Poprosím o kontrolu logu.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Jaryn01 at 2014-02-19 19:37:59
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 156 GB (66%) free of 238 GB
Total RAM: 3070 MB (66% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:38:05, on 19.2.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\OO Software\CleverCache\ooccctrl.exe
C:\Windows\VM303_STI.exe
C:\Windows\VMSnap3.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Jaryn01\Desktop\RSIT.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\trend micro\Jaryn01.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/?gws_rd=cr&ei=IyT ... swaI5YHYBw
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe
O4 - HKLM\..\Run: [ooccctrl.exe] C:\Program Files\OO Software\CleverCache\ooccctrl.exe /tasktray
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [BigDog303] C:\Windows\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKLM\..\Run: [VMSnap3] C:\Windows\VMSnap3.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe"
O4 - HKCU\..\Run: [Google+ Auto Backup] "C:\Users\Jaryn01\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-4286924774-1133248727-1479155232-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-4286924774-1133248727-1479155232-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: O&O Defrag Tray.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4232D4D9-8F6E-45AE-963C-1AFDCEC76D98}: NameServer = 192.168.38.1,10.10.10.10
O17 - HKLM\System\CS1\Services\Tcpip\..\{4232D4D9-8F6E-45AE-963C-1AFDCEC76D98}: NameServer = 192.168.38.1,10.10.10.10
O17 - HKLM\System\CS2\Services\Tcpip\..\{4232D4D9-8F6E-45AE-963C-1AFDCEC76D98}: NameServer = 192.168.38.1,10.10.10.10
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
O23 - Service: DokanMounter - Unknown owner - C:\Program Files\Dokan\DokanLibrary\mounter.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IBUpdaterService - Unknown owner - C:\Windows\system32\dmwu.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: O&O CleverCache (OOCleverCache) - O&O Software GmbH - C:\Program Files\OO Software\CleverCache\ooccag.exe
O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
--
End of file - 8849 bytes
======Scheduled tasks folder======
C:\Windows\tasks\AmiUpdXp.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files\Internet Download Manager\IDMIECC.dll [2014-02-03 401944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}]
Content Blocker Plugin - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-12-10 544448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73455575-E40C-433C-9784-C78DC7761455}]
Virtual Keyboard Plugin - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2013-12-10 885440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}]
Safe Money Plugin - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll [2013-12-10 427712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
URL Advisor Plugin - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll [2013-12-10 487104]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2013-09-19 3246384]
"ooccctrl.exe"=C:\Program Files\OO Software\CleverCache\ooccctrl.exe [2010-12-08 2901320]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2007-07-23 77824]
"BigDog303"=C:\Windows\VM303_STI.EXE [2006-01-24 61440]
"VMSnap3"=C:\Windows\VMSnap3.exe [2006-07-18 49152]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2013-10-09 356128]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google+ Auto Backup"=C:\Users\Jaryn01\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [2014-01-06 3619096]
"IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe [2014-02-05 3825232]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O&O Defrag Tray.lnk - C:\Windows\Installer\{41DB3D33-D655-40BB-8BF3-824768DD6170}\app_icon.ico
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=28
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"vidc.mjpg"=bdmjpeg.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-02-19 19:29:55 ----D---- C:\rsit
2014-02-19 19:29:55 ----D---- C:\Program Files\trend micro
2014-02-14 08:51:40 ----D---- C:\ProgramData\IDM
2014-02-14 03:15:23 ----A---- C:\Windows\system32\ieui.dll
2014-02-14 03:15:23 ----A---- C:\Windows\system32\ie4uinit.exe
2014-02-14 03:15:22 ----A---- C:\Windows\system32\msrating.dll
2014-02-14 03:15:22 ----A---- C:\Windows\system32\jsproxy.dll
2014-02-14 03:15:22 ----A---- C:\Windows\system32\iesetup.dll
2014-02-14 03:15:22 ----A---- C:\Windows\system32\iernonce.dll
2014-02-14 03:15:22 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-02-14 03:15:21 ----A---- C:\Windows\system32\jscript9diag.dll
2014-02-14 03:15:21 ----A---- C:\Windows\system32\ieUnatt.exe
2014-02-14 03:15:21 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-02-14 03:15:21 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-02-14 03:15:20 ----A---- C:\Windows\system32\ieapfltr.dll
2014-02-14 03:15:19 ----A---- C:\Windows\system32\msfeeds.dll
2014-02-14 03:15:18 ----A---- C:\Windows\system32\wininet.dll
2014-02-14 03:15:18 ----A---- C:\Windows\system32\urlmon.dll
2014-02-14 03:15:18 ----A---- C:\Windows\system32\iertutil.dll
2014-02-14 03:15:16 ----A---- C:\Windows\system32\ieframe.dll
2014-02-14 03:15:15 ----A---- C:\Windows\system32\mshtml.dll
2014-02-14 03:15:15 ----A---- C:\Windows\system32\jscript9.dll
2014-02-14 03:03:19 ----A---- C:\Windows\system32\vbscript.dll
2014-02-13 13:08:18 ----D---- C:\Program Files\Defense Grid - The Awakening
2014-02-13 12:29:33 ----D---- C:\ProgramData\RELOADED
2014-02-13 07:47:50 ----A---- C:\Windows\system32\msxml3r.dll
2014-02-13 07:47:50 ----A---- C:\Windows\system32\msxml3.dll
2014-02-13 05:17:48 ----A---- C:\Windows\system32\d3d10warp.dll
2014-02-13 05:17:48 ----A---- C:\Windows\system32\d2d1.dll
2014-02-13 05:17:05 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 05:17:05 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-02-13 05:17:05 ----A---- C:\Windows\system32\secproc_isv.dll
2014-02-13 05:17:05 ----A---- C:\Windows\system32\secproc.dll
2014-02-13 05:17:05 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 05:17:05 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 05:17:05 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-02-13 05:17:05 ----A---- C:\Windows\system32\RMActivate.exe
2014-02-13 05:17:05 ----A---- C:\Windows\system32\msdrm.dll
2014-02-05 13:44:15 ----A---- C:\Windows\system32\drivers\idmwfp.sys
2014-01-26 10:08:45 ----D---- C:\FFOutput
2014-01-26 10:08:03 ----D---- C:\Program Files\FreeTime
2014-01-24 09:58:37 ----D---- C:\Users\Jaryn01\AppData\Roaming\BANDISOFT
2014-01-24 09:55:42 ----D---- C:\Program Files\Bandicam
2014-01-24 09:55:41 ----D---- C:\Program Files\BandiMPEG1
======List of files/folders modified in the last 1 month======
2014-02-19 19:37:41 ----D---- C:\Windows
2014-02-19 19:34:26 ----D---- C:\Windows\Prefetch
2014-02-19 19:29:55 ----RD---- C:\Program Files
2014-02-19 18:49:31 ----D---- C:\Users\Jaryn01\AppData\Roaming\DMCache
2014-02-19 18:35:55 ----D---- C:\Windows\Temp
2014-02-19 18:21:53 ----D---- C:\ProgramData\Kaspersky Lab
2014-02-19 18:05:13 ----D---- C:\ProgramData\NVIDIA
2014-02-19 18:04:35 ----D---- C:\Windows\system32\config
2014-02-19 14:15:59 ----SHD---- C:\System Volume Information
2014-02-19 08:26:24 ----D---- C:\Windows\System32
2014-02-19 08:26:24 ----D---- C:\Windows\inf
2014-02-19 08:26:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-02-18 09:49:17 ----D---- C:\Users\Jaryn01\AppData\Roaming\TS3Client
2014-02-14 09:24:33 ----D---- C:\Windows\system32\drivers
2014-02-14 09:24:32 ----D---- C:\Users\Jaryn01\AppData\Roaming\IDM
2014-02-14 09:24:32 ----D---- C:\Program Files\Internet Download Manager
2014-02-14 08:51:40 ----HD---- C:\ProgramData
2014-02-14 05:33:01 ----SHD---- C:\Windows\Installer
2014-02-14 05:33:01 ----SHD---- C:\Config.Msi
2014-02-14 04:12:14 ----D---- C:\Windows\rescache
2014-02-14 03:35:51 ----D---- C:\Windows\winsxs
2014-02-14 03:33:35 ----D---- C:\Program Files\Internet Explorer
2014-02-14 03:22:26 ----D---- C:\Windows\Microsoft.NET
2014-02-14 03:22:25 ----RSD---- C:\Windows\assembly
2014-02-14 03:18:08 ----D---- C:\ProgramData\Microsoft Help
2014-02-14 03:16:55 ----D---- C:\Windows\system32\catroot
2014-02-14 03:15:37 ----D---- C:\Windows\system32\catroot2
2014-02-14 03:10:54 ----D---- C:\Windows\system32\MRT
2014-02-14 03:08:06 ----D---- C:\Windows\debug
2014-02-14 03:08:03 ----A---- C:\Windows\system32\MRT.exe
2014-02-14 03:04:15 ----A---- C:\Windows\win.ini
2014-02-14 03:01:19 ----D---- C:\Windows\system32\cs-CZ
2014-02-10 20:47:54 ----D---- C:\Users\Jaryn01\AppData\Roaming\BSplayer
2014-02-07 19:40:46 ----D---- C:\Windows\system32\WNLT
2014-02-07 19:40:44 ----D---- C:\Windows\system32\ARFC
2014-02-04 10:28:20 ----A---- C:\Windows\system32\dmwu.exe
2014-02-04 10:22:40 ----A---- C:\Windows\system32\ImHttpComm.dll
2014-02-04 09:39:38 ----A---- C:\Windows\system32\msvcr80.dll
2014-02-04 09:39:38 ----A---- C:\Windows\system32\msvcp80.dll
2014-02-04 09:39:38 ----A---- C:\Windows\system32\msvcm80.dll
2014-02-02 00:18:32 ----D---- C:\Windows\system32\wdi
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2013-12-10 135776]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 AsIO;AsIO; C:\Windows\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-01-25 242240]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2013-10-09 595552]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2013-12-10 25696]
