,296 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\SimNetCom\pniopcac.exe
PRC - [2011/10/24 11:03:54 | 002,087,424 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\SimNetCom\pniomgr.exe
PRC - [2009/10/15 11:06:52 | 000,053,064 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 9\TscHelp.exe
PRC - [2009/10/15 11:06:50 | 000,066,888 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 9\SnagPriv.exe
PRC - [2009/10/15 11:06:46 | 007,168,328 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 9\SnagitEditor.exe
PRC - [2009/10/15 11:06:46 | 006,287,176 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 9\Snagit32.exe
PRC - [2009/07/14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
========== Modules (No Company Name) ==========
MOD - [2014/01/19 20:33:41 | 016,287,624 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_12_0_0_43.dll
MOD - [2014/01/12 21:09:27 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013/12/05 20:36:56 | 003,559,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/04/24 11:31:42 | 000,081,992 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\libchinst.dll
MOD - [2013/04/12 09:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
MOD - [2013/03/29 12:37:34 | 000,059,384 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\9526libfoxloader.dll
MOD - [2013/03/25 15:39:52 | 000,894,968 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
MOD - [2011/11/23 23:12:38 | 000,243,200 | ---- | M] () -- C:\Program Files\Siemens\WinCC\bin\CCUCSurrogate.exe
MOD - [2011/11/15 02:48:32 | 000,057,856 | ---- | M] () -- C:\Program Files\Siemens\WinCC\bin\CCUCSurrogateEnu.lng
MOD - [2011/03/02 12:40:52 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2009/10/15 11:06:44 | 004,715,848 | R--- | M] () -- C:\Program Files\TechSmith\Snagit 9\PDFNetC.dll
========== Services (SafeList) ==========
SRV - [2014/01/20 20:46:09 | 000,097,048 | ---- | M] () [Auto | Running] -- C:\Program Files\maucampo\bin\utilmaucampo.exe -- (Util maucampo)
SRV - [2014/01/19 20:33:42 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/01/16 01:37:30 | 000,097,048 | ---- | M] () [Auto | Running] -- C:\Program Files\maucampo\updatemaucampo.exe -- (Update maucampo)
SRV - [2014/01/12 21:09:27 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/12/05 20:36:33 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/07/26 06:48:28 | 000,196,624 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe -- (NitroReaderDriverReadSpool3)
SRV - [2011/12/11 21:07:24 | 001,138,312 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe -- (almservice)
SRV - [2011/11/23 23:21:54 | 000,332,800 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCSsmRTServer.exe -- (CCSsmRTServer)
SRV - [2011/11/23 23:12:26 | 000,072,192 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCProfileServer.exe -- (CCProfileServer)
SRV - [2011/11/23 23:08:46 | 000,119,808 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CcAlgRtServer.exe -- (CCAlgRtServer)
SRV - [2011/11/23 23:07:52 | 000,361,984 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCAlgIAlarmDataCollector.exe -- (CCAlgIAlarmDataCollector)
SRV - [2011/11/23 23:06:00 | 000,489,472 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\Bin\CCLicenseService.exe -- (CCLicenseService)
SRV - [2011/11/23 23:03:22 | 000,100,352 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCRtsLoader.exe -- (CCRtsLoader)
SRV - [2011/11/23 23:00:42 | 000,372,224 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCTextServer.exe -- (CCTextServer)
SRV - [2011/11/23 23:00:36 | 000,091,648 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCTlgServer.exe -- (CCTlgServer)
SRV - [2011/11/23 22:59:04 | 001,311,232 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCUsrAcv.exe -- (CCUsrAcv)
SRV - [2011/11/23 22:34:50 | 000,450,560 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCPackageMgr.exe -- (CCPackageMgr)
SRV - [2011/11/23 22:34:20 | 000,757,760 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCDeltaLoader.exe -- (CCDeltaLoader)
SRV - [2011/11/23 22:32:10 | 000,299,520 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCTMTimeSyncServer.exe -- (CCTMTimeSyncServer)
SRV - [2011/11/23 22:31:10 | 000,646,144 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCNSInfo2Provider.exe -- (CCNSInfo2Provider)
SRV - [2011/11/23 22:30:04 | 000,195,072 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCLBMRTServer.exe -- (CCLBMRTServer)
SRV - [2011/11/23 22:29:40 | 000,436,736 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCCSigRTServer.exe -- (CCCSigRTServer)
SRV - [2011/11/23 22:28:46 | 000,331,776 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCPtmRTServer.exe -- (CCPtmRTServer)
SRV - [2011/11/23 22:26:56 | 001,464,832 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Siemens\WinCC\bin\CCProjectMgr.exe -- (CCProjectMgr)
SRV - [2011/11/23 16:02:26 | 000,346,112 | ---- | M] (SIEMENS AG) [Disabled | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\HistDataAccess\bin\sopchdasrvrwincc.exe -- (OPCServerHDA.WinCC)
SRV - [2011/11/23 16:00:22 | 000,188,416 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\UAWrapper\CCRT2UA.exe -- (XR_CCOPC.UAWrapper)
SRV - [2011/11/23 16:00:04 | 000,188,416 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\XMLDataAccess\bin\CCRT2XML.exe -- (XR_CCOPC.XMLWrapper)
SRV - [2011/11/23 15:59:38 | 000,348,160 | ---- | M] (SIEMENS AG) [Disabled | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\DataAccess\bin\sopcsrvrwincc.exe -- (OPCServer.WinCC)
SRV - [2011/11/23 15:59:00 | 000,344,064 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\XMLDataAccess\bin\DA2XML.exe -- (CCOPC.XMLWrapper)
SRV - [2011/11/23 15:59:00 | 000,344,064 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\UAWrapper\DA2UA.exe -- (CCOPC.UAWrapper)
SRV - [2011/11/23 15:57:38 | 000,261,632 | ---- | M] (SIEMENS AG) [Disabled | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\AlarmEvent\bin\sopcaesrvrwincc.exe -- (OPCServerAE.WinCC)
SRV - [2011/11/23 13:10:30 | 000,856,064 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\commonarchiving\CCRedundancyAgent.exe -- (CCRedundancyAgent-Service)
SRV - [2011/11/23 13:01:10 | 000,098,304 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\commonarchiving\CCDBUtils.exe -- (CCDBUtils)
SRV - [2011/11/23 12:59:42 | 000,757,760 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\commonarchiving\CCArchiveManager.exe -- (CCArchiveManagerService)
SRV - [2011/11/14 20:31:38 | 000,486,400 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe -- (RedundancyControl)
SRV - [2011/11/14 20:21:20 | 000,245,248 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe -- (CCEServer)
SRV - [2011/11/14 16:18:46 | 000,163,328 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe -- (SCSMonitor)
SRV - [2011/11/14 15:46:46 | 000,101,888 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\ace\bin\SCSFsX.exe -- (SCSFsX)
SRV - [2011/11/14 15:34:08 | 000,198,144 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\ace\bin\RedundancyState.exe -- (RedundancyState)
SRV - [2011/11/14 14:47:58 | 000,264,704 | ---- | M] (SIEMENS AG) [On_Demand | Running] -- C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe -- (CCEClient)
SRV - [2011/11/14 14:37:24 | 000,363,008 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\ace\bin\CCAgent.exe -- (CCAgent)
SRV - [2011/11/10 12:58:36 | 000,716,288 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\Bin\CCPerfMon.exe -- (CCPerfMon)
SRV - [2011/11/04 01:41:34 | 000,556,168 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe -- (S7TraceServiceX)
SRV - [2011/11/04 01:41:30 | 000,412,808 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe -- (s7oiehsx)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/02/05 03:04:08 | 000,139,488 | ---- | M] (OPC Foundation) [On_Demand | Stopped] -- C:\Windows\System32\OpcEnum.exe -- (OpcEnum)
========== Driver Services (SafeList) ==========
DRV - [2014/01/20 19:33:11 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2014/01/12 21:12:22 | 000,064,168 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aswstm.sys -- (aswStm)
DRV - [2014/01/12 21:09:28 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014/01/12 21:09:28 | 000,410,528 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2014/01/12 21:09:28 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/01/12 21:09:28 | 000,079,720 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2014/01/12 21:09:28 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014/01/12 21:09:28 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2011/10/11 19:13:20 | 000,343,888 | ---- | M] (SIEMENS AG) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SNTIE.SYS -- (SNTIE)
DRV - [2011/09/29 10:48:48 | 000,641,280 | ---- | M] (SIEMENS AG) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\s7ousbu32x.sys -- (s7ousbu32x)
DRV - [2011/06/16 19:10:22 | 000,063,104 | ---- | M] (SIEMENS AG) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\s7sn2srtx.sys -- (s7sn2srtx)
DRV - [2011/05/06 05:08:10 | 000,521,216 | ---- | M] (SIEMENS AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\S7otranx32.sys -- (S7otranx32)
DRV - [2011/05/06 05:03:22 | 000,087,552 | ---- | M] (SIEMENS AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\S7odpx2x32.sys -- (S7odpx2x32)
DRV - [2011/04/19 19:22:04 | 000,288,256 | ---- | M] (SIEMENS AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\dpmconv32.sys -- (dpmconv)
DRV - [2011/04/19 19:20:28 | 000,140,288 | ---- | M] (SIEMENS AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsnl2ada32.sys -- (vsnl2ada)
DRV - [2010/03/22 20:35:44 | 000,072,248 | ---- | M] (SIEMENS AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\DPMTRCDD32.sys -- (DPMTRCDD)
DRV - [2009/11/06 12:53:58 | 001,227,776 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/07/14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009/07/14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009/07/14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009/07/14 01:11:04 | 000,141,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mqac.sys -- (MQAC)
DRV - [2009/07/14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-987201152-1341176263-1292834751-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 64 65 73 CB 0F CF 01 [binary data]
IE - HKU\S-1-5-21-987201152-1341176263-1292834751-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-987201152-1341176263-1292834751-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-987201152-1341176263-1292834751-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.google.sk"
FF - prefs.js..extensions.enabledAddons: %7B66E978CD-981F-47DF-AC42-E3CF417C1467%7D:0.4.3
FF - prefs.js..extensions.enabledAddons: %7Bef8714df-a44b-464c-9034-549a70dc4cd7%7D:1.0.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/01/12 21:09:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2014/01/12 20:35:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Extensions
[2014/01/20 19:45:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions
[2014/01/20 19:45:21 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2014/01/12 20:38:26 | 000,016,454 | ---- | M] () (No name found) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions\HomepageNewTab@neocodex.us.xpi
[2014/01/12 20:40:34 | 000,003,793 | ---- | M] () (No name found) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi
[2014/01/19 20:28:35 | 000,940,775 | ---- | M] () (No name found) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/01/16 01:37:30 | 000,008,938 | ---- | M] () (No name found) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions\{ef8714df-a44b-464c-9034-549a70dc4cd7}.xpi
[2014/01/12 20:35:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/01/12 20:35:17 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (maucampo) - {5d7d4fb9-aca5-4013-8879-c58dcd4df9f1} - C:\Program Files\maucampo\maucampoBHO.dll (maucampo)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-987201152-1341176263-1292834751-1000\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CCUCSurrogate.exe] C:\Program Files\Siemens\WinCC\bin\CCUCSurrogate.exe ()
O4 - HKLM..\Run: [seznam-listicka-distribuce] C:\Program Files\Seznam.cz\distribution\szninstall.exe ()
O4 - HKU\S-1-5-21-987201152-1341176263-1292834751-1000..\Run: [cz.seznam.software.autoupdate] C:\Users\Andrej\AppData\Roaming\Seznam.cz\szninstall.exe ()
O4 - HKU\S-1-5-21-987201152-1341176263-1292834751-1000..\Run: [cz.seznam.software.szndesktop] C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe ()
O4 - HKU\S-1-5-21-987201152-1341176263-1292834751-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 9.lnk = C:\Program Files\TechSmith\Snagit 9\Snagit32.exe (TechSmith Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FA6D81AC-B75C-4D34-89C6-5947764FB974}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/03/10 16:55:40 | 000,000,045 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{7a2f2665-8200-11e3-a533-70f3954ca870}\Shell - "" = AutoRun
O33 - MountPoints2\{7a2f2665-8200-11e3-a533-70f3954ca870}\Shell\AutoRun\command - "" = G:\Setup.exe -- [2011/08/03 13:32:28 | 000,236,168 | R--- | M] (SIEMENS AG)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/01/25 13:46:54 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Andrej\Desktop\OTL.exe
[2014/01/25 12:37:38 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014/01/25 12:37:38 | 000,000,000 | ---D | C] -- C:\rsit
[2014/01/25 11:22:04 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\vlc
[2014/01/25 11:21:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2014/01/25 11:21:40 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2014/01/24 21:03:26 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Nitro
[2014/01/24 21:03:26 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\FileOpen
[2014/01/24 21:03:26 | 000,000,000 | ---D | C] -- C:\ProgramData\FileOpen
[2014/01/24 21:03:13 | 000,027,152 | ---- | C] (Nitro PDF Software) -- C:\Windows\System32\nitrolocalmon2.dll
[2014/01/24 21:03:13 | 000,018,448 | ---- | C] (Nitro PDF Software) -- C:\Windows\System32\nitrolocalui2.dll
[2014/01/24 21:03:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Nitro
[2014/01/24 21:03:06 | 000,000,000 | ---D | C] -- C:\Program Files\Nitro
[2014/01/24 21:03:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nitro
[2014/01/24 21:01:14 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Downloaded Installations
[2014/01/22 20:21:55 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Siemens
[2014/01/22 20:15:09 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\winhlp32.exe
[2014/01/22 20:15:09 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftsrch.dll
[2014/01/22 20:15:09 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftlx041e.dll
[2014/01/22 20:15:09 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftlx0411.dll
[2014/01/22 20:14:30 | 000,000,000 | ---D | C] -- C:\Program Files\WINCC
[2014/01/22 20:02:45 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Siemens
[2014/01/22 20:00:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Siemens Automation
[2014/01/22 20:00:07 | 000,000,000 | ---D | C] -- C:\Program Files\Siemens
[2014/01/22 20:00:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Siemens
[2014/01/22 19:47:33 | 000,000,000 | ---D | C] -- C:\Users\Andrej\Documents\SQL Server Management Studio
[2014/01/22 19:41:50 | 000,000,000 | ---D | C] -- C:\Users\Andrej\Documents\Visual Studio 2005
[2014/01/22 19:41:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2005
[2014/01/22 19:39:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2014/01/22 19:39:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2014/01/22 19:39:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2014/01/22 19:38:58 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2014/01/22 19:38:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2014/01/22 19:38:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Merge Modules
[2014/01/22 19:38:30 | 000,000,000 | ---D | C] -- C:\Program Files\OPC Foundation
[2014/01/22 19:38:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\OPC Foundation
[2014/01/22 19:38:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Designer
[2014/01/22 19:31:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\msmq
[2014/01/22 19:24:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Siemens
[2014/01/22 19:16:20 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\GHISLER
[2014/01/20 20:17:26 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Malwarebytes
[2014/01/20 20:17:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/01/20 20:17:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/01/20 20:17:11 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/01/20 20:17:11 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2014/01/20 19:51:20 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Microsoft Help
[2014/01/20 19:51:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2014/01/20 19:50:24 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2014/01/20 19:45:53 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\ElevatedDiagnostics
[2014/01/20 19:45:41 | 000,000,000 | ---D | C] -- C:\Program Files\maucampo
[2014/01/20 19:45:24 | 000,000,000 | ---D | C] -- C:\Program Files\Seznam.cz
[2014/01/20 19:44:40 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Seznam.cz
[2014/01/20 19:33:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2014/01/20 19:33:11 | 000,243,128 | ---- | C] (Disc Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2014/01/20 19:33:07 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\DAEMON Tools Lite
[2014/01/20 19:33:05 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2014/01/20 19:32:30 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2014/01/19 20:50:22 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Macromedia
[2014/01/19 20:50:22 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Macromedia
[2014/01/19 20:50:22 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Adobe
[2014/01/19 20:33:42 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/01/19 20:33:42 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/01/19 20:33:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2014/01/19 20:31:22 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Adobe
[2014/01/12 21:14:45 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\AVAST Software
[2014/01/12 21:12:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/01/12 21:09:40 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Google
[2014/01/12 21:09:40 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2014/01/12 21:09:34 | 000,064,168 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswstm.sys
[2014/01/12 21:09:33 | 000,775,952 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014/01/12 21:09:32 | 000,410,528 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014/01/12 21:09:32 | 000,067,824 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/01/12 21:09:31 | 000,079,720 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014/01/12 21:09:29 | 000,270,240 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/01/12 21:09:28 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/01/12 21:09:12 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/01/12 21:08:41 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/01/12 20:52:45 | 000,230,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2014/01/12 20:35:28 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Mozilla
[2014/01/12 20:35:28 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Mozilla
[2014/01/12 20:35:18 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2014/01/12 20:35:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/01/12 20:35:17 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/01/12 20:13:03 | 001,227,776 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\drivers\athr.sys
[2014/01/12 20:13:02 | 000,000,000 | ---D | C] -- C:\temp
[2014/01/12 20:13:02 | 000,000,000 | ---D | C] -- C:\Program Files\Lenovo
[2014/01/12 20:13:02 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\InstallShield
[2014/01/12 19:31:42 | 000,094,208 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RTNUninst32.dll
[2014/01/12 19:31:42 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2014/01/12 19:31:41 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2014/01/12 19:29:49 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Diagnostics
[2014/01/12 19:28:59 | 000,000,000 | ---D | C] -- C:\Drivers
[2014/01/12 13:51:41 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AIMP2
[2014/01/12 13:51:40 | 000,000,000 | ---D | C] -- C:\Program Files\AIMP2
[2014/01/12 13:32:51 | 000,000,000 | ---D | C] -- C:\Users\Andrej\Documents\Snagit
[2014/01/12 13:27:33 | 000,000,000 | ---D | C] -- C:\ProgramData\7. Realtek LAN Driver
[2014/01/12 13:27:11 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Programs
[2014/01/12 13:21:48 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Snagit 9
[2014/01/12 13:21:47 | 000,000,000 | ---D | C] -- C:\ProgramData\TechSmith
[2014/01/12 13:21:46 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\TechSmith
[2014/01/12 13:21:46 | 000,000,000 | ---D | C] -- C:\Program Files\TechSmith
[2014/01/12 13:20:36 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2014/01/12 13:20:01 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\WinRAR
[2014/01/12 13:20:01 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/01/12 13:20:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/01/12 13:19:44 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2014/01/12 13:17:52 | 000,000,000 | ---D | C] -- C:\Program Files\totalcmd
[2014/01/12 13:17:52 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
[2014/01/12 13:17:52 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\GHISLER
[2014/01/12 13:05:15 | 000,000,000 | R--D | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/01/12 13:05:15 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Searches
[2014/01/12 13:05:15 | 000,000,000 | R--D | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/01/12 13:05:06 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Identities
[2014/01/12 13:05:05 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Contacts
[2014/01/12 13:04:59 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\VirtualStore
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\AppData\Local\Temporary Internet Files
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Šablony
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Soubory cookie
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\SendTo
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Poslední
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Okolní tiskárny
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Okolní síť
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Documents\Obrázky
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Nabídka Start
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Local Settings
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Documents\Hudba
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\AppData\Local\History
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Documents\Filmy
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Dokumenty
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Data aplikací
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\AppData\Local\Data aplikací
[2014/01/12 13:04:57 | 000,000,000 | --SD | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Videos
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Saved Games
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Pictures
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Music
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Links
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Favorites
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Downloads
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Documents