R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2013-06-18 44000]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2013-05-14 145040]
R2 Dokan;Dokan; \??\C:\Windows\system32\drivers\dokan.sys [2011-01-10 95744]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2013-10-09 25696]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2013-10-09 25696]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-05-13 6504]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2013-09-17 161056]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 IDMWFP;IDMWFP; C:\Windows\system32\DRIVERS\idmwfp.sys [2013-11-28 108000]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 vvftav303;vvftav303; C:\Windows\system32\drivers\vvftav303.sys [2007-03-18 475136]
S3 ZSMC0303;VIMICRO USB PC Camera (ZC0301PLH); C:\Windows\System32\Drivers\usbVM303.sys [2007-03-16 1474560]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DokanMounter;DokanMounter; C:\Program Files\Dokan\DokanLibrary\mounter.exe [2011-01-10 14848]
R2 IBUpdaterService;IBUpdaterService; C:\Windows\system32\dmwu.exe [2014-02-04 1527600]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-23 664352]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-10-27 1364256]
R2 OOCleverCache;O&O CleverCache; C:\Program Files\OO Software\CleverCache\ooccag.exe [2010-12-08 705864]
R2 OODefragAgent;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2013-09-19 1377072]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-23 414496]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 AVP;Kaspersky Anti-Virus Service; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2013-10-09 356128]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-12 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-07-25 162672]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-12 250808]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-12 116648]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-02-06 108032]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-13 1343400]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivní kontrola
Moderátor: Moderátoři
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Re: Preventivní kontrola
Zdravim 
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
vrbickyjaroslav
- Návštěvník
- Příspěvky: 33
- Registrován: 07 led 2007 20:51
Re: Preventivní kontrola
OTL logfile created on: 20.2.2014 13:46:45 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jaryn01\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,31 Gb Available Physical Memory | 76,93% Memory free
6,00 Gb Paging File | 5,34 Gb Available in Paging File | 89,01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,79 Gb Total Space | 152,62 Gb Free Space | 65,56% Space Free | Partition Type: NTFS
Drive E: | 596,16 Gb Total Space | 139,74 Gb Free Space | 23,44% Space Free | Partition Type: NTFS
Computer Name: JARYN01-PC | User Name: Jaryn01 | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014.02.20 13:26:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jaryn01\Desktop\OTL.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2013.09.05 00:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
========== Services (SafeList) ==========
SRV - [2014.02.06 10:47:18 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014.02.04 10:28:20 | 001,527,600 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\dmwu.exe -- (IBUpdaterService)
SRV - [2013.12.21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.12.19 00:41:02 | 030,814,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2013.10.27 09:12:58 | 001,364,256 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.10.23 03:02:32 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013.10.09 08:49:12 | 000,356,128 | ---- | M] (Kaspersky Lab ZAO) [Auto | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -- (AVP)
SRV - [2013.09.19 19:13:26 | 001,377,072 | ---- | M] (O&O Software GmbH) [Auto | Stopped] -- C:\Program Files\OO Software\Defrag\oodag.exe -- (OODefragAgent)
SRV - [2013.07.25 07:52:52 | 000,162,672 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.05.27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012.12.13 12:07:30 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012.12.12 18:34:49 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011.01.10 13:49:20 | 000,014,848 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Dokan\DokanLibrary\mounter.exe -- (DokanMounter)
SRV - [2010.12.08 15:59:20 | 000,705,864 | ---- | M] (O&O Software GmbH) [Auto | Stopped] -- C:\Program Files\OO Software\CleverCache\ooccag.exe -- (OOCleverCache)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - [2013.12.10 09:42:09 | 000,135,776 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (kl1)
DRV - [2013.12.10 09:42:09 | 000,025,696 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2013.11.28 01:24:18 | 000,108,000 | ---- | M] (Tonec Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\idmwfp.sys -- (IDMWFP)
DRV - [2013.10.27 09:13:14 | 010,410,272 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013.10.09 08:50:24 | 000,595,552 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Stopped] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2013.10.09 08:50:24 | 000,025,696 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2013.10.09 08:50:24 | 000,025,696 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\klkbdflt.sys -- (klkbdflt)
DRV - [2013.09.17 21:23:16 | 000,161,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2013.06.18 12:34:03 | 000,044,000 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kltdi.sys -- (kltdi)
DRV - [2013.05.14 19:09:33 | 000,145,040 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\kneps.sys -- (kneps)
DRV - [2013.01.25 18:51:12 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012.08.23 15:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012.08.23 15:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2011.01.10 13:49:28 | 000,095,744 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\dokan.sys -- (Dokan)
DRV - [2010.11.20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.07.13 23:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009.05.13 19:11:34 | 000,006,504 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2007.12.17 17:14:06 | 000,012,400 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\System32\drivers\AsIO.sys -- (AsIO)
DRV - [2007.06.29 14:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2007.03.18 18:06:32 | 000,475,136 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vvftav303.sys -- (vvftav303)
DRV - [2007.03.16 16:24:50 | 001,474,560 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbVM303.sys -- (ZSMC0303)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4286924774-1133248727-1479155232-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/?gws_rd=cr&ei=IyT ... swaI5YHYBw
IE - HKU\S-1-5-21-4286924774-1133248727-1479155232-1000\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
IE - HKU\S-1-5-21-4286924774-1133248727-1479155232-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-4286924774-1133248727-1479155232-1000\..\SearchScopes\{3A502007-BB5A-4306-BAB6-D7B7E01591EA}: "URL" = http://search.conduit.com/ResultsExt.as ... 0511380318
IE - HKU\S-1-5-21-4286924774-1133248727-1479155232-1000\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/?a=6PQXU8 ... earchTerms}
IE - HKU\S-1-5-21-4286924774-1133248727-1479155232-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://mysearch.sweetpacks.com?src=6&q= ... id=&&st=23
IE - HKU\S-1-5-21-4286924774-1133248727-1479155232-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4286924774-1133248727-1479155232-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013.12.10 09:42:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013.12.10 09:42:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013.12.10 09:42:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013.12.10 09:42:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013.12.10 09:42:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ext@WebexpEnhancedV1alpha131.net: C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131\ff [2013.12.20 16:08:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ext@VideoPlayerV3beta368.net: C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368\ff [2014.01.10 08:40:15 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Jaryn01\AppData\Roaming\IDM\idmmzcc5 [2014.02.14 09:24:32 | 000,000,000 | ---D | M]
[2013.01.25 18:52:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\PROGRAM FILES\BETTERSURF\BETTERSURFPLUS\FF
[2014.01.10 08:40:15 | 000,000,000 | ---D | M] (Video Player) -- C:\PROGRAM FILES\VIDEOPLAYERV3\VIDEOPLAYERV3BETA368\FF
[2013.12.20 16:08:34 | 000,000,000 | ---D | M] (Webexp Enhanced) -- C:\PROGRAM FILES\WEBEXPENHANCEDV1\WEBEXPENHANCEDV1ALPHA131\FF
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - Extension: Disk Google = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Turn Off the Lights = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.3.0.5_0\
CHR - Extension: Turn Off the Lights = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.3.0.6_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Email = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig\1.3.13_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Slovn\u00EDk = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.2.13_0\
CHR - Extension: YouTube = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Webexp Enhanced = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmnkenagnfhbblioaglgannoeaaiogen\1.1_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Kaspersky URL Advisor = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0\
CHR - Extension: Video Player = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoohldkepopbhnbippphapjfhfncicj\1.1_0\
CHR - Extension: Safe Money = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0\
CHR - Extension: Content Blocker = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_0\
CHR - Extension: Virtu\u00E1ln\u00ED kl\u00E1vesnice = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4292_0\
CHR - Extension: IDM Integration Module = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.19.1_0\
CHR - Extension: Star Gazer = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\mblmlcbknbnfebdfjnolmcapmdofhmme\1.1_0\
CHR - Extension: Roz\u0161\u00ED\u0159en\u00ED Odb\u011Bry RSS (od Googlu) = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd\2.2.3_0\
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.5.14_0\
CHR - Extension: Gmail = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Anti-Banner = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0\
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [BigDog303] C:\Windows\VM303_STI.EXE (Vimicro)
O4 - HKLM..\Run: [ooccctrl.exe] C:\Program Files\OO Software\CleverCache\ooccctrl.exe (O&O Software GmbH)
O4 - HKLM..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe (O&O Software GmbH)
O4 - HKLM..\Run: [VMSnap3] C:\Windows\VMSnap3.exe (Vimicro)
O4 - HKU\S-1-5-21-4286924774-1133248727-1479155232-1000..\Run: [Google+ Auto Backup] C:\Users\Jaryn01\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe (Google Inc.)
O4 - HKU\S-1-5-21-4286924774-1133248727-1479155232-1000..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-4286924774-1133248727-1479155232-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O9 - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O13 - gopher Prefix: missing
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab (asusTek_sysctrl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4232D4D9-8F6E-45AE-963C-1AFDCEC76D98}: NameServer = 192.168.38.1,10.10.10.10
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1cc9e528-4b4b-11e2-b4a6-0017318739ae}\Shell - "" = AutoRun
O33 - MountPoints2\{1cc9e528-4b4b-11e2-b4a6-0017318739ae}\Shell\AutoRun\command - "" = G:\iStudio.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1084
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.bdmpeg - C:\Windows\System32\bdmpega.acm ()
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.mjpg - C:\Windows\System32\bdmjpeg.dll ()
Drivers32: vidc.mpeg - C:\Windows\System32\bdmpegv.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014.02.20 13:26:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jaryn01\Desktop\OTL.exe
[2014.02.20 01:50:16 | 000,000,000 | ---D | C] -- C:\Users\Jaryn01\Desktop\Nová složka
[2014.02.19 19:29:55 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.02.19 19:29:55 | 000,000,000 | ---D | C] -- C:\rsit
[2014.02.15 08:41:14 | 000,000,000 | ---D | C] -- C:\Users\Jaryn01\Desktop\mluvené slovo
[2014.02.14 09:24:17 | 000,000,000 | ---D | C] -- C:\Users\Jaryn01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2014.02.14 09:24:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2014.02.14 08:51:40 | 000,000,000 | ---D | C] -- C:\ProgramData\IDM
[2014.02.14 03:15:23 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014.02.14 03:15:23 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014.02.14 03:15:23 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014.02.14 03:15:22 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014.02.14 03:15:22 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014.02.14 03:15:22 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014.02.14 03:15:22 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014.02.14 03:15:22 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014.02.14 03:15:21 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014.02.14 03:15:21 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014.02.14 03:15:21 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014.02.14 03:15:21 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014.02.14 03:15:20 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014.02.14 03:15:19 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014.02.14 03:15:17 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014.02.14 03:15:15 | 004,244,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014.02.13 13:08:18 | 000,000,000 | ---D | C] -- C:\Program Files\Defense Grid - The Awakening
[2014.02.13 12:29:33 | 000,000,000 | ---D | C] -- C:\ProgramData\RELOADED
[2014.02.13 12:25:54 | 000,000,000 | ---D | C] -- C:\Users\Jaryn01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Defense Grid - The Awakening
[2014.02.13 07:47:50 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2014.02.13 05:17:48 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2014.02.13 05:17:48 | 001,987,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2014.02.13 05:17:05 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2014.02.13 05:17:05 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2014.02.13 05:17:05 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2014.02.13 05:17:05 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2014.02.13 05:17:05 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2014.02.13 05:17:05 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2014.02.13 05:17:05 | 000,390,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2014.02.13 05:17:05 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2014.02.13 05:17:05 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2014.02.05 13:44:15 | 000,108,000 | ---- | C] (Tonec Inc.) -- C:\Windows\System32\drivers\idmwfp.sys
[2014.01.26 10:13:57 | 000,000,000 | ---D | C] -- C:\Users\Jaryn01\Documents\Add-in Express
[2014.01.26 10:08:45 | 000,000,000 | ---D | C] -- C:\FFOutput
[2014.01.26 10:08:17 | 000,000,000 | ---D | C] -- C:\Users\Jaryn01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
[2014.01.26 10:08:03 | 000,000,000 | ---D | C] -- C:\Program Files\FreeTime
[2014.01.24 09:58:37 | 000,000,000 | ---D | C] -- C:\Users\Jaryn01\AppData\Roaming\BANDISOFT
[2014.01.24 09:58:26 | 000,000,000 | ---D | C] -- C:\Users\Jaryn01\Documents\Bandicam
[2014.01.24 09:55:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam
[2014.01.24 09:55:42 | 000,000,000 | ---D | C] -- C:\Program Files\Bandicam
[2014.01.24 09:55:41 | 000,000,000 | ---D | C] -- C:\Program Files\BandiMPEG1
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014.02.20 13:48:18 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.02.20 13:44:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.02.20 13:44:24 | 2414,731,264 | -HS- | M] () -- C:\hiberfil.sys
[2014.02.20 13:33:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.02.20 13:30:04 | 000,020,880 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.02.20 13:30:04 | 000,020,880 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.02.20 13:26:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jaryn01\Desktop\OTL.exe
[2014.02.20 13:24:32 | 000,000,364 | ---- | M] () -- C:\Windows\tasks\AmiUpdXp.job
[2014.02.20 13:24:31 | 000,000,938 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.02.19 19:29:37 | 000,781,383 | ---- | M] () -- C:\Users\Jaryn01\Desktop\RSIT.exe
[2014.02.19 08:26:24 | 000,646,714 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2014.02.19 08:26:24 | 000,623,012 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014.02.19 08:26:24 | 000,127,122 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2014.02.19 08:26:24 | 000,111,140 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014.02.13 13:08:21 | 000,001,124 | ---- | M] () -- C:\Users\Jaryn01\Desktop\Defense Grid - The Awakening.lnk
[2014.02.06 11:20:26 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014.02.06 11:19:55 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014.02.06 11:01:36 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014.02.06 11:00:46 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014.02.06 10:52:56 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014.02.06 10:52:21 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014.02.06 10:49:22 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014.02.06 10:47:22 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014.02.06 10:47:18 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014.02.06 10:46:27 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014.02.06 10:34:32 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014.02.06 10:25:43 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014.02.06 10:25:36 | 004,244,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014.02.06 10:13:13 | 000,524,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014.02.06 10:09:30 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014.02.06 09:34:31 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014.02.04 10:28:20 | 001,527,600 | ---- | M] () -- C:\Windows\System32\dmwu.exe
[2014.02.04 10:22:40 | 000,027,136 | ---- | M] (IncrediMail, Ltd.) -- C:\Windows\System32\ImHttpComm.dll
[2014.02.04 09:39:38 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr80.dll