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Desktop
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/01/12 13:04:57 | 000,000,000 | -H-D | C] -- C:\Users\Andrej\AppData
[2014/01/12 13:04:57 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Temp
[2014/01/12 13:04:57 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Microsoft
[2014/01/12 13:04:57 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Media Center Programs
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Šablony
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\Recovery
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Plocha
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Obrázky
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Oblíbené položky
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Nabídka Start
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Hudba
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Filmy
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Data aplikací
[2014/01/12 12:54:06 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/01/12 12:51:33 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2014/01/12 12:51:15 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014/01/12 12:50:47 | 000,000,000 | ---D | C] -- C:\Windows\Panther
========== Files - Modified Within 30 Days ==========
[2014/01/25 14:06:31 | 000,001,536 | ---- | M] () -- C:\Windows\System32\.sto
[2014/01/25 14:05:11 | 000,009,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/25 14:05:10 | 000,009,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/25 13:59:07 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/25 13:50:40 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/01/25 13:46:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Andrej\Desktop\OTL.exe
[2014/01/25 12:26:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/25 10:09:15 | 000,664,976 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2014/01/25 10:09:15 | 000,657,654 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/01/25 10:09:15 | 000,137,518 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2014/01/25 10:09:15 | 000,122,402 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/01/25 10:02:20 | 2408,722,432 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/22 21:31:24 | 000,000,028 | ---- | M] () -- C:\Windows\ODBC.INI
[2014/01/22 21:31:09 | 000,000,061 | ---- | M] () -- C:\Windows\Simatic.cfg
[2014/01/22 20:16:46 | 000,269,992 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/01/22 20:10:01 | 000,000,000 | ---- | M] () -- C:\Windows\PDLSERV.INI
[2014/01/22 20:08:19 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_s7ousbu32x_01007.Wdf
[2014/01/20 19:33:11 | 000,243,128 | ---- | M] (Disc Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2014/01/19 20:33:42 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/01/19 20:33:42 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/01/12 21:12:22 | 000,064,168 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswstm.sys
[2014/01/12 21:09:28 | 000,775,952 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014/01/12 21:09:28 | 000,410,528 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014/01/12 21:09:28 | 000,270,240 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/01/12 21:09:28 | 000,180,248 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/01/12 21:09:28 | 000,079,720 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014/01/12 21:09:28 | 000,067,824 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/01/12 21:09:28 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/01/12 21:09:28 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/01/12 13:26:53 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/01/12 13:21:48 | 000,002,073 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 9.lnk
[2014/01/12 12:54:34 | 000,068,220 | ---- | M] () -- C:\Windows\System32\license.rtf
========== Files Created - No Company Name ==========
[2014/01/25 14:06:31 | 000,001,536 | ---- | C] () -- C:\Windows\System32\.sto
[2014/01/25 13:50:40 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/01/24 21:03:10 | 000,002,487 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 3.lnk
[2014/01/22 20:21:16 | 000,000,061 | ---- | C] () -- C:\Windows\Simatic.cfg
[2014/01/22 20:21:10 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI
[2014/01/22 20:10:01 | 000,000,000 | ---- | C] () -- C:\Windows\PDLSERV.INI
[2014/01/22 20:08:19 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_s7ousbu32x_01007.Wdf
[2014/01/19 20:33:43 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/12 21:09:34 | 000,180,248 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/01/12 21:09:32 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/01/12 20:35:20 | 000,001,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/01/12 19:31:42 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2014/01/12 13:26:53 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/01/12 13:21:48 | 000,002,073 | ---- | C] () -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 9.lnk
[2014/01/12 13:17:52 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF
[2014/01/12 13:17:52 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF
[2014/01/12 13:17:52 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF
[2014/01/12 13:17:52 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF
[2014/01/12 13:17:52 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF
[2014/01/12 13:17:52 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF
[2014/01/12 13:17:52 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF
[2014/01/12 13:05:16 | 000,001,413 | ---- | C] () -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/01/12 12:54:27 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2014/01/12 12:54:17 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2014/01/12 12:51:15 | 2408,722,432 | -HS- | C] () -- C:\hiberfil.sys
========== ZeroAccess Check ==========
[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009/07/14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2014/01/12 21:14:45 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\AVAST Software
[2014/01/20 19:46:31 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\DAEMON Tools Lite
[2014/01/24 21:01:14 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Downloaded Installations
[2014/01/24 21:03:26 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\FileOpen
[2014/01/12 13:18:26 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\GHISLER
[2014/01/24 21:03:26 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Nitro
[2014/01/25 10:08:30 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Seznam.cz
[2014/01/22 20:21:55 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Siemens
========== Purity Check ==========
< End of report >
Tu sú logy:
OTL.txt
OTL logfile created on: 25. 1. 2014 14:07:13 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Andrej\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
2,99 Gb Total Physical Memory | 1,64 Gb Available Physical Memory | 54,94% Memory free
5,98 Gb Paging File | 4,52 Gb Available in Paging File | 75,66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 151,42 Gb Total Space | 130,95 Gb Free Space | 86,48% Space Free | Partition Type: NTFS
Drive D: | 299,39 Gb Total Space | 91,77 Gb Free Space | 30,65% Space Free | Partition Type: NTFS
Drive G: | 6,54 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: ANDREJ-PC | User Name: Andrej | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/01/25 13:46:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Andrej\Desktop\OTL.exe
PRC - [2014/01/20 20:46:09 | 000,097,048 | ---- | M] () -- C:\Program Files\maucampo\bin\utilmaucampo.exe
PRC - [2014/01/19 20:33:42 | 001,863,048 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
PRC - [2014/01/16 01:37:30 | 000,097,048 | ---- | M] () -- C:\Program Files\maucampo\updatemaucampo.exe
PRC - [2014/01/12 21:09:27 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/01/12 21:09:27 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/12/05 20:34:42 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/07/26 06:48:28 | 000,196,624 | ---- | M] (Nitro PDF Software) -- C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
PRC - [2013/04/12 09:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
PRC - [2011/12/11 21:07:24 | 001,138,312 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe
PRC - [2011/11/23 23:12:38 | 000,243,200 | ---- | M] () -- C:\Program Files\Siemens\WinCC\bin\CCUCSurrogate.exe
PRC - [2011/11/23 22:26:56 | 001,464,832 | ---- | M] (SIEMENS AG) -- C:\Program Files\Siemens\WinCC\bin\CCProjectMgr.exe
PRC - [2011/11/23 13:01:10 | 000,098,304 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\commonarchiving\CCDBUtils.exe
PRC - [2011/11/14 20:21:20 | 000,245,248 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe
PRC - [2011/11/14 16:18:46 | 000,163,328 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe
PRC - [2011/11/14 14:47:58 | 000,264,704 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe
PRC - [2011/11/14 14:37:24 | 000,363,008 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\ace\bin\CCAgent.exe
PRC - [2011/11/04 01:41:34 | 000,556,168 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe
PRC - [2011/11/04 01:41:30 | 000,412,808 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
PRC - [2011/10/25 11:23:08 | 009,079,296 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\SimNetCom\pniopcac.exe
PRC - [2011/10/24 11:03:54 | 002,087,424 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\SimNetCom\pniomgr.exe
PRC - [2009/10/15 11:06:52 | 000,053,064 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 9\TscHelp.exe
PRC - [2009/10/15 11:06:50 | 000,066,888 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 9\SnagPriv.exe
PRC - [2009/10/15 11:06:46 | 007,168,328 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 9\SnagitEditor.exe
PRC - [2009/10/15 11:06:46 | 006,287,176 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 9\Snagit32.exe
PRC - [2009/07/14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
========== Modules (No Company Name) ==========
MOD - [2014/01/19 20:33:41 | 016,287,624 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_12_0_0_43.dll
MOD - [2014/01/12 21:09:27 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013/12/05 20:36:56 | 003,559,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/04/24 11:31:42 | 000,081,992 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\libchinst.dll
MOD - [2013/04/12 09:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
MOD - [2013/03/29 12:37:34 | 000,059,384 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\9526libfoxloader.dll
MOD - [2013/03/25 15:39:52 | 000,894,968 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
MOD - [2011/11/23 23:12:38 | 000,243,200 | ---- | M] () -- C:\Program Files\Siemens\WinCC\bin\CCUCSurrogate.exe
MOD - [2011/11/15 02:48:32 | 000,057,856 | ---- | M] () -- C:\Program Files\Siemens\WinCC\bin\CCUCSurrogateEnu.lng
MOD - [2011/03/02 12:40:52 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2009/10/15 11:06:44 | 004,715,848 | R--- | M] () -- C:\Program Files\TechSmith\Snagit 9\PDFNetC.dll
========== Services (SafeList) ==========
SRV - [2014/01/20 20:46:09 | 000,097,048 | ---- | M] () [Auto | Running] -- C:\Program Files\maucampo\bin\utilmaucampo.exe -- (Util maucampo)
SRV - [2014/01/19 20:33:42 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/01/16 01:37:30 | 000,097,048 | ---- | M] () [Auto | Running] -- C:\Program Files\maucampo\updatemaucampo.exe -- (Update maucampo)
SRV - [2014/01/12 21:09:27 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/12/05 20:36:33 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/07/26 06:48:28 | 000,196,624 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe -- (NitroReaderDriverReadSpool3)
SRV - [2011/12/11 21:07:24 | 001,138,312 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe -- (almservice)
SRV - [2011/11/23 23:21:54 | 000,332,800 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCSsmRTServer.exe -- (CCSsmRTServer)
SRV - [2011/11/23 23:12:26 | 000,072,192 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCProfileServer.exe -- (CCProfileServer)
SRV - [2011/11/23 23:08:46 | 000,119,808 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CcAlgRtServer.exe -- (CCAlgRtServer)
SRV - [2011/11/23 23:07:52 | 000,361,984 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCAlgIAlarmDataCollector.exe -- (CCAlgIAlarmDataCollector)
SRV - [2011/11/23 23:06:00 | 000,489,472 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\Bin\CCLicenseService.exe -- (CCLicenseService)
SRV - [2011/11/23 23:03:22 | 000,100,352 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCRtsLoader.exe -- (CCRtsLoader)
SRV - [2011/11/23 23:00:42 | 000,372,224 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCTextServer.exe -- (CCTextServer)
SRV - [2011/11/23 23:00:36 | 000,091,648 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCTlgServer.exe -- (CCTlgServer)
SRV - [2011/11/23 22:59:04 | 001,311,232 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCUsrAcv.exe -- (CCUsrAcv)
SRV - [2011/11/23 22:34:50 | 000,450,560 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCPackageMgr.exe -- (CCPackageMgr)
SRV - [2011/11/23 22:34:20 | 000,757,760 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCDeltaLoader.exe -- (CCDeltaLoader)
SRV - [2011/11/23 22:32:10 | 000,299,520 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCTMTimeSyncServer.exe -- (CCTMTimeSyncServer)
SRV - [2011/11/23 22:31:10 | 000,646,144 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCNSInfo2Provider.exe -- (CCNSInfo2Provider)
SRV - [2011/11/23 22:30:04 | 000,195,072 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCLBMRTServer.exe -- (CCLBMRTServer)
SRV - [2011/11/23 22:29:40 | 000,436,736 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCCSigRTServer.exe -- (CCCSigRTServer)
SRV - [2011/11/23 22:28:46 | 000,331,776 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCPtmRTServer.exe -- (CCPtmRTServer)
SRV - [2011/11/23 22:26:56 | 001,464,832 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Siemens\WinCC\bin\CCProjectMgr.exe -- (CCProjectMgr)
SRV - [2011/11/23 16:02:26 | 000,346,112 | ---- | M] (SIEMENS AG) [Disabled | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\HistDataAccess\bin\sopchdasrvrwincc.exe -- (OPCServerHDA.WinCC)
SRV - [2011/11/23 16:00:22 | 000,188,416 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\UAWrapper\CCRT2UA.exe -- (XR_CCOPC.UAWrapper)
SRV - [2011/11/23 16:00:04 | 000,188,416 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\XMLDataAccess\bin\CCRT2XML.exe -- (XR_CCOPC.XMLWrapper)
SRV - [2011/11/23 15:59:38 | 000,348,160 | ---- | M] (SIEMENS AG) [Disabled | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\DataAccess\bin\sopcsrvrwincc.exe -- (OPCServer.WinCC)
SRV - [2011/11/23 15:59:00 | 000,344,064 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\XMLDataAccess\bin\DA2XML.exe -- (CCOPC.XMLWrapper)
SRV - [2011/11/23 15:59:00 | 000,344,064 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\UAWrapper\DA2UA.exe -- (CCOPC.UAWrapper)
SRV - [2011/11/23 15:57:38 | 000,261,632 | ---- | M] (SIEMENS AG) [Disabled | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\AlarmEvent\bin\sopcaesrvrwincc.exe -- (OPCServerAE.WinCC)
SRV - [2011/11/23 13:10:30 | 000,856,064 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\commonarchiving\CCRedundancyAgent.exe -- (CCRedundancyAgent-Service)
SRV - [2011/11/23 13:01:10 | 000,098,304 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\commonarchiving\CCDBUtils.exe -- (CCDBUtils)
SRV - [2011/11/23 12:59:42 | 000,757,760 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\commonarchiving\CCArchiveManager.exe -- (CCArchiveManagerService)
SRV - [2011/11/14 20:31:38 | 000,486,400 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe -- (RedundancyControl)
SRV - [2011/11/14 20:21:20 | 000,245,248 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe -- (CCEServer)
SRV - [2011/11/14 16:18:46 | 000,163,328 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe -- (SCSMonitor)
SRV - [2011/11/14 15:46:46 | 000,101,888 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\ace\bin\SCSFsX.exe -- (SCSFsX)
SRV - [2011/11/14 15:34:08 | 000,198,144 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\ace\bin\RedundancyState.exe -- (RedundancyState)
SRV - [2011/11/14 14:47:58 | 000,264,704 | ---- | M] (SIEMENS AG) [On_Demand | Running] -- C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe -- (CCEClient)
SRV - [2011/11/14 14:37:24 | 000,363,008 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\ace\bin\CCAgent.exe -- (CCAgent)
SRV - [2011/11/10 12:58:36 | 000,716,288 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\Bin\CCPerfMon.exe -- (CCPerfMon)
SRV - [2011/11/04 01:41:34 | 000,556,168 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe -- (S7TraceServiceX)
SRV - [2011/11/04 01:41:30 | 000,412,808 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe -- (s7oiehsx)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/02/05 03:04:08 | 000,139,488 | ---- | M] (OPC Foundation) [On_Demand | Stopped] -- C:\Windows\System32\OpcEnum.exe -- (OpcEnum)
========== Driver Services (SafeList) ==========
DRV - [2014/01/20 19:33:11 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2014/01/12 21:12:22 | 000,064,168 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aswstm.sys -- (aswStm)
DRV - [2014/01/12 21:09:28 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014/01/12 21:09:28 | 000,410,528 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2014/01/12 21:09:28 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/01/12 21:09:28 | 000,079,720 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2014/01/12 21:09:28 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014/01/12 21:09:28 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2011/10/11 19:13:20 | 000,343,888 | ---- | M] (SIEMENS AG) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SNTIE.SYS -- (SNTIE)
DRV - [2011/09/29 10:48:48 | 000,641,280 | ---- | M] (SIEMENS AG) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\s7ousbu32x.sys -- (s7ousbu32x)
DRV - [2011/06/16 19:10:22 | 000,063,104 | ---- | M] (SIEMENS AG) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\s7sn2srtx.sys -- (s7sn2srtx)
DRV - [2011/05/06 05:08:10 | 000,521,216 | ---- | M] (SIEMENS AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\S7otranx32.sys -- (S7otranx32)
DRV - [2011/05/06 05:03:22 | 000,087,552 | ---- | M] (SIEMENS AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\S7odpx2x32.sys -- (S7odpx2x32)
DRV - [2011/04/19 19:22:04 | 000,288,256 | ---- | M] (SIEMENS AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\dpmconv32.sys -- (dpmconv)
DRV - [2011/04/19 19:20:28 | 000,140,288 | ---- | M] (SIEMENS AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsnl2ada32.sys -- (vsnl2ada)
DRV - [2010/03/22 20:35:44 | 000,072,248 | ---- | M] (SIEMENS AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\DPMTRCDD32.sys -- (DPMTRCDD)
DRV - [2009/11/06 12:53:58 | 001,227,776 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/07/14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009/07/14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009/07/14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009/07/14 01:11:04 | 000,141,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mqac.sys -- (MQAC)
DRV - [2009/07/14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-987201152-1341176263-1292834751-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 64 65 73 CB 0F CF 01 [binary data]
IE - HKU\S-1-5-21-987201152-1341176263-1292834751-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-987201152-1341176263-1292834751-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-987201152-1341176263-1292834751-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.google.sk"
FF - prefs.js..extensions.enabledAddons: %7B66E978CD-981F-47DF-AC42-E3CF417C1467%7D:0.4.3
FF - prefs.js..extensions.enabledAddons: %7Bef8714df-a44b-464c-9034-549a70dc4cd7%7D:1.0.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/01/12 21:09:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2014/01/12 20:35:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Extensions
[2014/01/20 19:45:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions
[2014/01/20 19:45:21 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2014/01/12 20:38:26 | 000,016,454 | ---- | M] () (No name found) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions\HomepageNewTab@neocodex.us.xpi
[2014/01/12 20:40:34 | 000,003,793 | ---- | M] () (No name found) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi
[2014/01/19 20:28:35 | 000,940,775 | ---- | M] () (No name found) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/01/16 01:37:30 | 000,008,938 | ---- | M] () (No name found) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions\{ef8714df-a44b-464c-9034-549a70dc4cd7}.xpi
[2014/01/12 20:35:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/01/12 20:35:17 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (maucampo) - {5d7d4fb9-aca5-4013-8879-c58dcd4df9f1} - C:\Program Files\maucampo\maucampoBHO.dll (maucampo)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-987201152-1341176263-1292834751-1000\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CCUCSurrogate.exe] C:\Program Files\Siemens\WinCC\bin\CCUCSurrogate.exe ()
O4 - HKLM..\Run: [seznam-listicka-distribuce] C:\Program Files\Seznam.cz\distribution\szninstall.exe ()
O4 - HKU\S-1-5-21-987201152-1341176263-1292834751-1000..\Run: [cz.seznam.software.autoupdate] C:\Users\Andrej\AppData\Roaming\Seznam.cz\szninstall.exe ()
O4 - HKU\S-1-5-21-987201152-1341176263-1292834751-1000..\Run: [cz.seznam.software.szndesktop] C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe ()
O4 - HKU\S-1-5-21-987201152-1341176263-1292834751-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 9.lnk = C:\Program Files\TechSmith\Snagit 9\Snagit32.exe (TechSmith Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FA6D81AC-B75C-4D34-89C6-5947764FB974}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/03/10 16:55:40 | 000,000,045 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{7a2f2665-8200-11e3-a533-70f3954ca870}\Shell - "" = AutoRun
O33 - MountPoints2\{7a2f2665-8200-11e3-a533-70f3954ca870}\Shell\AutoRun\command - "" = G:\Setup.exe -- [2011/08/03 13:32:28 | 000,236,168 | R--- | M] (SIEMENS AG)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/01/25 13:46:54 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Andrej\Desktop\OTL.exe
[2014/01/25 12:37:38 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014/01/25 12:37:38 | 000,000,000 | ---D | C] -- C:\rsit
[2014/01/25 11:22:04 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\vlc
[2014/01/25 11:21:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2014/01/25 11:21:40 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2014/01/24 21:03:26 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Nitro
[2014/01/24 21:03:26 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\FileOpen
[2014/01/24 21:03:26 | 000,000,000 | ---D | C] -- C:\ProgramData\FileOpen
[2014/01/24 21:03:13 | 000,027,152 | ---- | C] (Nitro PDF Software) -- C:\Windows\System32\nitrolocalmon2.dll
[2014/01/24 21:03:13 | 000,018,448 | ---- | C] (Nitro PDF Software) -- C:\Windows\System32\nitrolocalui2.dll
[2014/01/24 21:03:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Nitro
[2014/01/24 21:03:06 | 000,000,000 | ---D | C] -- C:\Program Files\Nitro
[2014/01/24 21:03:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nitro
[2014/01/24 21:01:14 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Downloaded Installations
[2014/01/22 20:21:55 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Siemens