[2014.02.04 09:39:38 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp80.dll
[2014.02.04 09:39:38 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcm80.dll
[2014.01.26 10:08:17 | 000,001,196 | ---- | M] () -- C:\Users\Jaryn01\Desktop\FormatFactory.lnk
[2014.01.24 09:55:46 | 000,000,950 | ---- | M] () -- C:\Users\Jaryn01\Desktop\Bandicam.lnk
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014.02.20 12:26:46 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.02.19 19:29:34 | 000,781,383 | ---- | C] () -- C:\Users\Jaryn01\Desktop\RSIT.exe
[2014.02.13 13:08:21 | 000,001,124 | ---- | C] () -- C:\Users\Jaryn01\Desktop\Defense Grid - The Awakening.lnk
[2014.01.26 10:08:17 | 000,001,196 | ---- | C] () -- C:\Users\Jaryn01\Desktop\FormatFactory.lnk
[2014.01.24 09:55:46 | 000,000,950 | ---- | C] () -- C:\Users\Jaryn01\Desktop\Bandicam.lnk
[2013.09.05 10:20:09 | 000,006,144 | ---- | C] () -- C:\Users\Jaryn01\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.08.05 07:15:08 | 000,066,104 | ---- | C] () -- C:\Windows\System32\bdmpegv.dll
[2013.08.05 07:15:06 | 000,023,080 | ---- | C] () -- C:\Windows\System32\bdmjpeg.dll
[2013.07.08 13:01:48 | 000,000,075 | ---- | C] () -- C:\Windows\winDecrypt.INI
[2013.03.22 18:58:12 | 000,126,976 | ---- | C] () -- C:\Windows\System32\vmcoinst_zc0301plh.dll
[2013.03.22 18:57:32 | 000,122,880 | ---- | C] () -- C:\Windows\rm303b.exe
[2013.03.22 18:57:32 | 000,049,152 | ---- | C] () -- C:\Windows\Domino.exe
[2013.03.22 15:55:13 | 000,122,880 | ---- | C] () -- C:\Windows\VMPipe.dll
[2013.03.22 15:55:13 | 000,024,576 | ---- | C] () -- C:\Windows\RunSetup.dll
[2013.03.08 14:23:29 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2013.02.02 17:00:25 | 000,007,609 | ---- | C] () -- C:\Users\Jaryn01\AppData\Local\Resmon.ResmonCfg
[2013.01.25 18:52:39 | 001,527,600 | ---- | C] () -- C:\Windows\System32\dmwu.exe
[2013.01.13 17:29:30 | 000,024,576 | ---- | C] () -- C:\Windows\System32\AsIO.dll
[2013.01.13 17:29:30 | 000,012,400 | ---- | C] () -- C:\Windows\System32\drivers\AsIO.sys
[2013.01.13 17:29:01 | 000,006,504 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2012.12.13 14:12:36 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2012.12.13 14:11:41 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012.12.13 11:23:56 | 003,426,956 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
[2012.12.12 19:53:15 | 000,000,717 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
========== ZeroAccess Check ==========
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2014.01.24 09:58:37 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\BANDISOFT
[2014.02.10 20:47:54 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\BSplayer
[2013.02.24 12:17:45 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\BSplayer Pro
[2013.08.27 11:21:50 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\com.webkinesis.PicasaUploaderDesktop
[2013.01.27 07:13:16 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\DAEMON Tools Lite
[2014.02.20 13:25:37 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\DMCache
[2013.02.02 17:11:55 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\Downloaded Installations
[2013.03.22 18:31:05 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\GetRightToGo
[2013.07.10 10:47:52 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\GHISLER
[2014.02.14 09:24:32 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\IDM
[2013.09.23 08:20:45 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\Seznam.cz
[2013.02.07 10:34:44 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\TestApp
[2014.02.18 09:49:17 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\TS3Client
[2012.12.14 00:38:40 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\Wargaming.net
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 05:53:46 | 000,032,580 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2012.12.12 20:55:17 | 000,000,938 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.02.18 17:09:16 | 000,000,940 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.11.24 19:50:53 | 000,000,364 | ---- | C] () -- C:\Windows\Tasks\AmiUpdXp.job
< >
< MD5 for: AGP440.SYS >
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2012.06.02 05:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2013.05.10 05:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013.05.13 05:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013.07.09 14:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013.07.09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\System32\cryptsvc.dll
[2013.07.09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2012.06.02 05:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013.05.11 05:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2013.05.10 06:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2012.06.02 05:41:59 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=EA8C26ECF1656D9647EF044F115EC6DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll
[2013.10.05 02:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll
[2012.06.02 05:45:21 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=F2FDE6C8DBAAD44CC58D1E07E4AF4EED -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
< MD5 for: IASTORV.SYS >
[2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 06:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 06:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\drivers\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\isapnp.sys
< MD5 for: LSASS.EXE >
[2011.11.17 08:09:25 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=05F38CB7CAB3CE8E9A1812D517DA93EF -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_a69c8e86d7476262\lsass.exe
[2013.09.25 01:54:21 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=559C7769B397F07E12725EE55337D4C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22465_none_a8a66792d452b56a\lsass.exe
[2012.08.24 17:53:44 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=7ABC23F3D86880AD62ACEDC7479608F8 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_a889f15ed46779fd\lsass.exe
[2013.09.25 01:49:20 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=803B370865D907EA21DC0C2B6A8936B5 -- C:\Windows\System32\lsass.exe
[2013.09.25 01:49:20 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=803B370865D907EA21DC0C2B6A8936B5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18270_none_a80cf783bb41b5b7\lsass.exe
[2011.11.17 06:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\lsass.exe
[2011.11.17 06:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_a828bb43bb2beb28\lsass.exe
[2011.11.17 06:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_a82d8b59bb293454\lsass.exe
[2012.06.02 05:40:31 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=A6034689ACF9D14973F8384AD5A5451E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_a6eb42a4d70be51e\lsass.exe
[2011.11.17 06:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_a66c9bbdbde5f8fa\lsass.exe
[2011.11.17 06:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_a656d407bdf6641e\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe
[2012.06.02 05:51:22 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FA7B950E4CA6AA260C4EABA19E03644D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_a8d76e24d42eb666\lsass.exe
[2011.11.17 06:24:04 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FBCB2DFA40862DAA7B1534C9538208A5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\lsass.exe
< MD5 for: NDIS.SYS >
[2012.08.22 18:05:16 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=15B74B6283CEBCCE3054C1001CA01B5E -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_aa0491cf93ad1c31\ndis.sys
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys
[2012.08.22 18:16:46 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=8C9C922D71F1CD4DEF73F186416B7896 -- C:\Windows\System32\drivers\ndis.sys
[2012.08.22 18:16:46 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=8C9C922D71F1CD4DEF73F186416B7896 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_a9bdfee47a5cd154\ndis.sys
[2010.11.20 13:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys
< MD5 for: NETLOGON.DLL >
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
< MD5 for: NVRAID.SYS >
[2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvraid.sys
[2010.11.20 13:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 13:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvraid.sys
[2011.03.11 06:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\System32\drivers\nvraid.sys
[2011.03.11 06:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 06:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvraid.sys
[2011.03.11 06:28:10 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=E3B840350A72CA6F39BD2BEF85A2BCFB -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvraid.sys
[2011.03.11 06:44:01 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=F1B0BED906F97E16F6D0C3629D2F21C6 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvraid.sys
[2011.03.11 06:52:25 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=FCD5C3542A85EEBA7D0833B7E5086C10 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 06:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 06:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: SMSS.EXE >