[2014/01/22 20:15:09 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\winhlp32.exe
[2014/01/22 20:15:09 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftsrch.dll
[2014/01/22 20:15:09 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftlx041e.dll
[2014/01/22 20:15:09 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftlx0411.dll
[2014/01/22 20:14:30 | 000,000,000 | ---D | C] -- C:\Program Files\WINCC
[2014/01/22 20:02:45 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Siemens
[2014/01/22 20:00:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Siemens Automation
[2014/01/22 20:00:07 | 000,000,000 | ---D | C] -- C:\Program Files\Siemens
[2014/01/22 20:00:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Siemens
[2014/01/22 19:47:33 | 000,000,000 | ---D | C] -- C:\Users\Andrej\Documents\SQL Server Management Studio
[2014/01/22 19:41:50 | 000,000,000 | ---D | C] -- C:\Users\Andrej\Documents\Visual Studio 2005
[2014/01/22 19:41:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2005
[2014/01/22 19:39:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2014/01/22 19:39:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2014/01/22 19:39:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2014/01/22 19:38:58 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2014/01/22 19:38:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2014/01/22 19:38:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Merge Modules
[2014/01/22 19:38:30 | 000,000,000 | ---D | C] -- C:\Program Files\OPC Foundation
[2014/01/22 19:38:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\OPC Foundation
[2014/01/22 19:38:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Designer
[2014/01/22 19:31:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\msmq
[2014/01/22 19:24:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Siemens
[2014/01/22 19:16:20 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\GHISLER
[2014/01/20 20:17:26 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Malwarebytes
[2014/01/20 20:17:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/01/20 20:17:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/01/20 20:17:11 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/01/20 20:17:11 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2014/01/20 19:51:20 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Microsoft Help
[2014/01/20 19:51:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2014/01/20 19:50:24 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2014/01/20 19:45:53 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\ElevatedDiagnostics
[2014/01/20 19:45:41 | 000,000,000 | ---D | C] -- C:\Program Files\maucampo
[2014/01/20 19:45:24 | 000,000,000 | ---D | C] -- C:\Program Files\Seznam.cz
[2014/01/20 19:44:40 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Seznam.cz
[2014/01/20 19:33:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2014/01/20 19:33:11 | 000,243,128 | ---- | C] (Disc Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2014/01/20 19:33:07 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\DAEMON Tools Lite
[2014/01/20 19:33:05 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2014/01/20 19:32:30 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2014/01/19 20:50:22 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Macromedia
[2014/01/19 20:50:22 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Macromedia
[2014/01/19 20:50:22 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Adobe
[2014/01/19 20:33:42 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/01/19 20:33:42 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/01/19 20:33:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2014/01/19 20:31:22 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Adobe
[2014/01/12 21:14:45 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\AVAST Software
[2014/01/12 21:12:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/01/12 21:09:40 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Google
[2014/01/12 21:09:40 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2014/01/12 21:09:34 | 000,064,168 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswstm.sys
[2014/01/12 21:09:33 | 000,775,952 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014/01/12 21:09:32 | 000,410,528 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014/01/12 21:09:32 | 000,067,824 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/01/12 21:09:31 | 000,079,720 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014/01/12 21:09:29 | 000,270,240 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/01/12 21:09:28 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/01/12 21:09:12 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/01/12 21:08:41 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/01/12 20:52:45 | 000,230,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2014/01/12 20:35:28 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Mozilla
[2014/01/12 20:35:28 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Mozilla
[2014/01/12 20:35:18 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2014/01/12 20:35:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/01/12 20:35:17 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/01/12 20:13:03 | 001,227,776 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\drivers\athr.sys
[2014/01/12 20:13:02 | 000,000,000 | ---D | C] -- C:\temp
[2014/01/12 20:13:02 | 000,000,000 | ---D | C] -- C:\Program Files\Lenovo
[2014/01/12 20:13:02 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\InstallShield
[2014/01/12 19:31:42 | 000,094,208 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RTNUninst32.dll
[2014/01/12 19:31:42 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2014/01/12 19:31:41 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2014/01/12 19:29:49 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Diagnostics
[2014/01/12 19:28:59 | 000,000,000 | ---D | C] -- C:\Drivers
[2014/01/12 13:51:41 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AIMP2
[2014/01/12 13:51:40 | 000,000,000 | ---D | C] -- C:\Program Files\AIMP2
[2014/01/12 13:32:51 | 000,000,000 | ---D | C] -- C:\Users\Andrej\Documents\Snagit
[2014/01/12 13:27:33 | 000,000,000 | ---D | C] -- C:\ProgramData\7. Realtek LAN Driver
[2014/01/12 13:27:11 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Programs
[2014/01/12 13:21:48 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Snagit 9
[2014/01/12 13:21:47 | 000,000,000 | ---D | C] -- C:\ProgramData\TechSmith
[2014/01/12 13:21:46 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\TechSmith
[2014/01/12 13:21:46 | 000,000,000 | ---D | C] -- C:\Program Files\TechSmith
[2014/01/12 13:20:36 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2014/01/12 13:20:01 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\WinRAR
[2014/01/12 13:20:01 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/01/12 13:20:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/01/12 13:19:44 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2014/01/12 13:17:52 | 000,000,000 | ---D | C] -- C:\Program Files\totalcmd
[2014/01/12 13:17:52 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
[2014/01/12 13:17:52 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\GHISLER
[2014/01/12 13:05:15 | 000,000,000 | R--D | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/01/12 13:05:15 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Searches
[2014/01/12 13:05:15 | 000,000,000 | R--D | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/01/12 13:05:06 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Identities
[2014/01/12 13:05:05 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Contacts
[2014/01/12 13:04:59 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\VirtualStore
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\AppData\Local\Temporary Internet Files
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Šablony
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Soubory cookie
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\SendTo
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Poslední
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Okolní tiskárny
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Okolní síť
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Documents\Obrázky
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Nabídka Start
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Local Settings
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Documents\Hudba
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\AppData\Local\History
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Documents\Filmy
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Dokumenty
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Data aplikací
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\AppData\Local\Data aplikací
[2014/01/12 13:04:57 | 000,000,000 | --SD | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Videos
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Saved Games
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Pictures
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Music
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Links
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Favorites
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Downloads
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Documents
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Desktop
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/01/12 13:04:57 | 000,000,000 | -H-D | C] -- C:\Users\Andrej\AppData
[2014/01/12 13:04:57 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Temp
[2014/01/12 13:04:57 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Microsoft
[2014/01/12 13:04:57 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Media Center Programs
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Šablony
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\Recovery
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Plocha
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Obrázky
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Oblíbené položky
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Nabídka Start
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Hudba
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Filmy
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Data aplikací
[2014/01/12 12:54:06 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/01/12 12:51:33 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2014/01/12 12:51:15 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014/01/12 12:50:47 | 000,000,000 | ---D | C] -- C:\Windows\Panther
========== Files - Modified Within 30 Days ==========
[2014/01/25 14:06:31 | 000,001,536 | ---- | M] () -- C:\Windows\System32\.sto
[2014/01/25 14:05:11 | 000,009,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/25 14:05:10 | 000,009,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/25 13:59:07 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/25 13:50:40 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/01/25 13:46:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Andrej\Desktop\OTL.exe
[2014/01/25 12:26:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/25 10:09:15 | 000,664,976 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2014/01/25 10:09:15 | 000,657,654 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/01/25 10:09:15 | 000,137,518 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2014/01/25 10:09:15 | 000,122,402 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/01/25 10:02:20 | 2408,722,432 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/22 21:31:24 | 000,000,028 | ---- | M] () -- C:\Windows\ODBC.INI
[2014/01/22 21:31:09 | 000,000,061 | ---- | M] () -- C:\Windows\Simatic.cfg
[2014/01/22 20:16:46 | 000,269,992 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/01/22 20:10:01 | 000,000,000 | ---- | M] () -- C:\Windows\PDLSERV.INI
[2014/01/22 20:08:19 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_s7ousbu32x_01007.Wdf
[2014/01/20 19:33:11 | 000,243,128 | ---- | M] (Disc Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2014/01/19 20:33:42 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/01/19 20:33:42 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/01/12 21:12:22 | 000,064,168 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswstm.sys
[2014/01/12 21:09:28 | 000,775,952 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014/01/12 21:09:28 | 000,410,528 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014/01/12 21:09:28 | 000,270,240 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/01/12 21:09:28 | 000,180,248 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/01/12 21:09:28 | 000,079,720 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014/01/12 21:09:28 | 000,067,824 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/01/12 21:09:28 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/01/12 21:09:28 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/01/12 13:26:53 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/01/12 13:21:48 | 000,002,073 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 9.lnk
[2014/01/12 12:54:34 | 000,068,220 | ---- | M] () -- C:\Windows\System32\license.rtf
========== Files Created - No Company Name ==========
[2014/01/25 14:06:31 | 000,001,536 | ---- | C] () -- C:\Windows\System32\.sto
[2014/01/25 13:50:40 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/01/24 21:03:10 | 000,002,487 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 3.lnk
[2014/01/22 20:21:16 | 000,000,061 | ---- | C] () -- C:\Windows\Simatic.cfg
[2014/01/22 20:21:10 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI
[2014/01/22 20:10:01 | 000,000,000 | ---- | C] () -- C:\Windows\PDLSERV.INI
[2014/01/22 20:08:19 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_s7ousbu32x_01007.Wdf
[2014/01/19 20:33:43 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/12 21:09:34 | 000,180,248 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/01/12 21:09:32 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/01/12 20:35:20 | 000,001,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/01/12 19:31:42 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2014/01/12 13:26:53 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/01/12 13:21:48 | 000,002,073 | ---- | C] () -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 9.lnk
[2014/01/12 13:17:52 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF
[2014/01/12 13:17:52 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF
[2014/01/12 13:17:52 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF
[2014/01/12 13:17:52 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF
[2014/01/12 13:17:52 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF
[2014/01/12 13:17:52 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF
[2014/01/12 13:17:52 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF
[2014/01/12 13:05:16 | 000,001,413 | ---- | C] () -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/01/12 12:54:27 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2014/01/12 12:54:17 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2014/01/12 12:51:15 | 2408,722,432 | -HS- | C] () -- C:\hiberfil.sys
========== ZeroAccess Check ==========
[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009/07/14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2014/01/12 21:14:45 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\AVAST Software
[2014/01/20 19:46:31 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\DAEMON Tools Lite
[2014/01/24 21:01:14 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Downloaded Installations
[2014/01/24 21:03:26 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\FileOpen
[2014/01/12 13:18:26 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\GHISLER
[2014/01/24 21:03:26 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Nitro
[2014/01/25 10:08:30 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Seznam.cz
[2014/01/22 20:21:55 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Siemens
========== Purity Check ==========
< End of report >
Re: Prosím o preventívnu kontrolu
Extras.txt
OTL Extras logfile created on: 25. 1. 2014 14:07:13 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Andrej\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
2,99 Gb Total Physical Memory | 1,64 Gb Available Physical Memory | 54,94% Memory free
5,98 Gb Paging File | 4,52 Gb Available in Paging File | 75,66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 151,42 Gb Total Space | 130,95 Gb Free Space | 86,48% Space Free | Partition Type: NTFS
Drive D: | 299,39 Gb Total Space | 91,77 Gb Free Space | 30,65% Space Free | Partition Type: NTFS
Drive G: | 6,54 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: ANDREJ-PC | User Name: Andrej | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_USERS\S-1-5-21-987201152-1341176263-1292834751-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{083754D2-FD9E-4285-9C6F-5D7652D59A4A}" = rport=137 | protocol=17 | dir=out | app=system |
"{1B8DED86-65AC-493C-90B6-89EBD812F483}" = lport=137 | protocol=17 | dir=in | app=system |
"{2C9D6CD3-CD6E-4D20-B488-6D8362ADAA62}" = rport=139 | protocol=6 | dir=out | app=system |
"{3316BFA7-1979-4515-90DF-A0B8AF9CCA27}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{95FEA27D-A4C2-4581-B32B-B8006FF860D6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A3EB1E68-B316-439E-AB80-2E469F893D6C}" = rport=138 | protocol=17 | dir=out | app=system |
"{B1F14130-03CE-4FF4-93A3-C685705CE95B}" = lport=138 | protocol=17 | dir=in | app=system |
"{D2F5E99A-D95B-423C-BA06-8833903BDDB0}" = lport=139 | protocol=6 | dir=in | app=system |
"{E67A49D6-3071-4B58-8231-25D1BA8D7F0C}" = rport=445 | protocol=6 | dir=out | app=system |
"{F0D7CBEA-0D0B-4661-8E06-BE0FBBA85D5A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F8C437CE-4725-4FA1-B91D-E01C14393288}" = lport=445 | protocol=6 | dir=in | app=system |
"{FCE601D7-D588-4EBD-8A68-7A4C7EA61004}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{017D7FF5-8002-42B6-832C-C2708660AE65}" = dir=in | app=c:\program files\siemens\wincc\bin\ccrtsloader.exe |
"{26AE4708-7D93-424C-98AE-E475FAD415B0}" = dir=in | app=c:\program files\common files\siemens\ace\bin\ccagent.exe |
"{3179F529-A870-4CAE-AA51-67EFD7F68AA6}" = dir=in | app=c:\program files\siemens\wincc\opc\dataaccess\bin\sopcsrvrwincc.exe |
"{3CD6389D-EFEF-44A2-BBFB-1EB090D1CE9D}" = dir=in | app=c:\program files\microsoft sql server\90\shared\sqlbrowser.exe |
"{44B55BB8-75DF-49EB-BC96-EAE52288EF88}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5009764E-B658-49E8-B466-74EF40288F21}" = dir=in | app=c:\program files\siemens\wincc\bin\ccprojectmgr.exe |
"{527EDDE3-7476-40D8-AF92-7D1DF788CF59}" = protocol=17 | dir=in | app=c:\program files\common files\siemens\ace\bin\ccagent.exe |
"{52B3B90F-D40E-4C44-BE35-1BE076203BCF}" = dir=in | app=c:\program files\siemens\wincc\opc\histdataaccess\bin\sopchdasrvrwincc.exe |
"{55884F6E-F146-4E1A-A588-DB21A06BB7EF}" = dir=in | app=c:\program files\siemens\wincc\opc\alarmevent\bin\sopcaesrvrwincc.exe |
"{68B68F3E-F189-4A38-8717-541810ACE8E7}" = dir=in | app=c:\program files\common files\siemens\ace\bin\redundancycontrol.exe |
"{7083F708-FA99-4E4C-BD0D-6944DBC6365B}" = dir=in | app=c:\program files\siemens\wincc\bin\cconlcmp.exe |
"{83988D19-F0A6-4502-8705-300E9FBA93AD}" = dir=in | app=c:\program files\common files\siemens\ace\bin\cceserver.exe |
"{8A840ABB-4CD9-4CEE-B258-97C69555A888}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8E555962-BC59-4B65-ADB4-D3DF80E1276C}" = protocol=6 | dir=in | app=c:\program files\common files\siemens\ace\bin\redundancycontrol.exe |
"{95EA6237-E82E-4C04-812E-ADE20F4D948D}" = protocol=6 | dir=in | app=c:\program files\common files\siemens\ace\bin\ccagent.exe |
"{9920F15A-8DC4-417D-B856-41FA44F47D3A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{AE87B7B3-9A80-4FCB-9EC4-682FFD29D03B}" = protocol=17 | dir=in | app=c:\program files\common files\siemens\ace\bin\redundancycontrol.exe |
"{C1B2B468-8B3E-437D-93E6-34A5B396C64B}" = dir=in | app=c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe |
"{C530113B-D4BD-4D89-B18C-8D40EFE5602B}" = protocol=17 | dir=in | app=c:\program files\common files\siemens\ace\bin\cceserver.exe |
"{C636AE0F-27DF-4B6A-AD3B-28FE174FD2EA}" = dir=in | app=c:\program files\siemens\wincc\bin\ccuaeditor.exe |
"{D6DDF30D-06F3-4A1D-9787-D8DC92892FA8}" = dir=in | app=c:\windows\system32\opcenum.exe |
"{D8BE2FAF-DEA4-4776-839B-A6B8BCE4BA63}" = protocol=6 | dir=in | app=c:\program files\common files\siemens\ace\bin\cceserver.exe |
"{E219F414-A360-4816-8E5B-ED539705A2AC}" = dir=in | app=c:\program files\siemens\wincc\bin\ccusracv.exe |
"{F28421C8-2982-48C9-8D08-B42BCCA56054}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0D61D68B-DF5E-4635-82C7-B0C53F0A581B}" = Microsoft SQL Server 2005 Backward compatibility
"{130A3BE1-85CC-4135-8EA7-5A724EE6CE2C}" = Microsoft SQL Server 2005 (WINCC)
"{1DD463C0-A50A-4394-B7E4-5895C02F9E0D}" = Microsoft SQL Server 2005 Tools
"{1EDF214A-AEFA-4CC6-96F9-BC9A4BAFB05B}" = SIMATIC WinCC Runtime
"{1EDF214A-AEFA-4CC6-96F9-BC9A4BAFB05B}WinCC" = SIMATIC WinCC Runtime V7.0 + SP3
"{28ABE740-47F3-441B-9437-852F6A64EFF8}" = Lenovo_Wireless_Driver
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{56325EE0-6E66-4735-9B8B-09A1EC6697BD}" = SIMATIC WinCC Configuration
"{56325EE0-6E66-4735-9B8B-09A1EC6697BD}WinCCConfiguration" = SIMATIC WinCC Configuration V7.0 + SP3
"{588DC473-0F95-42C4-BBF0-92CCE9FD6D27}" = Siemens Automation License Manager
"{588DC473-0F95-42C4-BBF0-92CCE9FD6D27}LicenseManager" = Siemens Automation License Manager V5.1 + SP1 + Upd3
"{5C47C8B6-77FF-4FC7-A388-66FCF9CFC24C}" = Snagit 9.1.3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{90F50409-6000-11D3-8CFE-0150048383C9}" = Visual Basic for Applications (R) Core
"{90F60409-6000-11D3-8CFE-0150048383C9}" = Visual Basic for Applications (R) Core - English
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B60A0DD-931F-445C-ACE9-00E3AE718227}" = SIMATIC WinCC Smart Tools
"{9B60A0DD-931F-445C-ACE9-00E3AE718227}WinCCSmartTools" = SIMATIC WinCC Smart Tools V7.0 + SP3
"{9D8DA9A0-67B7-44DB-A0C3-2D1DC6880B71}" = OPC .NET API 2.00 Redistributables (x86) 101.0
"{AD9F5DB5-ACE0-4538-A272-88B10A6C93C8}" = OPC Core Components Redistributable (x86) 101.2
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{EE8CFFD9-6E29-4DC3-A967-7348D5F41F44}" = Microsoft SQL Server 2005 Integration Services
"{F4456A16-88F4-4A0A-BD63-08C9EBDC32A7}" = SIMATIC WinCC OPC Server
"{F4456A16-88F4-4A0A-BD63-08C9EBDC32A7}WinCCOPCServer" = SIMATIC WinCC OPC Server V3.9 + Upd1
"{F5451D00-B448-4E9A-82DC-1929F4F1910D}" = Nitro Reader 3
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"AIMP2" = AIMP2
"Avast" = avast! Free Antivirus
"DAEMON Tools Lite" = DAEMON Tools Lite
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"maucampo" = maucampo
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 26.0 (x86 sk)" = Mozilla Firefox 26.0 (x86 sk)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 1.1.9
"WinRAR archiver" = WinRAR 4.00 (32-bit)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-987201152-1341176263-1292834751-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SeznamInstall" = Seznam Software
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 12. 1. 2014 8:34:31 | Computer Name = Andrej-PC | Source = RasClient | ID = 20227
Description =
Error - 12. 1. 2014 8:34:54 | Computer Name = Andrej-PC | Source = RasClient | ID = 20227
Description =
Error - 12. 1. 2014 16:09:06 | Computer Name = Andrej-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Služba Šifrování selhala při volání OnIdentity() v objektu System
Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary zhjbteqb.
System
Error: Systém nemůže nalézt uvedený soubor. .
[ System Events ]
Error - 22. 1. 2014 15:15:46 | Computer Name = Andrej-PC | Source = DCOM | ID = 10010
Description =
Error - 22. 1. 2014 15:25:50 | Computer Name = Andrej-PC | Source = atapi | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.
Error - 22. 1. 2014 15:25:50 | Computer Name = Andrej-PC | Source = atapi | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.
Error - 22. 1. 2014 15:25:50 | Computer Name = Andrej-PC | Source = atapi | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.
Error - 23. 1. 2014 16:23:38 | Computer Name = Andrej-PC | Source = DCOM | ID = 10010
Description =
Error - 23. 1. 2014 16:23:57 | Computer Name = Andrej-PC | Source = atapi | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.
Error - 23. 1. 2014 16:23:57 | Computer Name = Andrej-PC | Source = atapi | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.
Error - 24. 1. 2014 15:56:45 | Computer Name = Andrej-PC | Source = atapi | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.
Error - 25. 1. 2014 5:11:13 | Computer Name = Andrej-PC | Source = atapi | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.
Error - 25. 1. 2014 7:07:01 | Computer Name = Andrej-PC | Source = atapi | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.
< End of report >
OTL Extras logfile created on: 25. 1. 2014 14:07:13 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Andrej\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
2,99 Gb Total Physical Memory | 1,64 Gb Available Physical Memory | 54,94% Memory free
5,98 Gb Paging File | 4,52 Gb Available in Paging File | 75,66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 151,42 Gb Total Space | 130,95 Gb Free Space | 86,48% Space Free | Partition Type: NTFS
Drive D: | 299,39 Gb Total Space | 91,77 Gb Free Space | 30,65% Space Free | Partition Type: NTFS
Drive G: | 6,54 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: ANDREJ-PC | User Name: Andrej | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_USERS\S-1-5-21-987201152-1341176263-1292834751-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{083754D2-FD9E-4285-9C6F-5D7652D59A4A}" = rport=137 | protocol=17 | dir=out | app=system |
"{1B8DED86-65AC-493C-90B6-89EBD812F483}" = lport=137 | protocol=17 | dir=in | app=system |
"{2C9D6CD3-CD6E-4D20-B488-6D8362ADAA62}" = rport=139 | protocol=6 | dir=out | app=system |
"{3316BFA7-1979-4515-90DF-A0B8AF9CCA27}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{95FEA27D-A4C2-4581-B32B-B8006FF860D6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A3EB1E68-B316-439E-AB80-2E469F893D6C}" = rport=138 | protocol=17 | dir=out | app=system |
"{B1F14130-03CE-4FF4-93A3-C685705CE95B}" = lport=138 | protocol=17 | dir=in | app=system |
"{D2F5E99A-D95B-423C-BA06-8833903BDDB0}" = lport=139 | protocol=6 | dir=in | app=system |
"{E67A49D6-3071-4B58-8231-25D1BA8D7F0C}" = rport=445 | protocol=6 | dir=out | app=system |
"{F0D7CBEA-0D0B-4661-8E06-BE0FBBA85D5A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F8C437CE-4725-4FA1-B91D-E01C14393288}" = lport=445 | protocol=6 | dir=in | app=system |
"{FCE601D7-D588-4EBD-8A68-7A4C7EA61004}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{017D7FF5-8002-42B6-832C-C2708660AE65}" = dir=in | app=c:\program files\siemens\wincc\bin\ccrtsloader.exe |
"{26AE4708-7D93-424C-98AE-E475FAD415B0}" = dir=in | app=c:\program files\common files\siemens\ace\bin\ccagent.exe |
"{3179F529-A870-4CAE-AA51-67EFD7F68AA6}" = dir=in | app=c:\program files\siemens\wincc\opc\dataaccess\bin\sopcsrvrwincc.exe |
"{3CD6389D-EFEF-44A2-BBFB-1EB090D1CE9D}" = dir=in | app=c:\program files\microsoft sql server\90\shared\sqlbrowser.exe |
"{44B55BB8-75DF-49EB-BC96-EAE52288EF88}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5009764E-B658-49E8-B466-74EF40288F21}" = dir=in | app=c:\program files\siemens\wincc\bin\ccprojectmgr.exe |
"{527EDDE3-7476-40D8-AF92-7D1DF788CF59}" = protocol=17 | dir=in | app=c:\program files\common files\siemens\ace\bin\ccagent.exe |
"{52B3B90F-D40E-4C44-BE35-1BE076203BCF}" = dir=in | app=c:\program files\siemens\wincc\opc\histdataaccess\bin\sopchdasrvrwincc.exe |
"{55884F6E-F146-4E1A-A588-DB21A06BB7EF}" = dir=in | app=c:\program files\siemens\wincc\opc\alarmevent\bin\sopcaesrvrwincc.exe |
"{68B68F3E-F189-4A38-8717-541810ACE8E7}" = dir=in | app=c:\program files\common files\siemens\ace\bin\redundancycontrol.exe |
"{7083F708-FA99-4E4C-BD0D-6944DBC6365B}" = dir=in | app=c:\program files\siemens\wincc\bin\cconlcmp.exe |
"{83988D19-F0A6-4502-8705-300E9FBA93AD}" = dir=in | app=c:\program files\common files\siemens\ace\bin\cceserver.exe |
"{8A840ABB-4CD9-4CEE-B258-97C69555A888}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8E555962-BC59-4B65-ADB4-D3DF80E1276C}" = protocol=6 | dir=in | app=c:\program files\common files\siemens\ace\bin\redundancycontrol.exe |
"{95EA6237-E82E-4C04-812E-ADE20F4D948D}" = protocol=6 | dir=in | app=c:\program files\common files\siemens\ace\bin\ccagent.exe |
"{9920F15A-8DC4-417D-B856-41FA44F47D3A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{AE87B7B3-9A80-4FCB-9EC4-682FFD29D03B}" = protocol=17 | dir=in | app=c:\program files\common files\siemens\ace\bin\redundancycontrol.exe |
"{C1B2B468-8B3E-437D-93E6-34A5B396C64B}" = dir=in | app=c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe |
"{C530113B-D4BD-4D89-B18C-8D40EFE5602B}" = protocol=17 | dir=in | app=c:\program files\common files\siemens\ace\bin\cceserver.exe |
"{C636AE0F-27DF-4B6A-AD3B-28FE174FD2EA}" = dir=in | app=c:\program files\siemens\wincc\bin\ccuaeditor.exe |
"{D6DDF30D-06F3-4A1D-9787-D8DC92892FA8}" = dir=in | app=c:\windows\system32\opcenum.exe |
"{D8BE2FAF-DEA4-4776-839B-A6B8BCE4BA63}" = protocol=6 | dir=in | app=c:\program files\common files\siemens\ace\bin\cceserver.exe |
"{E219F414-A360-4816-8E5B-ED539705A2AC}" = dir=in | app=c:\program files\siemens\wincc\bin\ccusracv.exe |
"{F28421C8-2982-48C9-8D08-B42BCCA56054}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0D61D68B-DF5E-4635-82C7-B0C53F0A581B}" = Microsoft SQL Server 2005 Backward compatibility
"{130A3BE1-85CC-4135-8EA7-5A724EE6CE2C}" = Microsoft SQL Server 2005 (WINCC)
"{1DD463C0-A50A-4394-B7E4-5895C02F9E0D}" = Microsoft SQL Server 2005 Tools
"{1EDF214A-AEFA-4CC6-96F9-BC9A4BAFB05B}" = SIMATIC WinCC Runtime
"{1EDF214A-AEFA-4CC6-96F9-BC9A4BAFB05B}WinCC" = SIMATIC WinCC Runtime V7.0 + SP3
"{28ABE740-47F3-441B-9437-852F6A64EFF8}" = Lenovo_Wireless_Driver
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{56325EE0-6E66-4735-9B8B-09A1EC6697BD}" = SIMATIC WinCC Configuration
"{56325EE0-6E66-4735-9B8B-09A1EC6697BD}WinCCConfiguration" = SIMATIC WinCC Configuration V7.0 + SP3
"{588DC473-0F95-42C4-BBF0-92CCE9FD6D27}" = Siemens Automation License Manager
"{588DC473-0F95-42C4-BBF0-92CCE9FD6D27}LicenseManager" = Siemens Automation License Manager V5.1 + SP1 + Upd3
"{5C47C8B6-77FF-4FC7-A388-66FCF9CFC24C}" = Snagit 9.1.3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{90F50409-6000-11D3-8CFE-0150048383C9}" = Visual Basic for Applications (R) Core
"{90F60409-6000-11D3-8CFE-0150048383C9}" = Visual Basic for Applications (R) Core - English
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B60A0DD-931F-445C-ACE9-00E3AE718227}" = SIMATIC WinCC Smart Tools
"{9B60A0DD-931F-445C-ACE9-00E3AE718227}WinCCSmartTools" = SIMATIC WinCC Smart Tools V7.0 + SP3
"{9D8DA9A0-67B7-44DB-A0C3-2D1DC6880B71}" = OPC .NET API 2.00 Redistributables (x86) 101.0
"{AD9F5DB5-ACE0-4538-A272-88B10A6C93C8}" = OPC Core Components Redistributable (x86) 101.2
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{EE8CFFD9-6E29-4DC3-A967-7348D5F41F44}" = Microsoft SQL Server 2005 Integration Services
"{F4456A16-88F4-4A0A-BD63-08C9EBDC32A7}" = SIMATIC WinCC OPC Server
"{F4456A16-88F4-4A0A-BD63-08C9EBDC32A7}WinCCOPCServer" = SIMATIC WinCC OPC Server V3.9 + Upd1
"{F5451D00-B448-4E9A-82DC-1929F4F1910D}" = Nitro Reader 3
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"AIMP2" = AIMP2
"Avast" = avast! Free Antivirus
"DAEMON Tools Lite" = DAEMON Tools Lite
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"maucampo" = maucampo
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 26.0 (x86 sk)" = Mozilla Firefox 26.0 (x86 sk)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 1.1.9
"WinRAR archiver" = WinRAR 4.00 (32-bit)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-987201152-1341176263-1292834751-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SeznamInstall" = Seznam Software
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 12. 1. 2014 8:34:31 | Computer Name = Andrej-PC | Source = RasClient | ID = 20227
Description =
Error - 12. 1. 2014 8:34:54 | Computer Name = Andrej-PC | Source = RasClient | ID = 20227
Description =
Error - 12. 1. 2014 16:09:06 | Computer Name = Andrej-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Služba Šifrování selhala při volání OnIdentity() v objektu System
Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary zhjbteqb.
System
Error: Systém nemůže nalézt uvedený soubor. .
[ System Events ]
Error - 22. 1. 2014 15:15:46 | Computer Name = Andrej-PC | Source = DCOM | ID = 10010
Description =
Error - 22. 1. 2014 15:25:50 | Computer Name = Andrej-PC | Source = atapi | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.
Error - 22. 1. 2014 15:25:50 | Computer Name = Andrej-PC | Source = atapi | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.
Error - 22. 1. 2014 15:25:50 | Computer Name = Andrej-PC | Source = atapi | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.
Error - 23. 1. 2014 16:23:38 | Computer Name = Andrej-PC | Source = DCOM | ID = 10010
Description =
Error - 23. 1. 2014 16:23:57 | Computer Name = Andrej-PC | Source = atapi | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.
Error - 23. 1. 2014 16:23:57 | Computer Name = Andrej-PC | Source = atapi | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.
Error - 24. 1. 2014 15:56:45 | Computer Name = Andrej-PC | Source = atapi | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.
Error - 25. 1. 2014 5:11:13 | Computer Name = Andrej-PC | Source = atapi | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.
Error - 25. 1. 2014 7:07:01 | Computer Name = Andrej-PC | Source = atapi | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.
< End of report >
Re: Prosím o preventívnu kontrolu
OTL bylo spusteno bez toho skriptu.
Takze znovu a presne podle navodu.
Takze znovu a presne podle navodu.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o preventívnu kontrolu
Ospravedlňujem sa.
Prvý krát som OTL spustil so skriptom ale zasekol sa. A na podruhé som pozabudol.
Idem na to.
Prvý krát som OTL spustil so skriptom ale zasekol sa. A na podruhé som pozabudol.
Idem na to.
Re: Prosím o preventívnu kontrolu
kmetino píše:Prvý krát som OTL spustil so skriptom ale zasekol sa. A na podruhé som pozabudol.

Jestli to udela znovu, vypnete ho a pouzijte tento upraveny skript. Neni sice tak podrobny, ale mel by stacit.
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o preventívnu kontrolu
Prvý krát sa zasekol s tým že "program neodpovedá" žiadne okno s chybovým hlásením.
Spustil som ho opakovane ešte pred Vaším príspevkom a tentokrát aj chybová hláška:

Ospravedlňujem sa ale musím preč od PC. Zatiaľ dakujem za prejavený záujem a pri PC budem až večer okolo 17:00.
Večer postnem aj logy s upraveným skriptom.
ďakujem za pochopenie
Spustil som ho opakovane ešte pred Vaším príspevkom a tentokrát aj chybová hláška:

Ospravedlňujem sa ale musím preč od PC. Zatiaľ dakujem za prejavený záujem a pri PC budem až večer okolo 17:00.
Večer postnem aj logy s upraveným skriptom.
ďakujem za pochopenie
Re: Prosím o preventívnu kontrolu
OK, tuhle chybu OTL obcas vyhodi. Takze pouzijte ten upraveny skript.
Jasne, v klidu, ja taky nemuzu byt u pc porad
Jasne, v klidu, ja taky nemuzu byt u pc porad

Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o preventívnu kontrolu
Zdravím pán Márty tak som vytvoril log z OTL s novým skriptom. Prikladám ho.
Pokúšal som sa scanovať aj s tým starým komplexnejším skriptom, ale skanovanie sa zastaví s tou istou chybovou hláškou ako som priložil printscreen. Raz mi skan zbehol až do konca ale po skončení sa zobrazil iba OTL.txt a Extras.txt sa nevytvoril. Ak by Vám tento log nepostačoval pastnem aj ten s tým prvým skriptom na vyžiadanie.