[2013.03.19 03:43:41 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=0294CC751D7FAEB13621EEFB8A749429 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_ae7bdfb790cddbcf\smss.exe
[2009.07.14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe
[2013.03.19 03:51:05 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=37F4765554F2CD34AAAB616F696E5539 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.21490_none_ac8ab2c593af8bd4\smss.exe
[2013.07.08 04:02:28 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=634E0B45780F502304592C5615A31089 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22379_none_ae8fb42390bda114\smss.exe
[2013.03.19 03:50:03 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=B24BF638652522BB5E14AB7993FD4A5D -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.17273_none_ac19b4ca7a7f0306\smss.exe
[2013.08.29 01:51:28 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=D2A72C71CD6C18A99E920EC5761F0C7D -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_aeb7f4db909fe272\smss.exe
[2013.03.19 03:49:16 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=DE91DCC7BC55E940979097E98F743205 -- C:\Windows\System32\smss.exe
[2013.03.19 03:49:16 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=DE91DCC7BC55E940979097E98F743205 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_ae40f33e7774c473\smss.exe
[2013.05.06 04:02:20 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=EC745C0949B101129AB6D39CD63808A6 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22318_none_aecf9361908de017\smss.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2012.08.22 18:05:21 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2011.04.25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013.01.03 06:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2010.11.20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2013.01.04 05:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2013.07.06 06:05:35 | 001,293,760 | ---- | M] (Microsoft Corporation) MD5=4E8B9BE71B807B3BAEDB7F4243F85E3C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_b52f2f65c4a146e5\tcpip.sys
[2013.07.06 05:57:37 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=528F7CC60391DD0FAB0344F32F051FDF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_b5721e2eddf328f9\tcpip.sys
[2012.03.30 11:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2013.05.08 07:15:22 | 001,309,032 | ---- | M] (Microsoft Corporation) MD5=6088D01FAD49729EA0A5A3D9B9BA8B84 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_b5b3fe00ddc19aaa\tcpip.sys
[2013.09.07 03:06:48 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=6C4F3D92764FFA22D28061A4D9235446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys
[2011.04.25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013.01.03 06:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2012.03.30 11:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011.04.25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012.03.30 10:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2012.08.22 18:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2013.01.04 05:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
[2013.09.08 03:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\System32\drivers\tcpip.sys
[2013.09.08 03:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2013.05.08 06:38:00 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=D32FDAC73FCD76B85389C39BC1087F2A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_b508ef41c4bd3835\tcpip.sys
[2012.10.03 17:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2013.11.26 12:07:37 | 001,309,632 | ---- | M] (Microsoft Corporation) MD5=DC08335B30D83FB61E9EFE6FDD09D40D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_b5a530b8ddcd4b8d\tcpip.sys
[2012.10.03 17:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2012.03.30 11:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\System32\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
< >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jaryn01\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,31 Gb Available Physical Memory | 76,93% Memory free
6,00 Gb Paging File | 5,34 Gb Available in Paging File | 89,01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,79 Gb Total Space | 152,62 Gb Free Space | 65,56% Space Free | Partition Type: NTFS
Drive E: | 596,16 Gb Total Space | 139,74 Gb Free Space | 23,44% Space Free | Partition Type: NTFS
Computer Name: JARYN01-PC | User Name: Jaryn01 | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014.02.20 13:26:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jaryn01\Desktop\OTL.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2013.09.05 00:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
========== Services (SafeList) ==========
SRV - [2014.02.06 10:47:18 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014.02.04 10:28:20 | 001,527,600 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\dmwu.exe -- (IBUpdaterService)
SRV - [2013.12.21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.12.19 00:41:02 | 030,814,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2013.10.27 09:12:58 | 001,364,256 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.10.23 03:02:32 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013.10.09 08:49:12 | 000,356,128 | ---- | M] (Kaspersky Lab ZAO) [Auto | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -- (AVP)
SRV - [2013.09.19 19:13:26 | 001,377,072 | ---- | M] (O&O Software GmbH) [Auto | Stopped] -- C:\Program Files\OO Software\Defrag\oodag.exe -- (OODefragAgent)
SRV - [2013.07.25 07:52:52 | 000,162,672 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.05.27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012.12.13 12:07:30 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012.12.12 18:34:49 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011.01.10 13:49:20 | 000,014,848 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Dokan\DokanLibrary\mounter.exe -- (DokanMounter)
SRV - [2010.12.08 15:59:20 | 000,705,864 | ---- | M] (O&O Software GmbH) [Auto | Stopped] -- C:\Program Files\OO Software\CleverCache\ooccag.exe -- (OOCleverCache)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - [2013.12.10 09:42:09 | 000,135,776 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (kl1)
DRV - [2013.12.10 09:42:09 | 000,025,696 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2013.11.28 01:24:18 | 000,108,000 | ---- | M] (Tonec Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\idmwfp.sys -- (IDMWFP)
DRV - [2013.10.27 09:13:14 | 010,410,272 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013.10.09 08:50:24 | 000,595,552 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Stopped] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2013.10.09 08:50:24 | 000,025,696 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2013.10.09 08:50:24 | 000,025,696 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\klkbdflt.sys -- (klkbdflt)
DRV - [2013.09.17 21:23:16 | 000,161,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2013.06.18 12:34:03 | 000,044,000 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kltdi.sys -- (kltdi)
DRV - [2013.05.14 19:09:33 | 000,145,040 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\kneps.sys -- (kneps)
DRV - [2013.01.25 18:51:12 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012.08.23 15:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012.08.23 15:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2011.01.10 13:49:28 | 000,095,744 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\dokan.sys -- (Dokan)
DRV - [2010.11.20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.07.13 23:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009.05.13 19:11:34 | 000,006,504 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2007.12.17 17:14:06 | 000,012,400 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\System32\drivers\AsIO.sys -- (AsIO)
DRV - [2007.06.29 14:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2007.03.18 18:06:32 | 000,475,136 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vvftav303.sys -- (vvftav303)
DRV - [2007.03.16 16:24:50 | 001,474,560 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbVM303.sys -- (ZSMC0303)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4286924774-1133248727-1479155232-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/?gws_rd=cr&ei=IyT ... swaI5YHYBw
IE - HKU\S-1-5-21-4286924774-1133248727-1479155232-1000\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
IE - HKU\S-1-5-21-4286924774-1133248727-1479155232-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-4286924774-1133248727-1479155232-1000\..\SearchScopes\{3A502007-BB5A-4306-BAB6-D7B7E01591EA}: "URL" = http://search.conduit.com/ResultsExt.as ... 0511380318
IE - HKU\S-1-5-21-4286924774-1133248727-1479155232-1000\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/?a=6PQXU8 ... earchTerms}
IE - HKU\S-1-5-21-4286924774-1133248727-1479155232-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://mysearch.sweetpacks.com?src=6&q= ... id=&&st=23
IE - HKU\S-1-5-21-4286924774-1133248727-1479155232-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4286924774-1133248727-1479155232-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013.12.10 09:42:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013.12.10 09:42:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013.12.10 09:42:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013.12.10 09:42:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013.12.10 09:42:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ext@WebexpEnhancedV1alpha131.net: C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131\ff [2013.12.20 16:08:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ext@VideoPlayerV3beta368.net: C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368\ff [2014.01.10 08:40:15 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Jaryn01\AppData\Roaming\IDM\idmmzcc5 [2014.02.14 09:24:32 | 000,000,000 | ---D | M]
[2013.01.25 18:52:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\PROGRAM FILES\BETTERSURF\BETTERSURFPLUS\FF
[2014.01.10 08:40:15 | 000,000,000 | ---D | M] (Video Player) -- C:\PROGRAM FILES\VIDEOPLAYERV3\VIDEOPLAYERV3BETA368\FF
[2013.12.20 16:08:34 | 000,000,000 | ---D | M] (Webexp Enhanced) -- C:\PROGRAM FILES\WEBEXPENHANCEDV1\WEBEXPENHANCEDV1ALPHA131\FF
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - Extension: Disk Google = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Turn Off the Lights = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.3.0.5_0\
CHR - Extension: Turn Off the Lights = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.3.0.6_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Email = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig\1.3.13_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Slovn\u00EDk = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.2.13_0\
CHR - Extension: YouTube = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Webexp Enhanced = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmnkenagnfhbblioaglgannoeaaiogen\1.1_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Kaspersky URL Advisor = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0\
CHR - Extension: Video Player = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoohldkepopbhnbippphapjfhfncicj\1.1_0\
CHR - Extension: Safe Money = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0\
CHR - Extension: Content Blocker = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_0\
CHR - Extension: Virtu\u00E1ln\u00ED kl\u00E1vesnice = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4292_0\
CHR - Extension: IDM Integration Module = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.19.1_0\
CHR - Extension: Star Gazer = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\mblmlcbknbnfebdfjnolmcapmdofhmme\1.1_0\
CHR - Extension: Roz\u0161\u00ED\u0159en\u00ED Odb\u011Bry RSS (od Googlu) = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd\2.2.3_0\
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.5.14_0\
CHR - Extension: Gmail = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Anti-Banner = C:\Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0\
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [BigDog303] C:\Windows\VM303_STI.EXE (Vimicro)
O4 - HKLM..\Run: [ooccctrl.exe] C:\Program Files\OO Software\CleverCache\ooccctrl.exe (O&O Software GmbH)
O4 - HKLM..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe (O&O Software GmbH)
O4 - HKLM..\Run: [VMSnap3] C:\Windows\VMSnap3.exe (Vimicro)
O4 - HKU\S-1-5-21-4286924774-1133248727-1479155232-1000..\Run: [Google+ Auto Backup] C:\Users\Jaryn01\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe (Google Inc.)
O4 - HKU\S-1-5-21-4286924774-1133248727-1479155232-1000..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-4286924774-1133248727-1479155232-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O9 - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O13 - gopher Prefix: missing
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab (asusTek_sysctrl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4232D4D9-8F6E-45AE-963C-1AFDCEC76D98}: NameServer = 192.168.38.1,10.10.10.10
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1cc9e528-4b4b-11e2-b4a6-0017318739ae}\Shell - "" = AutoRun
O33 - MountPoints2\{1cc9e528-4b4b-11e2-b4a6-0017318739ae}\Shell\AutoRun\command - "" = G:\iStudio.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1084
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.bdmpeg - C:\Windows\System32\bdmpega.acm ()
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.mjpg - C:\Windows\System32\bdmjpeg.dll ()
Drivers32: vidc.mpeg - C:\Windows\System32\bdmpegv.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014.02.20 13:26:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jaryn01\Desktop\OTL.exe
[2014.02.20 01:50:16 | 000,000,000 | ---D | C] -- C:\Users\Jaryn01\Desktop\Nová složka
[2014.02.19 19:29:55 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.02.19 19:29:55 | 000,000,000 | ---D | C] -- C:\rsit
[2014.02.15 08:41:14 | 000,000,000 | ---D | C] -- C:\Users\Jaryn01\Desktop\mluvené slovo
[2014.02.14 09:24:17 | 000,000,000 | ---D | C] -- C:\Users\Jaryn01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2014.02.14 09:24:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2014.02.14 08:51:40 | 000,000,000 | ---D | C] -- C:\ProgramData\IDM
[2014.02.14 03:15:23 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014.02.14 03:15:23 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014.02.14 03:15:23 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014.02.14 03:15:22 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014.02.14 03:15:22 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014.02.14 03:15:22 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014.02.14 03:15:22 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014.02.14 03:15:22 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014.02.14 03:15:21 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014.02.14 03:15:21 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014.02.14 03:15:21 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014.02.14 03:15:21 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014.02.14 03:15:20 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014.02.14 03:15:19 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014.02.14 03:15:17 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014.02.14 03:15:15 | 004,244,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014.02.13 13:08:18 | 000,000,000 | ---D | C] -- C:\Program Files\Defense Grid - The Awakening
[2014.02.13 12:29:33 | 000,000,000 | ---D | C] -- C:\ProgramData\RELOADED
[2014.02.13 12:25:54 | 000,000,000 | ---D | C] -- C:\Users\Jaryn01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Defense Grid - The Awakening
[2014.02.13 07:47:50 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2014.02.13 05:17:48 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2014.02.13 05:17:48 | 001,987,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2014.02.13 05:17:05 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2014.02.13 05:17:05 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2014.02.13 05:17:05 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2014.02.13 05:17:05 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2014.02.13 05:17:05 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2014.02.13 05:17:05 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2014.02.13 05:17:05 | 000,390,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2014.02.13 05:17:05 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2014.02.13 05:17:05 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2014.02.05 13:44:15 | 000,108,000 | ---- | C] (Tonec Inc.) -- C:\Windows\System32\drivers\idmwfp.sys
[2014.01.26 10:13:57 | 000,000,000 | ---D | C] -- C:\Users\Jaryn01\Documents\Add-in Express
[2014.01.26 10:08:45 | 000,000,000 | ---D | C] -- C:\FFOutput
[2014.01.26 10:08:17 | 000,000,000 | ---D | C] -- C:\Users\Jaryn01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
[2014.01.26 10:08:03 | 000,000,000 | ---D | C] -- C:\Program Files\FreeTime
[2014.01.24 09:58:37 | 000,000,000 | ---D | C] -- C:\Users\Jaryn01\AppData\Roaming\BANDISOFT
[2014.01.24 09:58:26 | 000,000,000 | ---D | C] -- C:\Users\Jaryn01\Documents\Bandicam
[2014.01.24 09:55:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam
[2014.01.24 09:55:42 | 000,000,000 | ---D | C] -- C:\Program Files\Bandicam
[2014.01.24 09:55:41 | 000,000,000 | ---D | C] -- C:\Program Files\BandiMPEG1
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014.02.20 13:48:18 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.02.20 13:44:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.02.20 13:44:24 | 2414,731,264 | -HS- | M] () -- C:\hiberfil.sys
[2014.02.20 13:33:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.02.20 13:30:04 | 000,020,880 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.02.20 13:30:04 | 000,020,880 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.02.20 13:26:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jaryn01\Desktop\OTL.exe
[2014.02.20 13:24:32 | 000,000,364 | ---- | M] () -- C:\Windows\tasks\AmiUpdXp.job
[2014.02.20 13:24:31 | 000,000,938 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.02.19 19:29:37 | 000,781,383 | ---- | M] () -- C:\Users\Jaryn01\Desktop\RSIT.exe
[2014.02.19 08:26:24 | 000,646,714 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2014.02.19 08:26:24 | 000,623,012 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014.02.19 08:26:24 | 000,127,122 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2014.02.19 08:26:24 | 000,111,140 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014.02.13 13:08:21 | 000,001,124 | ---- | M] () -- C:\Users\Jaryn01\Desktop\Defense Grid - The Awakening.lnk