=========================================================================================================================================================
OTL logfile created on: 25. 1. 2014 20:30:19 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Andrej\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
2,99 Gb Total Physical Memory | 1,79 Gb Available Physical Memory | 59,87% Memory free
5,98 Gb Paging File | 4,75 Gb Available in Paging File | 79,35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 151,42 Gb Total Space | 130,71 Gb Free Space | 86,32% Space Free | Partition Type: NTFS
Drive D: | 299,39 Gb Total Space | 91,77 Gb Free Space | 30,65% Space Free | Partition Type: NTFS
Drive G: | 6,54 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: ANDREJ-PC | User Name: Andrej | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/01/25 14:18:17 | 000,102,168 | ---- | M] () -- C:\Program Files\maucampo\bin\utilmaucampo.exe
PRC - [2014/01/25 13:46:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Andrej\Desktop\OTL.exe
PRC - [2014/01/19 20:33:42 | 001,863,048 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
PRC - [2014/01/16 01:37:30 | 000,097,048 | ---- | M] () -- C:\Program Files\maucampo\updatemaucampo.exe
PRC - [2014/01/12 21:09:27 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/01/12 21:09:27 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/12/05 20:34:42 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/07/26 06:48:28 | 000,196,624 | ---- | M] (Nitro PDF Software) -- C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
PRC - [2013/04/12 09:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
PRC - [2011/12/11 21:07:24 | 001,138,312 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe
PRC - [2011/11/23 23:12:38 | 000,243,200 | ---- | M] () -- C:\Program Files\Siemens\WinCC\bin\CCUCSurrogate.exe
PRC - [2011/11/23 22:26:56 | 001,464,832 | ---- | M] (SIEMENS AG) -- C:\Program Files\Siemens\WinCC\bin\CCProjectMgr.exe
PRC - [2011/11/23 13:01:10 | 000,098,304 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\commonarchiving\CCDBUtils.exe
PRC - [2011/11/14 20:21:20 | 000,245,248 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe
PRC - [2011/11/14 16:18:46 | 000,163,328 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe
PRC - [2011/11/14 14:47:58 | 000,264,704 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe
PRC - [2011/11/14 14:37:24 | 000,363,008 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\ace\bin\CCAgent.exe
PRC - [2011/11/04 01:41:34 | 000,556,168 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe
PRC - [2011/11/04 01:41:30 | 000,412,808 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
PRC - [2011/10/25 11:23:08 | 009,079,296 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\SimNetCom\pniopcac.exe
PRC - [2011/10/24 11:03:54 | 002,087,424 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\SimNetCom\pniomgr.exe
PRC - [2009/10/15 11:06:52 | 000,053,064 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 9\TscHelp.exe
PRC - [2009/10/15 11:06:50 | 000,066,888 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 9\SnagPriv.exe
PRC - [2009/10/15 11:06:46 | 007,168,328 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 9\SnagitEditor.exe
PRC - [2009/10/15 11:06:46 | 006,287,176 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 9\Snagit32.exe
PRC - [2009/07/14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
========== Modules (No Company Name) ==========
MOD - [2014/01/19 20:33:41 | 016,287,624 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_12_0_0_43.dll
MOD - [2014/01/12 21:09:27 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013/12/05 20:36:56 | 003,559,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/04/24 11:31:42 | 000,081,992 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\libchinst.dll
MOD - [2013/04/12 09:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
MOD - [2013/03/29 12:37:34 | 000,059,384 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\9526libfoxloader.dll
MOD - [2013/03/25 15:39:52 | 000,894,968 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
MOD - [2011/11/23 23:12:38 | 000,243,200 | ---- | M] () -- C:\Program Files\Siemens\WinCC\bin\CCUCSurrogate.exe
MOD - [2011/11/15 02:48:32 | 000,057,856 | ---- | M] () -- C:\Program Files\Siemens\WinCC\bin\CCUCSurrogateEnu.lng
MOD - [2011/03/02 12:40:52 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2011/02/09 01:56:38 | 000,296,448 | ---- | M] () -- C:\Program Files\Notepad++\NppShell_04.dll
MOD - [2009/10/15 11:06:44 | 004,715,848 | R--- | M] () -- C:\Program Files\TechSmith\Snagit 9\PDFNetC.dll
========== Services (SafeList) ==========
SRV - [2014/01/25 14:18:17 | 000,102,168 | ---- | M] () [Auto | Running] -- C:\Program Files\maucampo\bin\utilmaucampo.exe -- (Util maucampo)
SRV - [2014/01/19 20:33:42 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/01/16 01:37:30 | 000,097,048 | ---- | M] () [Auto | Running] -- C:\Program Files\maucampo\updatemaucampo.exe -- (Update maucampo)
SRV - [2014/01/12 21:09:27 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/12/05 20:36:33 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/07/26 06:48:28 | 000,196,624 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe -- (NitroReaderDriverReadSpool3)
SRV - [2011/12/11 21:07:24 | 001,138,312 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe -- (almservice)
SRV - [2011/11/23 23:21:54 | 000,332,800 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCSsmRTServer.exe -- (CCSsmRTServer)
SRV - [2011/11/23 23:12:26 | 000,072,192 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCProfileServer.exe -- (CCProfileServer)
SRV - [2011/11/23 23:08:46 | 000,119,808 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CcAlgRtServer.exe -- (CCAlgRtServer)
SRV - [2011/11/23 23:07:52 | 000,361,984 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCAlgIAlarmDataCollector.exe -- (CCAlgIAlarmDataCollector)
SRV - [2011/11/23 23:06:00 | 000,489,472 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\Bin\CCLicenseService.exe -- (CCLicenseService)
SRV - [2011/11/23 23:03:22 | 000,100,352 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCRtsLoader.exe -- (CCRtsLoader)
SRV - [2011/11/23 23:00:42 | 000,372,224 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCTextServer.exe -- (CCTextServer)
SRV - [2011/11/23 23:00:36 | 000,091,648 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCTlgServer.exe -- (CCTlgServer)
SRV - [2011/11/23 22:59:04 | 001,311,232 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCUsrAcv.exe -- (CCUsrAcv)
SRV - [2011/11/23 22:34:50 | 000,450,560 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCPackageMgr.exe -- (CCPackageMgr)
SRV - [2011/11/23 22:34:20 | 000,757,760 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCDeltaLoader.exe -- (CCDeltaLoader)
SRV - [2011/11/23 22:32:10 | 000,299,520 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCTMTimeSyncServer.exe -- (CCTMTimeSyncServer)
SRV - [2011/11/23 22:31:10 | 000,646,144 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCNSInfo2Provider.exe -- (CCNSInfo2Provider)
SRV - [2011/11/23 22:30:04 | 000,195,072 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCLBMRTServer.exe -- (CCLBMRTServer)
SRV - [2011/11/23 22:29:40 | 000,436,736 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCCSigRTServer.exe -- (CCCSigRTServer)
SRV - [2011/11/23 22:28:46 | 000,331,776 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCPtmRTServer.exe -- (CCPtmRTServer)
SRV - [2011/11/23 22:26:56 | 001,464,832 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Siemens\WinCC\bin\CCProjectMgr.exe -- (CCProjectMgr)
SRV - [2011/11/23 16:02:26 | 000,346,112 | ---- | M] (SIEMENS AG) [Disabled | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\HistDataAccess\bin\sopchdasrvrwincc.exe -- (OPCServerHDA.WinCC)
SRV - [2011/11/23 16:00:22 | 000,188,416 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\UAWrapper\CCRT2UA.exe -- (XR_CCOPC.UAWrapper)
SRV - [2011/11/23 16:00:04 | 000,188,416 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\XMLDataAccess\bin\CCRT2XML.exe -- (XR_CCOPC.XMLWrapper)
SRV - [2011/11/23 15:59:38 | 000,348,160 | ---- | M] (SIEMENS AG) [Disabled | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\DataAccess\bin\sopcsrvrwincc.exe -- (OPCServer.WinCC)
SRV - [2011/11/23 15:59:00 | 000,344,064 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\XMLDataAccess\bin\DA2XML.exe -- (CCOPC.XMLWrapper)
SRV - [2011/11/23 15:59:00 | 000,344,064 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\UAWrapper\DA2UA.exe -- (CCOPC.UAWrapper)
SRV - [2011/11/23 15:57:38 | 000,261,632 | ---- | M] (SIEMENS AG) [Disabled | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\AlarmEvent\bin\sopcaesrvrwincc.exe -- (OPCServerAE.WinCC)
SRV - [2011/11/23 13:10:30 | 000,856,064 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\commonarchiving\CCRedundancyAgent.exe -- (CCRedundancyAgent-Service)
SRV - [2011/11/23 13:01:10 | 000,098,304 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\commonarchiving\CCDBUtils.exe -- (CCDBUtils)
SRV - [2011/11/23 12:59:42 | 000,757,760 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\commonarchiving\CCArchiveManager.exe -- (CCArchiveManagerService)
SRV - [2011/11/14 20:31:38 | 000,486,400 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe -- (RedundancyControl)
SRV - [2011/11/14 20:21:20 | 000,245,248 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe -- (CCEServer)
SRV - [2011/11/14 16:18:46 | 000,163,328 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe -- (SCSMonitor)
SRV - [2011/11/14 15:46:46 | 000,101,888 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\ace\bin\SCSFsX.exe -- (SCSFsX)
SRV - [2011/11/14 15:34:08 | 000,198,144 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\ace\bin\RedundancyState.exe -- (RedundancyState)
SRV - [2011/11/14 14:47:58 | 000,264,704 | ---- | M] (SIEMENS AG) [On_Demand | Running] -- C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe -- (CCEClient)
SRV - [2011/11/14 14:37:24 | 000,363,008 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\ace\bin\CCAgent.exe -- (CCAgent)
SRV - [2011/11/10 12:58:36 | 000,716,288 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\Bin\CCPerfMon.exe -- (CCPerfMon)
SRV - [2011/11/04 01:41:34 | 000,556,168 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe -- (S7TraceServiceX)
SRV - [2011/11/04 01:41:30 | 000,412,808 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe -- (s7oiehsx)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/02/05 03:04:08 | 000,139,488 | ---- | M] (OPC Foundation) [On_Demand | Stopped] -- C:\Windows\System32\OpcEnum.exe -- (OpcEnum)
========== Driver Services (SafeList) ==========
DRV - [2014/01/20 19:33:11 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2014/01/12 21:12:22 | 000,064,168 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aswstm.sys -- (aswStm)
DRV - [2014/01/12 21:09:28 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014/01/12 21:09:28 | 000,410,528 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2014/01/12 21:09:28 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/01/12 21:09:28 | 000,079,720 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2014/01/12 21:09:28 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014/01/12 21:09:28 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2011/10/11 19:13:20 | 000,343,888 | ---- | M] (SIEMENS AG) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SNTIE.SYS -- (SNTIE)
DRV - [2011/09/29 10:48:48 | 000,641,280 | ---- | M] (SIEMENS AG) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\s7ousbu32x.sys -- (s7ousbu32x)
DRV - [2011/06/16 19:10:22 | 000,063,104 | ---- | M] (SIEMENS AG) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\s7sn2srtx.sys -- (s7sn2srtx)
DRV - [2011/05/06 05:08:10 | 000,521,216 | ---- | M] (SIEMENS AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\S7otranx32.sys -- (S7otranx32)
DRV - [2011/05/06 05:03:22 | 000,087,552 | ---- | M] (SIEMENS AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\S7odpx2x32.sys -- (S7odpx2x32)
DRV - [2011/04/19 19:22:04 | 000,288,256 | ---- | M] (SIEMENS AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\dpmconv32.sys -- (dpmconv)
DRV - [2011/04/19 19:20:28 | 000,140,288 | ---- | M] (SIEMENS AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsnl2ada32.sys -- (vsnl2ada)
DRV - [2010/03/22 20:35:44 | 000,072,248 | ---- | M] (SIEMENS AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\DPMTRCDD32.sys -- (DPMTRCDD)
DRV - [2009/11/06 12:53:58 | 001,227,776 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/07/14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009/07/14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009/07/14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009/07/14 01:11:04 | 000,141,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mqac.sys -- (MQAC)
DRV - [2009/07/14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-987201152-1341176263-1292834751-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 64 65 73 CB 0F CF 01 [binary data]
IE - HKU\S-1-5-21-987201152-1341176263-1292834751-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-987201152-1341176263-1292834751-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-987201152-1341176263-1292834751-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.google.sk"
FF - prefs.js..extensions.enabledAddons: %7B66E978CD-981F-47DF-AC42-E3CF417C1467%7D:0.4.3
FF - prefs.js..extensions.enabledAddons: %7Bef8714df-a44b-464c-9034-549a70dc4cd7%7D:1.0.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/01/12 21:09:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2014/01/12 20:35:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Extensions
[2014/01/20 19:45:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions
[2014/01/20 19:45:21 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2014/01/12 20:38:26 | 000,016,454 | ---- | M] () (No name found) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions\HomepageNewTab@neocodex.us.xpi
[2014/01/12 20:40:34 | 000,003,793 | ---- | M] () (No name found) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi
[2014/01/19 20:28:35 | 000,940,775 | ---- | M] () (No name found) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/01/16 01:37:30 | 000,008,938 | ---- | M] () (No name found) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions\{ef8714df-a44b-464c-9034-549a70dc4cd7}.xpi
[2014/01/12 20:35:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/01/12 20:35:17 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (maucampo) - {5d7d4fb9-aca5-4013-8879-c58dcd4df9f1} - C:\Program Files\maucampo\maucampoBHO.dll (maucampo)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-987201152-1341176263-1292834751-1000\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CCUCSurrogate.exe] C:\Program Files\Siemens\WinCC\bin\CCUCSurrogate.exe ()
O4 - HKLM..\Run: [seznam-listicka-distribuce] C:\Program Files\Seznam.cz\distribution\szninstall.exe ()
O4 - HKU\S-1-5-21-987201152-1341176263-1292834751-1000..\Run: [cz.seznam.software.autoupdate] C:\Users\Andrej\AppData\Roaming\Seznam.cz\szninstall.exe ()
O4 - HKU\S-1-5-21-987201152-1341176263-1292834751-1000..\Run: [cz.seznam.software.szndesktop] C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe ()
O4 - HKU\S-1-5-21-987201152-1341176263-1292834751-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 9.lnk = C:\Program Files\TechSmith\Snagit 9\Snagit32.exe (TechSmith Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FA6D81AC-B75C-4D34-89C6-5947764FB974}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/03/10 16:55:40 | 000,000,045 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{7a2f2665-8200-11e3-a533-70f3954ca870}\Shell - "" = AutoRun
O33 - MountPoints2\{7a2f2665-8200-11e3-a533-70f3954ca870}\Shell\AutoRun\command - "" = G:\Setup.exe -- [2011/08/03 13:32:28 | 000,236,168 | R--- | M] (SIEMENS AG)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014/01/25 20:24:20 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2014/01/25 20:24:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2014/01/25 20:24:14 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Notepad++
[2014/01/25 20:24:14 | 000,000,000 | ---D | C] -- C:\Program Files\Notepad++
[2014/01/25 20:21:15 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Nitro PDF
[2014/01/25 13:46:54 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Andrej\Desktop\OTL.exe
[2014/01/25 12:37:38 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014/01/25 12:37:38 | 000,000,000 | ---D | C] -- C:\rsit
[2014/01/25 11:22:04 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\vlc
[2014/01/25 11:21:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2014/01/25 11:21:40 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2014/01/24 21:03:26 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Nitro
[2014/01/24 21:03:26 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\FileOpen
[2014/01/24 21:03:26 | 000,000,000 | ---D | C] -- C:\ProgramData\FileOpen
[2014/01/24 21:03:13 | 000,027,152 | ---- | C] (Nitro PDF Software) -- C:\Windows\System32\nitrolocalmon2.dll
[2014/01/24 21:03:13 | 000,018,448 | ---- | C] (Nitro PDF Software) -- C:\Windows\System32\nitrolocalui2.dll
[2014/01/24 21:03:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Nitro
[2014/01/24 21:03:06 | 000,000,000 | ---D | C] -- C:\Program Files\Nitro
[2014/01/24 21:03:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nitro
[2014/01/24 21:01:14 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Downloaded Installations
[2014/01/22 20:21:55 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Siemens
[2014/01/22 20:15:09 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\winhlp32.exe
[2014/01/22 20:15:09 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftsrch.dll
[2014/01/22 20:15:09 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftlx041e.dll
[2014/01/22 20:15:09 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftlx0411.dll
[2014/01/22 20:14:30 | 000,000,000 | ---D | C] -- C:\Program Files\WINCC
[2014/01/22 20:02:45 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Siemens
[2014/01/22 20:00:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Siemens Automation
[2014/01/22 20:00:07 | 000,000,000 | ---D | C] -- C:\Program Files\Siemens
[2014/01/22 20:00:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Siemens
[2014/01/22 19:47:33 | 000,000,000 | ---D | C] -- C:\Users\Andrej\Documents\SQL Server Management Studio
[2014/01/22 19:41:50 | 000,000,000 | ---D | C] -- C:\Users\Andrej\Documents\Visual Studio 2005
[2014/01/22 19:41:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2005
[2014/01/22 19:39:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2014/01/22 19:39:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2014/01/22 19:39:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2014/01/22 19:38:58 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2014/01/22 19:38:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2014/01/22 19:38:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Merge Modules
[2014/01/22 19:38:30 | 000,000,000 | ---D | C] -- C:\Program Files\OPC Foundation
[2014/01/22 19:38:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\OPC Foundation
[2014/01/22 19:38:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Designer
[2014/01/22 19:31:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\msmq
[2014/01/22 19:24:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Siemens
[2014/01/22 19:16:20 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\GHISLER
[2014/01/20 20:17:26 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Malwarebytes
[2014/01/20 20:17:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/01/20 20:17:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/01/20 20:17:11 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/01/20 20:17:11 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2014/01/20 19:51:20 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Microsoft Help
[2014/01/20 19:51:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2014/01/20 19:50:24 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2014/01/20 19:45:53 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\ElevatedDiagnostics
[2014/01/20 19:45:41 | 000,000,000 | ---D | C] -- C:\Program Files\maucampo
[2014/01/20 19:45:24 | 000,000,000 | ---D | C] -- C:\Program Files\Seznam.cz
[2014/01/20 19:44:40 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Seznam.cz
[2014/01/20 19:33:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2014/01/20 19:33:11 | 000,243,128 | ---- | C] (Disc Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2014/01/20 19:33:07 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\DAEMON Tools Lite
[2014/01/20 19:33:05 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2014/01/20 19:32:30 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2014/01/19 20:50:22 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Macromedia
[2014/01/19 20:50:22 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Macromedia
[2014/01/19 20:50:22 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Adobe
[2014/01/19 20:33:42 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/01/19 20:33:42 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/01/19 20:33:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2014/01/19 20:31:22 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Adobe
[2014/01/12 21:14:45 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\AVAST Software
[2014/01/12 21:12:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/01/12 21:09:40 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Google
[2014/01/12 21:09:40 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2014/01/12 21:09:34 | 000,064,168 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswstm.sys
[2014/01/12 21:09:33 | 000,775,952 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014/01/12 21:09:32 | 000,410,528 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014/01/12 21:09:32 | 000,067,824 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/01/12 21:09:31 | 000,079,720 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014/01/12 21:09:29 | 000,270,240 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/01/12 21:09:28 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/01/12 21:09:12 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/01/12 21:08:41 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/01/12 20:52:45 | 000,230,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2014/01/12 20:35:28 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Mozilla
[2014/01/12 20:35:28 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Mozilla
[2014/01/12 20:35:18 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2014/01/12 20:35:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/01/12 20:35:17 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/01/12 20:13:03 | 001,227,776 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\drivers\athr.sys
[2014/01/12 20:13:02 | 000,000,000 | ---D | C] -- C:\temp
[2014/01/12 20:13:02 | 000,000,000 | ---D | C] -- C:\Program Files\Lenovo
[2014/01/12 20:13:02 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\InstallShield
[2014/01/12 19:31:42 | 000,094,208 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RTNUninst32.dll
[2014/01/12 19:31:42 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2014/01/12 19:31:41 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2014/01/12 19:29:49 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Diagnostics
[2014/01/12 19:28:59 | 000,000,000 | ---D | C] -- C:\Drivers
[2014/01/12 13:51:41 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AIMP2
[2014/01/12 13:51:40 | 000,000,000 | ---D | C] -- C:\Program Files\AIMP2
[2014/01/12 13:32:51 | 000,000,000 | ---D | C] -- C:\Users\Andrej\Documents\Snagit
[2014/01/12 13:27:33 | 000,000,000 | ---D | C] -- C:\ProgramData\7. Realtek LAN Driver
[2014/01/12 13:27:11 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Programs
[2014/01/12 13:21:48 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Snagit 9
[2014/01/12 13:21:47 | 000,000,000 | ---D | C] -- C:\ProgramData\TechSmith
[2014/01/12 13:21:46 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\TechSmith
[2014/01/12 13:21:46 | 000,000,000 | ---D | C] -- C:\Program Files\TechSmith
[2014/01/12 13:20:36 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2014/01/12 13:20:01 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\WinRAR
[2014/01/12 13:20:01 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/01/12 13:20:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/01/12 13:19:44 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2014/01/12 13:17:52 | 000,000,000 | ---D | C] -- C:\Program Files\totalcmd
[2014/01/12 13:17:52 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
[2014/01/12 13:17:52 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\GHISLER
[2014/01/12 13:05:15 | 000,000,000 | R--D | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/01/12 13:05:15 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Searches
[2014/01/12 13:05:15 | 000,000,000 | R--D | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/01/12 13:05:06 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Identities
[2014/01/12 13:05:05 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Contacts
[2014/01/12 13:04:59 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\VirtualStore
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\AppData\Local\Temporary Internet Files
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Šablony
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Soubory cookie
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\SendTo
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Poslední
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Okolní tiskárny
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Okolní síť
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Documents\Obrázky
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Nabídka Start
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Local Settings
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Documents\Hudba
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\AppData\Local\History
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Documents\Filmy
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Dokumenty
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Data aplikací
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\AppData\Local\Data aplikací
[2014/01/12 13:04:57 | 000,000,000 | --SD | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Videos
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Saved Games
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Pictures
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Music
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Links
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Favorites
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Downloads
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Documents
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Desktop
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/01/12 13:04:57 | 000,000,000 | -H-D | C] -- C:\Users\Andrej\AppData
[2014/01/12 13:04:57 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Temp
[2014/01/12 13:04:57 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Microsoft
[2014/01/12 13:04:57 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Media Center Programs
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Šablony
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\Recovery
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Plocha
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Obrázky
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Oblíbené položky
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Nabídka Start
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Hudba
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Filmy
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Data aplikací
[2014/01/12 12:54:06 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/01/12 12:51:33 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2014/01/12 12:51:15 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014/01/12 12:50:47 | 000,000,000 | ---D | C] -- C:\Windows\Panther
========== Files - Modified Within 30 Days ==========
[2014/01/25 20:32:16 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/01/25 20:27:55 | 000,664,976 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2014/01/25 20:27:55 | 000,657,654 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/01/25 20:27:55 | 000,137,518 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2014/01/25 20:27:55 | 000,122,402 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/01/25 20:20:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/25 20:20:43 | 2408,722,432 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/25 14:48:05 | 000,009,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/25 14:48:05 | 000,009,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/25 14:06:31 | 000,001,536 | ---- | M] () -- C:\Windows\System32\.sto
[2014/01/25 13:59:07 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/25 13:46:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Andrej\Desktop\OTL.exe
[2014/01/22 21:31:24 | 000,000,028 | ---- | M] () -- C:\Windows\ODBC.INI
[2014/01/22 21:31:09 | 000,000,061 | ---- | M] () -- C:\Windows\Simatic.cfg
[2014/01/22 20:16:46 | 000,269,992 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/01/22 20:10:01 | 000,000,000 | ---- | M] () -- C:\Windows\PDLSERV.INI
[2014/01/22 20:08:19 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_s7ousbu32x_01007.Wdf
[2014/01/20 19:33:11 | 000,243,128 | ---- | M] (Disc Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2014/01/19 20:33:42 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/01/19 20:33:42 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/01/12 21:12:22 | 000,064,168 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswstm.sys
[2014/01/12 21:09:28 | 000,775,952 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014/01/12 21:09:28 | 000,410,528 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014/01/12 21:09:28 | 000,270,240 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/01/12 21:09:28 | 000,180,248 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/01/12 21:09:28 | 000,079,720 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014/01/12 21:09:28 | 000,067,824 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/01/12 21:09:28 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/01/12 21:09:28 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/01/12 13:26:53 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/01/12 13:21:48 | 000,002,073 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 9.lnk
[2014/01/12 12:54:34 | 000,068,220 | ---- | M] () -- C:\Windows\System32\license.rtf
========== Files Created - No Company Name ==========
[2014/01/25 14:06:31 | 000,001,536 | ---- | C] () -- C:\Windows\System32\.sto
[2014/01/25 13:50:40 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/01/24 21:03:10 | 000,002,487 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 3.lnk
[2014/01/22 20:21:16 | 000,000,061 | ---- | C] () -- C:\Windows\Simatic.cfg
[2014/01/22 20:21:10 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI
[2014/01/22 20:10:01 | 000,000,000 | ---- | C] () -- C:\Windows\PDLSERV.INI
[2014/01/22 20:08:19 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_s7ousbu32x_01007.Wdf
[2014/01/19 20:33:43 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/12 21:09:34 | 000,180,248 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/01/12 21:09:32 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/01/12 20:35:20 | 000,001,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/01/12 19:31:42 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2014/01/12 13:26:53 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/01/12 13:21:48 | 000,002,073 | ---- | C] () -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 9.lnk
[2014/01/12 13:17:52 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF
[2014/01/12 13:17:52 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF
[2014/01/12 13:17:52 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF
[2014/01/12 13:17:52 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF
[2014/01/12 13:17:52 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF
[2014/01/12 13:17:52 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF
[2014/01/12 13:17:52 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF
[2014/01/12 13:05:16 | 000,001,413 | ---- | C] () -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/01/12 12:54:27 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2014/01/12 12:54:17 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2014/01/12 12:51:15 | 2408,722,432 | -HS- | C] () -- C:\hiberfil.sys
========== ZeroAccess Check ==========
[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009/07/14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2014/01/12 21:14:45 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\AVAST Software
[2014/01/20 19:46:31 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\DAEMON Tools Lite
[2014/01/24 21:01:14 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Downloaded Installations
[2014/01/24 21:03:26 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\FileOpen
[2014/01/12 13:18:26 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\GHISLER
[2014/01/24 21:03:26 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Nitro
[2014/01/25 20:21:15 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Nitro PDF
[2014/01/25 20:24:49 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Notepad++
[2014/01/25 20:26:02 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Seznam.cz
[2014/01/22 20:21:55 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Siemens
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009/07/14 05:53:46 | 000,003,422 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/07/14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2014/01/19 20:33:43 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
< >
< MD5 for: ATAPI.SYS >
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\System32\autochk.exe
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
< MD5 for: CDROM.SYS >
[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys
[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys
[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\explorer.exe
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
< MD5 for: HAL.DLL >
[2009/07/14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\System32\hal.dll
[2009/07/14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
< MD5 for: SCECLI.DLL >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
< MD5 for: TCPIP.SYS >
[2009/07/14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\System32\drivers\tcpip.sys
[2009/07/14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
< MD5 for: USERINIT.EXE >
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\System32\winlogon.exe
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
< >
< %systemroot%*.* /U /s >
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[12 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2014/01/19 20:50:22 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Adobe
[2014/01/12 21:14:45 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\AVAST Software
[2014/01/20 19:46:31 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\DAEMON Tools Lite
[2014/01/24 21:01:14 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Downloaded Installations
[2014/01/24 21:03:26 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\FileOpen
[2014/01/12 13:18:26 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\GHISLER
[2014/01/12 13:05:06 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Identities
[2014/01/12 20:13:02 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\InstallShield
[2014/01/19 20:50:22 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Macromedia
[2014/01/20 20:17:26 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Malwarebytes
[2009/07/14 10:20:06 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Media Center Programs
[2014/01/22 20:22:05 | 000,000,000 | --SD | M] -- C:\Users\Andrej\AppData\Roaming\Microsoft
[2014/01/12 20:35:32 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Mozilla
[2014/01/24 21:03:26 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Nitro
[2014/01/25 20:21:15 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Nitro PDF
[2014/01/25 20:24:49 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Notepad++
[2014/01/25 20:26:02 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Seznam.cz
[2014/01/22 20:21:55 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Siemens
[2014/01/25 11:33:07 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\vlc
[2014/01/12 13:51:12 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2014/01/12 13:21:48 | 001,431,040 | R--- | M] () -- C:\Users\Andrej\AppData\Roaming\Microsoft\Installer\{5C47C8B6-77FF-4FC7-A388-66FCF9CFC24C}\Icon0E6ED660.exe
[2013/05/16 14:25:04 | 001,062,472 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Seznam.cz\szninstall.exe
[2013/05/16 14:26:24 | 002,589,256 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Seznam.cz\sznsetup.exe
[2013/04/16 12:52:34 | 000,055,808 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\ffkill.exe
[2013/04/29 11:53:34 | 000,045,560 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
[2013/04/12 09:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2013/04/12 09:10:22 | 000,092,664 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2014/01/25 13:59:07 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2014/01/25 14:06:31 | 000,001,536 | ---- | M] () -- C:\Windows\system32\.sto
[2014/01/25 14:48:05 | 000,009,584 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/25 14:48:05 | 000,009,584 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/25 20:27:55 | 000,137,518 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2014/01/25 20:27:55 | 000,122,402 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2014/01/25 20:27:55 | 000,664,976 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2014/01/25 20:27:55 | 000,657,654 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2014/01/25 20:27:55 | 001,587,864 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
< %SYSTEMDRIVE%\*.exe >
< >
< *crack* /s >
< *keygen* /s >
[2014/01/20 19:49:16 | 000,017,400 | ---- | M] () -- \Windows\Prefetch\KEYGEN.EXE-97FEE410.pf
< *AntiWPA* /s >
< *loader* /s >
[2008/04/21 21:19:04 | 000,061,952 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7Debug\coloader80.dll
[2008/04/21 16:21:56 | 000,004,608 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7Debug\coloader80.tlb
[2005/10/14 03:49:48 | 000,017,624 | ---- | M] () -- \Program Files\Microsoft SQL Server\90\Tools\Binn\SqlResourceLoader.dll
[2005/10/14 03:49:48 | 000,017,624 | ---- | M] () -- \Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SqlResourceLoader.dll
[2010/07/28 04:38:12 | 000,008,787 | ---- | M] () -- \Program Files\Notepad++\user.manual\sites\all\modules\fancy_login\images\ajax-loader.gif
[2011/11/23 22:34:20 | 000,757,760 | ---- | M] () -- \Program Files\Siemens\WinCC\bin\CCDeltaLoader.exe
[2011/11/15 02:46:54 | 000,092,672 | ---- | M] () -- \Program Files\Siemens\WinCC\bin\CCDeltaLoaderenu.lng
[2011/11/23 23:03:22 | 000,100,352 | ---- | M] () -- \Program Files\Siemens\WinCC\bin\CCRtsLoader.exe
[2014/01/22 21:31:24 | 000,001,656 | ---- | M] () -- \Program Files\Siemens\WinCC\diagnose\CCDeltaLoader.Log
[2011/11/23 22:07:04 | 000,010,876 | ---- | M] () -- \Program Files\Siemens\WinCC\interfaces\CCDeltaLoaderIntern.tlb
[2011/11/23 22:10:02 | 000,001,240 | ---- | M] () -- \Program Files\Siemens\WinCC\interfaces\CCDmRtLoader.tlb
[2014/01/20 19:43:58 | 000,057,728 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2014/01/20 19:43:58 | 000,057,728 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2014/01/20 19:43:58 | 000,057,728 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2014/01/20 19:43:59 | 000,057,728 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin3\dt_dadget_loader.png
[2014/01/20 19:43:59 | 000,057,728 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin4\dt_dadget_loader.png
[2014/01/20 19:43:59 | 000,061,770 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin5\dt_dadget_loader.png
[2014/01/20 19:43:59 | 000,061,770 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin6\dt_dadget_loader.png
[2014/01/12 20:21:45 | 000,001,849 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C08U2WTL\ajax-loader-small[1].gif
[2014/01/20 19:45:07 | 000,031,516 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C08U2WTL\cz.seznam.software.libfoxloader-3.1.2-win32[1].zip
[2014/01/24 20:59:48 | 000,000,723 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C08U2WTL\downloaderror[1].js
[2014/01/12 20:21:45 | 000,003,208 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MGKUE3FA\ajax-loader[1].gif
[2014/01/19 20:31:24 | 000,001,174 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MGKUE3FA\downloader[1].js
[2014/01/24 20:59:48 | 000,001,174 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MGKUE3FA\downloader[2].js
[2014/01/12 20:21:29 | 000,003,061 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MGKUE3FA\rmsloaderdelayeddiv[1].js
[2014/01/24 20:59:45 | 000,007,934 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NKHPG91I\bundleloader[1].js
[2014/01/19 20:31:24 | 000,000,723 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TNFE8S5U\downloaderror[1].js
[2013/07/30 02:03:00 | 000,385,792 | ---- | M] () -- \Users\Andrej\AppData\Local\Temp\Solid State Networks\Host.b1ba86025ff6a09e9601f7843b9493355e2152e3\downloader.bundle
[2012/03/16 17:32:00 | 000,687,520 | ---- | M] () -- \Users\Andrej\AppData\Local\Temp\Solid State Networks\Host.b1ba86025ff6a09e9601f7843b9493355e2152e3\downloader.dll
[2013/04/15 12:32:10 | 000,060,416 | ---- | M] () -- \Users\Andrej\AppData\Roaming\Seznam.cz\bin\9526libfoxloader-x64.dll
[2013/03/29 12:37:34 | 000,059,384 | ---- | M] () -- \Users\Andrej\AppData\Roaming\Seznam.cz\bin\9526libfoxloader.dll
[2014/01/20 19:45:19 | 000,000,164 | ---- | M] () -- \Users\Andrej\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2013/03/25 15:27:20 | 000,000,665 | ---- | M] () -- \Users\Andrej\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.install.bat
[2013/03/25 15:27:26 | 000,000,117 | ---- | M] () -- \Users\Andrej\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.uninstall.bat
[2005/09/23 04:24:22 | 000,061,440 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\0C364DD1A05A49347B4E85590CF2E9D0\9.0.1399\FL_coloader80_dll_128691_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
[2005/09/22 23:23:44 | 000,004,608 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\0C364DD1A05A49347B4E85590CF2E9D0\9.0.1399\FL_coloader80_tlb_128927_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009/07/14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009/07/14 09:43:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009/07/14 09:43:57 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009/07/14 09:43:57 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2009/07/14 03:17:55 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009/07/14 03:17:55 | 000,507,568 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9_winload.exe_75835076
[2009/07/14 03:17:55 | 000,442,920 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9_winresume.exe_85cd1215
[2009/07/14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009/07/14 09:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009/07/14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009/07/14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2009/06/10 22:13:54 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009/07/14 09:43:37 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2011/11/23 22:40:52 | 000,164,352 | ---- | M] () -- \Program Files\Siemens\WinCC\bin\SIMATIC S5 Serial 3964R.CHB
[2011/11/23 22:41:44 | 000,078,848 | ---- | M] () -- \Program Files\Siemens\WinCC\bin\SIMATIC S5 Serial 3964R.CHN
[2011/11/23 22:41:10 | 000,155,648 | ---- | M] () -- \Program Files\Siemens\WinCC\bin\Simatic TI Serial.chb
[2011/11/23 22:41:44 | 000,078,848 | ---- | M] () -- \Program Files\Siemens\WinCC\bin\SIMATIC TI Serial.CHN
[2011/11/19 19:24:48 | 000,075,465 | ---- | M] () -- \Program Files\Siemens\WinCC\Documents\english\S5Serial3964R.chm
[2011/11/21 12:37:14 | 000,199,667 | ---- | M] () -- \Program Files\Siemens\WinCC\Documents\english\S5Serial3964R.pdf
[2014/01/24 20:59:45 | 000,000,659 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NKHPG91I\settingsserializationhandler[1].js
[2009/07/14 09:43:23 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009/07/14 09:43:37 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2009/06/10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2009/07/14 05:43:53 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\39e53f507d9cbc5c10a2f47c4b0d09dd\System.Runtime.Serialization.ni.dll
[2009/07/14 05:43:05 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d57d865568209a71d63739fa448ed6df\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2009/07/14 09:43:15 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009/06/10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009/07/14 09:43:17 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009/07/14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2009/07/14 09:43:30 | 000,009,728 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2009/07/13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009/07/14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009/07/13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2009/07/14 03:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009/07/14 03:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2009/07/14 09:43:55 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009/07/14 03:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009/07/14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2009/07/14 09:42:43 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2009/07/14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2009/07/14 02:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009/07/14 02:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2009/07/14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009/07/14 09:43:23 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009/06/10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2009/07/14 09:43:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2009/06/10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2009/07/13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2009/07/14 09:43:15 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c002c1170ca9a88f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009/07/14 09:43:17 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009/07/14 09:43:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2009/07/14 09:43:30 | 000,009,728 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c48c78a9ad8ff996\serial.sys.mui
[2009/07/14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009/07/13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2009/06/10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
< *w7lxe* /s >
< End of report >
Pokúšal som sa scanovať aj s tým starým komplexnejším skriptom, ale skanovanie sa zastaví s tou istou chybovou hláškou ako som priložil printscreen. Raz mi skan zbehol až do konca ale po skončení sa zobrazil iba OTL.txt a Extras.txt sa nevytvoril. Ak by Vám tento log nepostačoval pastnem aj ten s tým prvým skriptom na vyžiadanie.