[2014.02.06 11:20:26 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014.02.06 11:19:55 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014.02.06 11:01:36 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014.02.06 11:00:46 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014.02.06 10:52:56 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014.02.06 10:52:21 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014.02.06 10:49:22 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014.02.06 10:47:22 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014.02.06 10:47:18 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014.02.06 10:46:27 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014.02.06 10:34:32 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014.02.06 10:25:43 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014.02.06 10:25:36 | 004,244,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014.02.06 10:13:13 | 000,524,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014.02.06 10:09:30 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014.02.06 09:34:31 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014.02.04 10:28:20 | 001,527,600 | ---- | M] () -- C:\Windows\System32\dmwu.exe
[2014.02.04 10:22:40 | 000,027,136 | ---- | M] (IncrediMail, Ltd.) -- C:\Windows\System32\ImHttpComm.dll
[2014.02.04 09:39:38 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr80.dll
[2014.02.04 09:39:38 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp80.dll
[2014.02.04 09:39:38 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcm80.dll
[2014.01.26 10:08:17 | 000,001,196 | ---- | M] () -- C:\Users\Jaryn01\Desktop\FormatFactory.lnk
[2014.01.24 09:55:46 | 000,000,950 | ---- | M] () -- C:\Users\Jaryn01\Desktop\Bandicam.lnk
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014.02.20 12:26:46 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.02.19 19:29:34 | 000,781,383 | ---- | C] () -- C:\Users\Jaryn01\Desktop\RSIT.exe
[2014.02.13 13:08:21 | 000,001,124 | ---- | C] () -- C:\Users\Jaryn01\Desktop\Defense Grid - The Awakening.lnk
[2014.01.26 10:08:17 | 000,001,196 | ---- | C] () -- C:\Users\Jaryn01\Desktop\FormatFactory.lnk
[2014.01.24 09:55:46 | 000,000,950 | ---- | C] () -- C:\Users\Jaryn01\Desktop\Bandicam.lnk
[2013.09.05 10:20:09 | 000,006,144 | ---- | C] () -- C:\Users\Jaryn01\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.08.05 07:15:08 | 000,066,104 | ---- | C] () -- C:\Windows\System32\bdmpegv.dll
[2013.08.05 07:15:06 | 000,023,080 | ---- | C] () -- C:\Windows\System32\bdmjpeg.dll
[2013.07.08 13:01:48 | 000,000,075 | ---- | C] () -- C:\Windows\winDecrypt.INI
[2013.03.22 18:58:12 | 000,126,976 | ---- | C] () -- C:\Windows\System32\vmcoinst_zc0301plh.dll
[2013.03.22 18:57:32 | 000,122,880 | ---- | C] () -- C:\Windows\rm303b.exe
[2013.03.22 18:57:32 | 000,049,152 | ---- | C] () -- C:\Windows\Domino.exe
[2013.03.22 15:55:13 | 000,122,880 | ---- | C] () -- C:\Windows\VMPipe.dll
[2013.03.22 15:55:13 | 000,024,576 | ---- | C] () -- C:\Windows\RunSetup.dll
[2013.03.08 14:23:29 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2013.02.02 17:00:25 | 000,007,609 | ---- | C] () -- C:\Users\Jaryn01\AppData\Local\Resmon.ResmonCfg
[2013.01.25 18:52:39 | 001,527,600 | ---- | C] () -- C:\Windows\System32\dmwu.exe
[2013.01.13 17:29:30 | 000,024,576 | ---- | C] () -- C:\Windows\System32\AsIO.dll
[2013.01.13 17:29:30 | 000,012,400 | ---- | C] () -- C:\Windows\System32\drivers\AsIO.sys
[2013.01.13 17:29:01 | 000,006,504 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2012.12.13 14:12:36 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2012.12.13 14:11:41 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012.12.13 11:23:56 | 003,426,956 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
[2012.12.12 19:53:15 | 000,000,717 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
========== ZeroAccess Check ==========
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2014.01.24 09:58:37 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\BANDISOFT
[2014.02.10 20:47:54 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\BSplayer
[2013.02.24 12:17:45 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\BSplayer Pro
[2013.08.27 11:21:50 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\com.webkinesis.PicasaUploaderDesktop
[2013.01.27 07:13:16 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\DAEMON Tools Lite
[2014.02.20 13:25:37 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\DMCache
[2013.02.02 17:11:55 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\Downloaded Installations
[2013.03.22 18:31:05 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\GetRightToGo
[2013.07.10 10:47:52 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\GHISLER
[2014.02.14 09:24:32 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\IDM
[2013.09.23 08:20:45 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\Seznam.cz
[2013.02.07 10:34:44 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\TestApp
[2014.02.18 09:49:17 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\TS3Client
[2012.12.14 00:38:40 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\Wargaming.net
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 05:53:46 | 000,032,580 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2012.12.12 20:55:17 | 000,000,938 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.02.18 17:09:16 | 000,000,940 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.11.24 19:50:53 | 000,000,364 | ---- | C] () -- C:\Windows\Tasks\AmiUpdXp.job
< >
< MD5 for: AGP440.SYS >
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2012.06.02 05:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2013.05.10 05:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013.05.13 05:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013.07.09 14:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013.07.09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\System32\cryptsvc.dll
[2013.07.09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2012.06.02 05:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013.05.11 05:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2013.05.10 06:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2012.06.02 05:41:59 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=EA8C26ECF1656D9647EF044F115EC6DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll
[2013.10.05 02:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll
[2012.06.02 05:45:21 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=F2FDE6C8DBAAD44CC58D1E07E4AF4EED -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
< MD5 for: IASTORV.SYS >
[2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 06:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 06:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\drivers\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\isapnp.sys
< MD5 for: LSASS.EXE >
[2011.11.17 08:09:25 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=05F38CB7CAB3CE8E9A1812D517DA93EF -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_a69c8e86d7476262\lsass.exe
[2013.09.25 01:54:21 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=559C7769B397F07E12725EE55337D4C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22465_none_a8a66792d452b56a\lsass.exe
[2012.08.24 17:53:44 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=7ABC23F3D86880AD62ACEDC7479608F8 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_a889f15ed46779fd\lsass.exe
[2013.09.25 01:49:20 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=803B370865D907EA21DC0C2B6A8936B5 -- C:\Windows\System32\lsass.exe
[2013.09.25 01:49:20 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=803B370865D907EA21DC0C2B6A8936B5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18270_none_a80cf783bb41b5b7\lsass.exe
[2011.11.17 06:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\lsass.exe
[2011.11.17 06:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_a828bb43bb2beb28\lsass.exe
[2011.11.17 06:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_a82d8b59bb293454\lsass.exe
[2012.06.02 05:40:31 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=A6034689ACF9D14973F8384AD5A5451E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_a6eb42a4d70be51e\lsass.exe
[2011.11.17 06:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_a66c9bbdbde5f8fa\lsass.exe
[2011.11.17 06:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_a656d407bdf6641e\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe
[2012.06.02 05:51:22 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FA7B950E4CA6AA260C4EABA19E03644D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_a8d76e24d42eb666\lsass.exe
[2011.11.17 06:24:04 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FBCB2DFA40862DAA7B1534C9538208A5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\lsass.exe
< MD5 for: NDIS.SYS >
[2012.08.22 18:05:16 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=15B74B6283CEBCCE3054C1001CA01B5E -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_aa0491cf93ad1c31\ndis.sys
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys
[2012.08.22 18:16:46 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=8C9C922D71F1CD4DEF73F186416B7896 -- C:\Windows\System32\drivers\ndis.sys