=========================================================================================================================================================
OTL logfile created on: 25. 1. 2014 20:30:19 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Andrej\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
2,99 Gb Total Physical Memory | 1,79 Gb Available Physical Memory | 59,87% Memory free
5,98 Gb Paging File | 4,75 Gb Available in Paging File | 79,35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 151,42 Gb Total Space | 130,71 Gb Free Space | 86,32% Space Free | Partition Type: NTFS
Drive D: | 299,39 Gb Total Space | 91,77 Gb Free Space | 30,65% Space Free | Partition Type: NTFS
Drive G: | 6,54 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: ANDREJ-PC | User Name: Andrej | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/01/25 14:18:17 | 000,102,168 | ---- | M] () -- C:\Program Files\maucampo\bin\utilmaucampo.exe
PRC - [2014/01/25 13:46:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Andrej\Desktop\OTL.exe
PRC - [2014/01/19 20:33:42 | 001,863,048 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
PRC - [2014/01/16 01:37:30 | 000,097,048 | ---- | M] () -- C:\Program Files\maucampo\updatemaucampo.exe
PRC - [2014/01/12 21:09:27 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/01/12 21:09:27 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/12/05 20:34:42 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/07/26 06:48:28 | 000,196,624 | ---- | M] (Nitro PDF Software) -- C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
PRC - [2013/04/12 09:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
PRC - [2011/12/11 21:07:24 | 001,138,312 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe
PRC - [2011/11/23 23:12:38 | 000,243,200 | ---- | M] () -- C:\Program Files\Siemens\WinCC\bin\CCUCSurrogate.exe
PRC - [2011/11/23 22:26:56 | 001,464,832 | ---- | M] (SIEMENS AG) -- C:\Program Files\Siemens\WinCC\bin\CCProjectMgr.exe
PRC - [2011/11/23 13:01:10 | 000,098,304 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\commonarchiving\CCDBUtils.exe
PRC - [2011/11/14 20:21:20 | 000,245,248 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe
PRC - [2011/11/14 16:18:46 | 000,163,328 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe
PRC - [2011/11/14 14:47:58 | 000,264,704 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe
PRC - [2011/11/14 14:37:24 | 000,363,008 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\ace\bin\CCAgent.exe
PRC - [2011/11/04 01:41:34 | 000,556,168 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe
PRC - [2011/11/04 01:41:30 | 000,412,808 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
PRC - [2011/10/25 11:23:08 | 009,079,296 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\SimNetCom\pniopcac.exe
PRC - [2011/10/24 11:03:54 | 002,087,424 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\SimNetCom\pniomgr.exe
PRC - [2009/10/15 11:06:52 | 000,053,064 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 9\TscHelp.exe
PRC - [2009/10/15 11:06:50 | 000,066,888 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 9\SnagPriv.exe
PRC - [2009/10/15 11:06:46 | 007,168,328 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 9\SnagitEditor.exe
PRC - [2009/10/15 11:06:46 | 006,287,176 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 9\Snagit32.exe
PRC - [2009/07/14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
========== Modules (No Company Name) ==========
MOD - [2014/01/19 20:33:41 | 016,287,624 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_12_0_0_43.dll
MOD - [2014/01/12 21:09:27 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013/12/05 20:36:56 | 003,559,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/04/24 11:31:42 | 000,081,992 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\libchinst.dll
MOD - [2013/04/12 09:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
MOD - [2013/03/29 12:37:34 | 000,059,384 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\9526libfoxloader.dll
MOD - [2013/03/25 15:39:52 | 000,894,968 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
MOD - [2011/11/23 23:12:38 | 000,243,200 | ---- | M] () -- C:\Program Files\Siemens\WinCC\bin\CCUCSurrogate.exe
MOD - [2011/11/15 02:48:32 | 000,057,856 | ---- | M] () -- C:\Program Files\Siemens\WinCC\bin\CCUCSurrogateEnu.lng
MOD - [2011/03/02 12:40:52 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2011/02/09 01:56:38 | 000,296,448 | ---- | M] () -- C:\Program Files\Notepad++\NppShell_04.dll
MOD - [2009/10/15 11:06:44 | 004,715,848 | R--- | M] () -- C:\Program Files\TechSmith\Snagit 9\PDFNetC.dll
========== Services (SafeList) ==========
SRV - [2014/01/25 14:18:17 | 000,102,168 | ---- | M] () [Auto | Running] -- C:\Program Files\maucampo\bin\utilmaucampo.exe -- (Util maucampo)
SRV - [2014/01/19 20:33:42 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/01/16 01:37:30 | 000,097,048 | ---- | M] () [Auto | Running] -- C:\Program Files\maucampo\updatemaucampo.exe -- (Update maucampo)
SRV - [2014/01/12 21:09:27 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/12/05 20:36:33 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/07/26 06:48:28 | 000,196,624 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe -- (NitroReaderDriverReadSpool3)
SRV - [2011/12/11 21:07:24 | 001,138,312 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe -- (almservice)
SRV - [2011/11/23 23:21:54 | 000,332,800 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCSsmRTServer.exe -- (CCSsmRTServer)
SRV - [2011/11/23 23:12:26 | 000,072,192 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCProfileServer.exe -- (CCProfileServer)
SRV - [2011/11/23 23:08:46 | 000,119,808 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CcAlgRtServer.exe -- (CCAlgRtServer)
SRV - [2011/11/23 23:07:52 | 000,361,984 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCAlgIAlarmDataCollector.exe -- (CCAlgIAlarmDataCollector)
SRV - [2011/11/23 23:06:00 | 000,489,472 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\Bin\CCLicenseService.exe -- (CCLicenseService)
SRV - [2011/11/23 23:03:22 | 000,100,352 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCRtsLoader.exe -- (CCRtsLoader)
SRV - [2011/11/23 23:00:42 | 000,372,224 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCTextServer.exe -- (CCTextServer)
SRV - [2011/11/23 23:00:36 | 000,091,648 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCTlgServer.exe -- (CCTlgServer)
SRV - [2011/11/23 22:59:04 | 001,311,232 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCUsrAcv.exe -- (CCUsrAcv)
SRV - [2011/11/23 22:34:50 | 000,450,560 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCPackageMgr.exe -- (CCPackageMgr)
SRV - [2011/11/23 22:34:20 | 000,757,760 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCDeltaLoader.exe -- (CCDeltaLoader)
SRV - [2011/11/23 22:32:10 | 000,299,520 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCTMTimeSyncServer.exe -- (CCTMTimeSyncServer)
SRV - [2011/11/23 22:31:10 | 000,646,144 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCNSInfo2Provider.exe -- (CCNSInfo2Provider)
SRV - [2011/11/23 22:30:04 | 000,195,072 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCLBMRTServer.exe -- (CCLBMRTServer)
SRV - [2011/11/23 22:29:40 | 000,436,736 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCCSigRTServer.exe -- (CCCSigRTServer)
SRV - [2011/11/23 22:28:46 | 000,331,776 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCPtmRTServer.exe -- (CCPtmRTServer)
SRV - [2011/11/23 22:26:56 | 001,464,832 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Siemens\WinCC\bin\CCProjectMgr.exe -- (CCProjectMgr)
SRV - [2011/11/23 16:02:26 | 000,346,112 | ---- | M] (SIEMENS AG) [Disabled | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\HistDataAccess\bin\sopchdasrvrwincc.exe -- (OPCServerHDA.WinCC)
SRV - [2011/11/23 16:00:22 | 000,188,416 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\UAWrapper\CCRT2UA.exe -- (XR_CCOPC.UAWrapper)
SRV - [2011/11/23 16:00:04 | 000,188,416 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\XMLDataAccess\bin\CCRT2XML.exe -- (XR_CCOPC.XMLWrapper)
SRV - [2011/11/23 15:59:38 | 000,348,160 | ---- | M] (SIEMENS AG) [Disabled | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\DataAccess\bin\sopcsrvrwincc.exe -- (OPCServer.WinCC)
SRV - [2011/11/23 15:59:00 | 000,344,064 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\XMLDataAccess\bin\DA2XML.exe -- (CCOPC.XMLWrapper)
SRV - [2011/11/23 15:59:00 | 000,344,064 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\UAWrapper\DA2UA.exe -- (CCOPC.UAWrapper)
SRV - [2011/11/23 15:57:38 | 000,261,632 | ---- | M] (SIEMENS AG) [Disabled | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\AlarmEvent\bin\sopcaesrvrwincc.exe -- (OPCServerAE.WinCC)
SRV - [2011/11/23 13:10:30 | 000,856,064 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\commonarchiving\CCRedundancyAgent.exe -- (CCRedundancyAgent-Service)
SRV - [2011/11/23 13:01:10 | 000,098,304 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\commonarchiving\CCDBUtils.exe -- (CCDBUtils)
SRV - [2011/11/23 12:59:42 | 000,757,760 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\commonarchiving\CCArchiveManager.exe -- (CCArchiveManagerService)
SRV - [2011/11/14 20:31:38 | 000,486,400 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe -- (RedundancyControl)
SRV - [2011/11/14 20:21:20 | 000,245,248 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe -- (CCEServer)
SRV - [2011/11/14 16:18:46 | 000,163,328 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe -- (SCSMonitor)
SRV - [2011/11/14 15:46:46 | 000,101,888 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\ace\bin\SCSFsX.exe -- (SCSFsX)
SRV - [2011/11/14 15:34:08 | 000,198,144 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\ace\bin\RedundancyState.exe -- (RedundancyState)
SRV - [2011/11/14 14:47:58 | 000,264,704 | ---- | M] (SIEMENS AG) [On_Demand | Running] -- C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe -- (CCEClient)
SRV - [2011/11/14 14:37:24 | 000,363,008 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\ace\bin\CCAgent.exe -- (CCAgent)
SRV - [2011/11/10 12:58:36 | 000,716,288 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\Bin\CCPerfMon.exe -- (CCPerfMon)
SRV - [2011/11/04 01:41:34 | 000,556,168 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe -- (S7TraceServiceX)
SRV - [2011/11/04 01:41:30 | 000,412,808 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe -- (s7oiehsx)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/02/05 03:04:08 | 000,139,488 | ---- | M] (OPC Foundation) [On_Demand | Stopped] -- C:\Windows\System32\OpcEnum.exe -- (OpcEnum)
========== Driver Services (SafeList) ==========
DRV - [2014/01/20 19:33:11 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2014/01/12 21:12:22 | 000,064,168 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aswstm.sys -- (aswStm)
DRV - [2014/01/12 21:09:28 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014/01/12 21:09:28 | 000,410,528 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2014/01/12 21:09:28 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/01/12 21:09:28 | 000,079,720 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2014/01/12 21:09:28 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014/01/12 21:09:28 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2011/10/11 19:13:20 | 000,343,888 | ---- | M] (SIEMENS AG) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SNTIE.SYS -- (SNTIE)
DRV - [2011/09/29 10:48:48 | 000,641,280 | ---- | M] (SIEMENS AG) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\s7ousbu32x.sys -- (s7ousbu32x)
DRV - [2011/06/16 19:10:22 | 000,063,104 | ---- | M] (SIEMENS AG) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\s7sn2srtx.sys -- (s7sn2srtx)
DRV - [2011/05/06 05:08:10 | 000,521,216 | ---- | M] (SIEMENS AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\S7otranx32.sys -- (S7otranx32)
DRV - [2011/05/06 05:03:22 | 000,087,552 | ---- | M] (SIEMENS AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\S7odpx2x32.sys -- (S7odpx2x32)
DRV - [2011/04/19 19:22:04 | 000,288,256 | ---- | M] (SIEMENS AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\dpmconv32.sys -- (dpmconv)
DRV - [2011/04/19 19:20:28 | 000,140,288 | ---- | M] (SIEMENS AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsnl2ada32.sys -- (vsnl2ada)
DRV - [2010/03/22 20:35:44 | 000,072,248 | ---- | M] (SIEMENS AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\DPMTRCDD32.sys -- (DPMTRCDD)
DRV - [2009/11/06 12:53:58 | 001,227,776 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/07/14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009/07/14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009/07/14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009/07/14 01:11:04 | 000,141,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mqac.sys -- (MQAC)
DRV - [2009/07/14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-987201152-1341176263-1292834751-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 64 65 73 CB 0F CF 01 [binary data]
IE - HKU\S-1-5-21-987201152-1341176263-1292834751-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-987201152-1341176263-1292834751-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-987201152-1341176263-1292834751-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.google.sk"
FF - prefs.js..extensions.enabledAddons: %7B66E978CD-981F-47DF-AC42-E3CF417C1467%7D:0.4.3
FF - prefs.js..extensions.enabledAddons: %7Bef8714df-a44b-464c-9034-549a70dc4cd7%7D:1.0.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/01/12 21:09:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2014/01/12 20:35:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Extensions
[2014/01/20 19:45:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions
[2014/01/20 19:45:21 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2014/01/12 20:38:26 | 000,016,454 | ---- | M] () (No name found) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions\HomepageNewTab@neocodex.us.xpi
[2014/01/12 20:40:34 | 000,003,793 | ---- | M] () (No name found) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi
[2014/01/19 20:28:35 | 000,940,775 | ---- | M] () (No name found) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/01/16 01:37:30 | 000,008,938 | ---- | M] () (No name found) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions\{ef8714df-a44b-464c-9034-549a70dc4cd7}.xpi
[2014/01/12 20:35:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/01/12 20:35:17 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (maucampo) - {5d7d4fb9-aca5-4013-8879-c58dcd4df9f1} - C:\Program Files\maucampo\maucampoBHO.dll (maucampo)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-987201152-1341176263-1292834751-1000\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CCUCSurrogate.exe] C:\Program Files\Siemens\WinCC\bin\CCUCSurrogate.exe ()
O4 - HKLM..\Run: [seznam-listicka-distribuce] C:\Program Files\Seznam.cz\distribution\szninstall.exe ()
O4 - HKU\S-1-5-21-987201152-1341176263-1292834751-1000..\Run: [cz.seznam.software.autoupdate] C:\Users\Andrej\AppData\Roaming\Seznam.cz\szninstall.exe ()
O4 - HKU\S-1-5-21-987201152-1341176263-1292834751-1000..\Run: [cz.seznam.software.szndesktop] C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe ()
O4 - HKU\S-1-5-21-987201152-1341176263-1292834751-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 9.lnk = C:\Program Files\TechSmith\Snagit 9\Snagit32.exe (TechSmith Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FA6D81AC-B75C-4D34-89C6-5947764FB974}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/03/10 16:55:40 | 000,000,045 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{7a2f2665-8200-11e3-a533-70f3954ca870}\Shell - "" = AutoRun
O33 - MountPoints2\{7a2f2665-8200-11e3-a533-70f3954ca870}\Shell\AutoRun\command - "" = G:\Setup.exe -- [2011/08/03 13:32:28 | 000,236,168 | R--- | M] (SIEMENS AG)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014/01/25 20:24:20 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2014/01/25 20:24:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2014/01/25 20:24:14 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Notepad++
[2014/01/25 20:24:14 | 000,000,000 | ---D | C] -- C:\Program Files\Notepad++
[2014/01/25 20:21:15 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Nitro PDF
[2014/01/25 13:46:54 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Andrej\Desktop\OTL.exe
[2014/01/25 12:37:38 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014/01/25 12:37:38 | 000,000,000 | ---D | C] -- C:\rsit
[2014/01/25 11:22:04 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\vlc
[2014/01/25 11:21:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2014/01/25 11:21:40 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2014/01/24 21:03:26 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Nitro
[2014/01/24 21:03:26 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\FileOpen
[2014/01/24 21:03:26 | 000,000,000 | ---D | C] -- C:\ProgramData\FileOpen
[2014/01/24 21:03:13 | 000,027,152 | ---- | C] (Nitro PDF Software) -- C:\Windows\System32\nitrolocalmon2.dll
[2014/01/24 21:03:13 | 000,018,448 | ---- | C] (Nitro PDF Software) -- C:\Windows\System32\nitrolocalui2.dll
[2014/01/24 21:03:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Nitro
[2014/01/24 21:03:06 | 000,000,000 | ---D | C] -- C:\Program Files\Nitro
[2014/01/24 21:03:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nitro
[2014/01/24 21:01:14 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Downloaded Installations
[2014/01/22 20:21:55 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Siemens
[2014/01/22 20:15:09 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\winhlp32.exe
[2014/01/22 20:15:09 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftsrch.dll
[2014/01/22 20:15:09 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftlx041e.dll
[2014/01/22 20:15:09 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftlx0411.dll
[2014/01/22 20:14:30 | 000,000,000 | ---D | C] -- C:\Program Files\WINCC
[2014/01/22 20:02:45 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Siemens
[2014/01/22 20:00:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Siemens Automation
[2014/01/22 20:00:07 | 000,000,000 | ---D | C] -- C:\Program Files\Siemens
[2014/01/22 20:00:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Siemens
[2014/01/22 19:47:33 | 000,000,000 | ---D | C] -- C:\Users\Andrej\Documents\SQL Server Management Studio
[2014/01/22 19:41:50 | 000,000,000 | ---D | C] -- C:\Users\Andrej\Documents\Visual Studio 2005
[2014/01/22 19:41:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2005
[2014/01/22 19:39:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2014/01/22 19:39:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2014/01/22 19:39:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2014/01/22 19:38:58 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2014/01/22 19:38:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2014/01/22 19:38:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Merge Modules
[2014/01/22 19:38:30 | 000,000,000 | ---D | C] -- C:\Program Files\OPC Foundation
[2014/01/22 19:38:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\OPC Foundation
[2014/01/22 19:38:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Designer
[2014/01/22 19:31:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\msmq
[2014/01/22 19:24:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Siemens
[2014/01/22 19:16:20 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\GHISLER
[2014/01/20 20:17:26 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Malwarebytes
[2014/01/20 20:17:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/01/20 20:17:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/01/20 20:17:11 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/01/20 20:17:11 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2014/01/20 19:51:20 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Microsoft Help
[2014/01/20 19:51:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2014/01/20 19:50:24 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2014/01/20 19:45:53 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\ElevatedDiagnostics
[2014/01/20 19:45:41 | 000,000,000 | ---D | C] -- C:\Program Files\maucampo
[2014/01/20 19:45:24 | 000,000,000 | ---D | C] -- C:\Program Files\Seznam.cz
[2014/01/20 19:44:40 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Seznam.cz
[2014/01/20 19:33:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2014/01/20 19:33:11 | 000,243,128 | ---- | C] (Disc Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2014/01/20 19:33:07 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\DAEMON Tools Lite
[2014/01/20 19:33:05 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2014/01/20 19:32:30 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2014/01/19 20:50:22 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Macromedia
[2014/01/19 20:50:22 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Macromedia
[2014/01/19 20:50:22 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Adobe
[2014/01/19 20:33:42 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/01/19 20:33:42 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/01/19 20:33:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2014/01/19 20:31:22 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Adobe
[2014/01/12 21:14:45 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\AVAST Software
[2014/01/12 21:12:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/01/12 21:09:40 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Google
[2014/01/12 21:09:40 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2014/01/12 21:09:34 | 000,064,168 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswstm.sys
[2014/01/12 21:09:33 | 000,775,952 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014/01/12 21:09:32 | 000,410,528 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014/01/12 21:09:32 | 000,067,824 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/01/12 21:09:31 | 000,079,720 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014/01/12 21:09:29 | 000,270,240 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/01/12 21:09:28 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/01/12 21:09:12 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/01/12 21:08:41 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/01/12 20:52:45 | 000,230,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2014/01/12 20:35:28 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Mozilla
[2014/01/12 20:35:28 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Mozilla
[2014/01/12 20:35:18 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2014/01/12 20:35:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/01/12 20:35:17 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/01/12 20:13:03 | 001,227,776 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\drivers\athr.sys
[2014/01/12 20:13:02 | 000,000,000 | ---D | C] -- C:\temp
[2014/01/12 20:13:02 | 000,000,000 | ---D | C] -- C:\Program Files\Lenovo
[2014/01/12 20:13:02 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\InstallShield
[2014/01/12 19:31:42 | 000,094,208 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RTNUninst32.dll
[2014/01/12 19:31:42 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2014/01/12 19:31:41 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2014/01/12 19:29:49 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Diagnostics
[2014/01/12 19:28:59 | 000,000,000 | ---D | C] -- C:\Drivers
[2014/01/12 13:51:41 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AIMP2
[2014/01/12 13:51:40 | 000,000,000 | ---D | C] -- C:\Program Files\AIMP2
[2014/01/12 13:32:51 | 000,000,000 | ---D | C] -- C:\Users\Andrej\Documents\Snagit
[2014/01/12 13:27:33 | 000,000,000 | ---D | C] -- C:\ProgramData\7. Realtek LAN Driver
[2014/01/12 13:27:11 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Programs
[2014/01/12 13:21:48 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Snagit 9
[2014/01/12 13:21:47 | 000,000,000 | ---D | C] -- C:\ProgramData\TechSmith
[2014/01/12 13:21:46 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\TechSmith
[2014/01/12 13:21:46 | 000,000,000 | ---D | C] -- C:\Program Files\TechSmith
[2014/01/12 13:20:36 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2014/01/12 13:20:01 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\WinRAR
[2014/01/12 13:20:01 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/01/12 13:20:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/01/12 13:19:44 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2014/01/12 13:17:52 | 000,000,000 | ---D | C] -- C:\Program Files\totalcmd
[2014/01/12 13:17:52 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
[2014/01/12 13:17:52 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\GHISLER
[2014/01/12 13:05:15 | 000,000,000 | R--D | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/01/12 13:05:15 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Searches
[2014/01/12 13:05:15 | 000,000,000 | R--D | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/01/12 13:05:06 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Identities
[2014/01/12 13:05:05 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Contacts
[2014/01/12 13:04:59 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\VirtualStore
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\AppData\Local\Temporary Internet Files
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Šablony
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Soubory cookie
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\SendTo
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Poslední
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Okolní tiskárny
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Okolní síť
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Documents\Obrázky
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Nabídka Start
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Local Settings
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Documents\Hudba
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\AppData\Local\History
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Documents\Filmy
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Dokumenty
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\Data aplikací
[2014/01/12 13:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Andrej\AppData\Local\Data aplikací
[2014/01/12 13:04:57 | 000,000,000 | --SD | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Videos
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Saved Games
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Pictures
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Music
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Links
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Favorites
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Downloads
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Documents
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\Desktop
[2014/01/12 13:04:57 | 000,000,000 | R--D | C] -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/01/12 13:04:57 | 000,000,000 | -H-D | C] -- C:\Users\Andrej\AppData
[2014/01/12 13:04:57 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Temp
[2014/01/12 13:04:57 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Local\Microsoft
[2014/01/12 13:04:57 | 000,000,000 | ---D | C] -- C:\Users\Andrej\AppData\Roaming\Media Center Programs
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Šablony
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\Recovery
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Plocha
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Obrázky
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Oblíbené položky
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Nabídka Start
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Hudba
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Filmy
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2014/01/12 13:04:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Data aplikací
[2014/01/12 12:54:06 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/01/12 12:51:33 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2014/01/12 12:51:15 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014/01/12 12:50:47 | 000,000,000 | ---D | C] -- C:\Windows\Panther
========== Files - Modified Within 30 Days ==========
[2014/01/25 20:32:16 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/01/25 20:27:55 | 000,664,976 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2014/01/25 20:27:55 | 000,657,654 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/01/25 20:27:55 | 000,137,518 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2014/01/25 20:27:55 | 000,122,402 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/01/25 20:20:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/25 20:20:43 | 2408,722,432 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/25 14:48:05 | 000,009,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/25 14:48:05 | 000,009,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/25 14:06:31 | 000,001,536 | ---- | M] () -- C:\Windows\System32\.sto
[2014/01/25 13:59:07 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/25 13:46:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Andrej\Desktop\OTL.exe
[2014/01/22 21:31:24 | 000,000,028 | ---- | M] () -- C:\Windows\ODBC.INI
[2014/01/22 21:31:09 | 000,000,061 | ---- | M] () -- C:\Windows\Simatic.cfg
[2014/01/22 20:16:46 | 000,269,992 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/01/22 20:10:01 | 000,000,000 | ---- | M] () -- C:\Windows\PDLSERV.INI
[2014/01/22 20:08:19 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_s7ousbu32x_01007.Wdf
[2014/01/20 19:33:11 | 000,243,128 | ---- | M] (Disc Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2014/01/19 20:33:42 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/01/19 20:33:42 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/01/12 21:12:22 | 000,064,168 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswstm.sys
[2014/01/12 21:09:28 | 000,775,952 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014/01/12 21:09:28 | 000,410,528 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014/01/12 21:09:28 | 000,270,240 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/01/12 21:09:28 | 000,180,248 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/01/12 21:09:28 | 000,079,720 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014/01/12 21:09:28 | 000,067,824 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/01/12 21:09:28 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/01/12 21:09:28 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/01/12 13:26:53 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/01/12 13:21:48 | 000,002,073 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 9.lnk
[2014/01/12 12:54:34 | 000,068,220 | ---- | M] () -- C:\Windows\System32\license.rtf
========== Files Created - No Company Name ==========
[2014/01/25 14:06:31 | 000,001,536 | ---- | C] () -- C:\Windows\System32\.sto
[2014/01/25 13:50:40 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/01/24 21:03:10 | 000,002,487 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 3.lnk
[2014/01/22 20:21:16 | 000,000,061 | ---- | C] () -- C:\Windows\Simatic.cfg
[2014/01/22 20:21:10 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI
[2014/01/22 20:10:01 | 000,000,000 | ---- | C] () -- C:\Windows\PDLSERV.INI
[2014/01/22 20:08:19 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_s7ousbu32x_01007.Wdf
[2014/01/19 20:33:43 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/12 21:09:34 | 000,180,248 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/01/12 21:09:32 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/01/12 20:35:20 | 000,001,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/01/12 19:31:42 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2014/01/12 13:26:53 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/01/12 13:21:48 | 000,002,073 | ---- | C] () -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 9.lnk
[2014/01/12 13:17:52 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF
[2014/01/12 13:17:52 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF
[2014/01/12 13:17:52 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF
[2014/01/12 13:17:52 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF
[2014/01/12 13:17:52 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF
[2014/01/12 13:17:52 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF
[2014/01/12 13:17:52 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF
[2014/01/12 13:05:16 | 000,001,413 | ---- | C] () -- C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/01/12 12:54:27 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2014/01/12 12:54:17 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2014/01/12 12:51:15 | 2408,722,432 | -HS- | C] () -- C:\hiberfil.sys
========== ZeroAccess Check ==========
[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009/07/14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2014/01/12 21:14:45 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\AVAST Software
[2014/01/20 19:46:31 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\DAEMON Tools Lite
[2014/01/24 21:01:14 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Downloaded Installations
[2014/01/24 21:03:26 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\FileOpen
[2014/01/12 13:18:26 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\GHISLER
[2014/01/24 21:03:26 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Nitro
[2014/01/25 20:21:15 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Nitro PDF
[2014/01/25 20:24:49 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Notepad++
[2014/01/25 20:26:02 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Seznam.cz
[2014/01/22 20:21:55 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Siemens
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009/07/14 05:53:46 | 000,003,422 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/07/14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2014/01/19 20:33:43 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
< >
< MD5 for: ATAPI.SYS >
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\System32\autochk.exe
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
< MD5 for: CDROM.SYS >
[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys
[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys
[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\explorer.exe
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
< MD5 for: HAL.DLL >
[2009/07/14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\System32\hal.dll
[2009/07/14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
< MD5 for: SCECLI.DLL >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
< MD5 for: TCPIP.SYS >
[2009/07/14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\System32\drivers\tcpip.sys
[2009/07/14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
< MD5 for: USERINIT.EXE >
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\System32\winlogon.exe
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
< >
< %systemroot%*.* /U /s >
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[12 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2014/01/19 20:50:22 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Adobe
[2014/01/12 21:14:45 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\AVAST Software
[2014/01/20 19:46:31 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\DAEMON Tools Lite
[2014/01/24 21:01:14 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Downloaded Installations
[2014/01/24 21:03:26 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\FileOpen
[2014/01/12 13:18:26 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\GHISLER
[2014/01/12 13:05:06 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Identities
[2014/01/12 20:13:02 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\InstallShield
[2014/01/19 20:50:22 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Macromedia
[2014/01/20 20:17:26 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Malwarebytes
[2009/07/14 10:20:06 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Media Center Programs
[2014/01/22 20:22:05 | 000,000,000 | --SD | M] -- C:\Users\Andrej\AppData\Roaming\Microsoft
[2014/01/12 20:35:32 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Mozilla
[2014/01/24 21:03:26 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Nitro
[2014/01/25 20:21:15 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Nitro PDF
[2014/01/25 20:24:49 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Notepad++
[2014/01/25 20:26:02 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Seznam.cz
[2014/01/22 20:21:55 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Siemens
[2014/01/25 11:33:07 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\vlc
[2014/01/12 13:51:12 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2014/01/12 13:21:48 | 001,431,040 | R--- | M] () -- C:\Users\Andrej\AppData\Roaming\Microsoft\Installer\{5C47C8B6-77FF-4FC7-A388-66FCF9CFC24C}\Icon0E6ED660.exe
[2013/05/16 14:25:04 | 001,062,472 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Seznam.cz\szninstall.exe
[2013/05/16 14:26:24 | 002,589,256 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Seznam.cz\sznsetup.exe
[2013/04/16 12:52:34 | 000,055,808 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\ffkill.exe
[2013/04/29 11:53:34 | 000,045,560 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
[2013/04/12 09:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2013/04/12 09:10:22 | 000,092,664 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2014/01/25 13:59:07 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2014/01/25 14:06:31 | 000,001,536 | ---- | M] () -- C:\Windows\system32\.sto
[2014/01/25 14:48:05 | 000,009,584 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/25 14:48:05 | 000,009,584 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/25 20:27:55 | 000,137,518 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2014/01/25 20:27:55 | 000,122,402 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2014/01/25 20:27:55 | 000,664,976 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2014/01/25 20:27:55 | 000,657,654 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2014/01/25 20:27:55 | 001,587,864 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
< %SYSTEMDRIVE%\*.exe >
< >
< *crack* /s >
< *keygen* /s >
[2014/01/20 19:49:16 | 000,017,400 | ---- | M] () -- \Windows\Prefetch\KEYGEN.EXE-97FEE410.pf
< *AntiWPA* /s >
< *loader* /s >
[2008/04/21 21:19:04 | 000,061,952 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7Debug\coloader80.dll
[2008/04/21 16:21:56 | 000,004,608 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7Debug\coloader80.tlb
[2005/10/14 03:49:48 | 000,017,624 | ---- | M] () -- \Program Files\Microsoft SQL Server\90\Tools\Binn\SqlResourceLoader.dll
[2005/10/14 03:49:48 | 000,017,624 | ---- | M] () -- \Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SqlResourceLoader.dll
[2010/07/28 04:38:12 | 000,008,787 | ---- | M] () -- \Program Files\Notepad++\user.manual\sites\all\modules\fancy_login\images\ajax-loader.gif
[2011/11/23 22:34:20 | 000,757,760 | ---- | M] () -- \Program Files\Siemens\WinCC\bin\CCDeltaLoader.exe
[2011/11/15 02:46:54 | 000,092,672 | ---- | M] () -- \Program Files\Siemens\WinCC\bin\CCDeltaLoaderenu.lng
[2011/11/23 23:03:22 | 000,100,352 | ---- | M] () -- \Program Files\Siemens\WinCC\bin\CCRtsLoader.exe
[2014/01/22 21:31:24 | 000,001,656 | ---- | M] () -- \Program Files\Siemens\WinCC\diagnose\CCDeltaLoader.Log
[2011/11/23 22:07:04 | 000,010,876 | ---- | M] () -- \Program Files\Siemens\WinCC\interfaces\CCDeltaLoaderIntern.tlb
[2011/11/23 22:10:02 | 000,001,240 | ---- | M] () -- \Program Files\Siemens\WinCC\interfaces\CCDmRtLoader.tlb
[2014/01/20 19:43:58 | 000,057,728 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2014/01/20 19:43:58 | 000,057,728 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2014/01/20 19:43:58 | 000,057,728 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2014/01/20 19:43:59 | 000,057,728 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin3\dt_dadget_loader.png
[2014/01/20 19:43:59 | 000,057,728 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin4\dt_dadget_loader.png
[2014/01/20 19:43:59 | 000,061,770 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin5\dt_dadget_loader.png
[2014/01/20 19:43:59 | 000,061,770 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin6\dt_dadget_loader.png
[2014/01/12 20:21:45 | 000,001,849 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C08U2WTL\ajax-loader-small[1].gif
[2014/01/20 19:45:07 | 000,031,516 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C08U2WTL\cz.seznam.software.libfoxloader-3.1.2-win32[1].zip
[2014/01/24 20:59:48 | 000,000,723 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C08U2WTL\downloaderror[1].js
[2014/01/12 20:21:45 | 000,003,208 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MGKUE3FA\ajax-loader[1].gif
[2014/01/19 20:31:24 | 000,001,174 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MGKUE3FA\downloader[1].js
[2014/01/24 20:59:48 | 000,001,174 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MGKUE3FA\downloader[2].js
[2014/01/12 20:21:29 | 000,003,061 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MGKUE3FA\rmsloaderdelayeddiv[1].js
[2014/01/24 20:59:45 | 000,007,934 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NKHPG91I\bundleloader[1].js
[2014/01/19 20:31:24 | 000,000,723 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TNFE8S5U\downloaderror[1].js
[2013/07/30 02:03:00 | 000,385,792 | ---- | M] () -- \Users\Andrej\AppData\Local\Temp\Solid State Networks\Host.b1ba86025ff6a09e9601f7843b9493355e2152e3\downloader.bundle
[2012/03/16 17:32:00 | 000,687,520 | ---- | M] () -- \Users\Andrej\AppData\Local\Temp\Solid State Networks\Host.b1ba86025ff6a09e9601f7843b9493355e2152e3\downloader.dll
[2013/04/15 12:32:10 | 000,060,416 | ---- | M] () -- \Users\Andrej\AppData\Roaming\Seznam.cz\bin\9526libfoxloader-x64.dll
[2013/03/29 12:37:34 | 000,059,384 | ---- | M] () -- \Users\Andrej\AppData\Roaming\Seznam.cz\bin\9526libfoxloader.dll
[2014/01/20 19:45:19 | 000,000,164 | ---- | M] () -- \Users\Andrej\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2013/03/25 15:27:20 | 000,000,665 | ---- | M] () -- \Users\Andrej\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.install.bat
[2013/03/25 15:27:26 | 000,000,117 | ---- | M] () -- \Users\Andrej\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.uninstall.bat
[2005/09/23 04:24:22 | 000,061,440 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\0C364DD1A05A49347B4E85590CF2E9D0\9.0.1399\FL_coloader80_dll_128691_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
[2005/09/22 23:23:44 | 000,004,608 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\0C364DD1A05A49347B4E85590CF2E9D0\9.0.1399\FL_coloader80_tlb_128927_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009/07/14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009/07/14 09:43:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009/07/14 09:43:57 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009/07/14 09:43:57 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2009/07/14 03:17:55 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009/07/14 03:17:55 | 000,507,568 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9_winload.exe_75835076
[2009/07/14 03:17:55 | 000,442,920 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9_winresume.exe_85cd1215
[2009/07/14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009/07/14 09:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009/07/14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009/07/14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2009/06/10 22:13:54 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009/07/14 09:43:37 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2011/11/23 22:40:52 | 000,164,352 | ---- | M] () -- \Program Files\Siemens\WinCC\bin\SIMATIC S5 Serial 3964R.CHB
[2011/11/23 22:41:44 | 000,078,848 | ---- | M] () -- \Program Files\Siemens\WinCC\bin\SIMATIC S5 Serial 3964R.CHN
[2011/11/23 22:41:10 | 000,155,648 | ---- | M] () -- \Program Files\Siemens\WinCC\bin\Simatic TI Serial.chb
[2011/11/23 22:41:44 | 000,078,848 | ---- | M] () -- \Program Files\Siemens\WinCC\bin\SIMATIC TI Serial.CHN
[2011/11/19 19:24:48 | 000,075,465 | ---- | M] () -- \Program Files\Siemens\WinCC\Documents\english\S5Serial3964R.chm
[2011/11/21 12:37:14 | 000,199,667 | ---- | M] () -- \Program Files\Siemens\WinCC\Documents\english\S5Serial3964R.pdf
[2014/01/24 20:59:45 | 000,000,659 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NKHPG91I\settingsserializationhandler[1].js
[2009/07/14 09:43:23 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009/07/14 09:43:37 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2009/06/10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2009/07/14 05:43:53 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\39e53f507d9cbc5c10a2f47c4b0d09dd\System.Runtime.Serialization.ni.dll
[2009/07/14 05:43:05 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d57d865568209a71d63739fa448ed6df\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2009/07/14 09:43:15 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009/06/10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009/07/14 09:43:17 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009/07/14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2009/07/14 09:43:30 | 000,009,728 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2009/07/13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009/07/14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009/07/13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2009/07/14 03:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009/07/14 03:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2009/07/14 09:43:55 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009/07/14 03:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009/07/14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2009/07/14 09:42:43 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2009/07/14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2009/07/14 02:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009/07/14 02:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2009/07/14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009/07/14 09:43:23 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009/06/10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2009/07/14 09:43:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2009/06/10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2009/07/13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2009/07/14 09:43:15 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c002c1170ca9a88f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009/07/14 09:43:17 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009/07/14 09:43:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2009/07/14 09:43:30 | 000,009,728 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c48c78a9ad8ff996\serial.sys.mui
[2009/07/14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009/07/13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2009/06/10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
< *w7lxe* /s >
< End of report >
Re: Prosím o preventívnu kontrolu


Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o preventívnu kontrolu
OS mám nainštolavaný len dočasne.
Mám legálny x64 bit windows home premium odzálohovaný na ext disku. (image clonezilla)
Tento OS mám len z dôvodu práce na mojej diplomovke. Téma diplomovej práce sa týka WinCC a automatizačných PLC.
WinCC v7 (na ktorú sa mi podarilo zapožičať licenciu od SIEMENS) žiaľbohu funguje len pre 32bit.
Netvrdím že som nikdy nepoužil nelegálny software ale ak je to možné vždy hľadám alternatívy.
Napr. nepoužívam acrobat reader pre jeho bezpečnostné nedostatky. Väčšinu software ktorý používam je s webu sourceforge.net

Mám legálny x64 bit windows home premium odzálohovaný na ext disku. (image clonezilla)
Tento OS mám len z dôvodu práce na mojej diplomovke. Téma diplomovej práce sa týka WinCC a automatizačných PLC.
WinCC v7 (na ktorú sa mi podarilo zapožičať licenciu od SIEMENS) žiaľbohu funguje len pre 32bit.
Netvrdím že som nikdy nepoužil nelegálny software ale ak je to možné vždy hľadám alternatívy.
Napr. nepoužívam acrobat reader pre jeho bezpečnostné nedostatky. Väčšinu software ktorý používam je s webu sourceforge.net

Re: Prosím o preventívnu kontrolu
Iba som zabudol dodať ak by Vás to napadlo, viem čo je virtualbox (virtual machine) ale skúšali to kolegovia a nedoporučili mi ísť touto cestou.
Na iné veci ho v práci používam ale na prácu s PLC je tam veľa komplikácií a radšej som sa tomu vyhol týmto spôsobom.
Na iné veci ho v práci používam ale na prácu s PLC je tam veľa komplikácií a radšej som sa tomu vyhol týmto spôsobom.
Re: Prosím o preventívnu kontrolu
A vite, co rikaji pravidla fora?
Hovori jasne http://forum.viry.cz/viewtopic.php?f=12&t=115512

Hovori jasne http://forum.viry.cz/viewtopic.php?f=12&t=115512
Pomáhat NELZE:
2) Pokud stroj uživatele prokazatelně obsahuje nelegální hostitelský čí ochranný software
(operační systém, antivir, firewall, atd.), je nutné navést uživatele k nápravě, např. skrze neplacený software,
a začít řešit, až v době kdy je PC "v pořádku". V případě že uživatel nechce na pravidla přistoupit,
je nutné jej vyzvat ať fórum opustí, a vrátí se až je splní.

Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o preventívnu kontrolu
OK
V tom prípade si budem musieť poradiť sám.
Ak by som Vás mohol poprosiť iba odpoveď na jednu otázku.
Je toto môj problém?


V tom prípade si budem musieť poradiť sám.
Ak by som Vás mohol poprosiť iba odpoveď na jednu otázku.
Je toto môj problém?