[2012.08.22 18:16:46 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=8C9C922D71F1CD4DEF73F186416B7896 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_a9bdfee47a5cd154\ndis.sys
[2010.11.20 13:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys
< MD5 for: NETLOGON.DLL >
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
< MD5 for: NVRAID.SYS >
[2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvraid.sys
[2010.11.20 13:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 13:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvraid.sys
[2011.03.11 06:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\System32\drivers\nvraid.sys
[2011.03.11 06:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 06:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvraid.sys
[2011.03.11 06:28:10 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=E3B840350A72CA6F39BD2BEF85A2BCFB -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvraid.sys
[2011.03.11 06:44:01 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=F1B0BED906F97E16F6D0C3629D2F21C6 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvraid.sys
[2011.03.11 06:52:25 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=FCD5C3542A85EEBA7D0833B7E5086C10 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 06:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 06:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: SMSS.EXE >
[2013.03.19 03:43:41 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=0294CC751D7FAEB13621EEFB8A749429 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_ae7bdfb790cddbcf\smss.exe
[2009.07.14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe
[2013.03.19 03:51:05 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=37F4765554F2CD34AAAB616F696E5539 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.21490_none_ac8ab2c593af8bd4\smss.exe
[2013.07.08 04:02:28 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=634E0B45780F502304592C5615A31089 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22379_none_ae8fb42390bda114\smss.exe
[2013.03.19 03:50:03 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=B24BF638652522BB5E14AB7993FD4A5D -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.17273_none_ac19b4ca7a7f0306\smss.exe
[2013.08.29 01:51:28 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=D2A72C71CD6C18A99E920EC5761F0C7D -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_aeb7f4db909fe272\smss.exe
[2013.03.19 03:49:16 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=DE91DCC7BC55E940979097E98F743205 -- C:\Windows\System32\smss.exe
[2013.03.19 03:49:16 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=DE91DCC7BC55E940979097E98F743205 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_ae40f33e7774c473\smss.exe
[2013.05.06 04:02:20 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=EC745C0949B101129AB6D39CD63808A6 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22318_none_aecf9361908de017\smss.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2012.08.22 18:05:21 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2011.04.25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013.01.03 06:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2010.11.20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2013.01.04 05:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2013.07.06 06:05:35 | 001,293,760 | ---- | M] (Microsoft Corporation) MD5=4E8B9BE71B807B3BAEDB7F4243F85E3C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_b52f2f65c4a146e5\tcpip.sys
[2013.07.06 05:57:37 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=528F7CC60391DD0FAB0344F32F051FDF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_b5721e2eddf328f9\tcpip.sys
[2012.03.30 11:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2013.05.08 07:15:22 | 001,309,032 | ---- | M] (Microsoft Corporation) MD5=6088D01FAD49729EA0A5A3D9B9BA8B84 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_b5b3fe00ddc19aaa\tcpip.sys
[2013.09.07 03:06:48 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=6C4F3D92764FFA22D28061A4D9235446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys
[2011.04.25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013.01.03 06:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2012.03.30 11:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011.04.25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012.03.30 10:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2012.08.22 18:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2013.01.04 05:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
[2013.09.08 03:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\System32\drivers\tcpip.sys
[2013.09.08 03:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2013.05.08 06:38:00 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=D32FDAC73FCD76B85389C39BC1087F2A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_b508ef41c4bd3835\tcpip.sys
[2012.10.03 17:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2013.11.26 12:07:37 | 001,309,632 | ---- | M] (Microsoft Corporation) MD5=DC08335B30D83FB61E9EFE6FDD09D40D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_b5a530b8ddcd4b8d\tcpip.sys
[2012.10.03 17:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2012.03.30 11:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\System32\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
< >
-
vrbickyjaroslav
- Návštěvník
- Příspěvky: 33
- Registrován: 07 led 2007 20:51
Re: Preventivní kontrola
< %systemroot%*.* /U /s >
[10 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\3ff9393c9eae2c240878d0ad6a2f54a2\*.tmp files -> C:\Windows\SoftwareDistribution\Download\3ff9393c9eae2c240878d0ad6a2f54a2\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2013.08.27 11:20:43 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\Adobe
[2013.09.19 07:05:10 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\Apple Computer
[2014.01.24 09:58:37 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\BANDISOFT
[2014.02.10 20:47:54 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\BSplayer
[2013.02.24 12:17:45 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\BSplayer Pro
[2013.08.27 11:21:50 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\com.webkinesis.PicasaUploaderDesktop
[2013.01.27 07:13:16 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\DAEMON Tools Lite
[2014.02.20 13:25:37 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\DMCache
[2013.02.02 17:11:55 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\Downloaded Installations
[2013.03.22 18:31:05 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\GetRightToGo
[2013.07.10 10:47:52 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\GHISLER
[2012.12.12 17:15:53 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\Identities
[2014.02.14 09:24:32 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\IDM
[2013.03.22 18:57:00 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\InstallShield
[2012.12.12 18:34:54 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\Macromedia
[2009.07.14 10:20:06 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\Media Center Programs
[2014.01.15 19:36:31 | 000,000,000 | --SD | M] -- C:\Users\Jaryn01\AppData\Roaming\Microsoft
[2012.12.13 14:41:58 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\NVIDIA
[2013.09.23 08:20:45 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\Seznam.cz
[2013.09.16 16:32:02 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\Skype
[2013.02.07 10:34:44 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\TestApp
[2014.02.18 09:49:17 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\TS3Client
[2012.12.14 00:38:40 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\Wargaming.net
[2012.12.12 21:10:24 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Users\Jaryn01\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Users\Jaryn01\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Users\Jaryn01\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe
[2012.10.11 09:01:20 | 001,175,371 | ---- | M] () -- C:\Users\Jaryn01\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2010.08.14 10:42:54 | 000,113,152 | ---- | M] () -- C:\Users\Jaryn01\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 10:45:10 | 000,358,400 | ---- | M] () -- C:\Users\Jaryn01\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 10:42:06 | 000,137,728 | ---- | M] () -- C:\Users\Jaryn01\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 15:30:22 | 000,042,305 | ---- | M] () -- C:\Users\Jaryn01\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2014.02.14 08:51:26 | 005,878,032 | ---- | M] (Tonec Inc.) -- C:\Users\Jaryn01\AppData\Roaming\IDM\idmupdt.exe
[2013.09.19 17:50:55 | 000,010,134 | R--- | M] () -- C:\Users\Jaryn01\AppData\Roaming\Microsoft\Installer\{6AE22174-4FFA-4572-B692-31F0C386ED38}\ARPPRODUCTICON.exe
[2014.01.17 15:27:19 | 000,071,894 | R--- | M] () -- C:\Users\Jaryn01\AppData\Roaming\Microsoft\Installer\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}\GPUploader.exe
[2013.05.16 14:25:04 | 001,062,472 | ---- | M] () -- C:\Users\Jaryn01\AppData\Roaming\Seznam.cz\szninstall.exe
[2013.05.16 14:26:24 | 002,589,256 | ---- | M] () -- C:\Users\Jaryn01\AppData\Roaming\Seznam.cz\sznsetup.exe
[2013.04.29 11:53:34 | 000,045,560 | ---- | M] () -- C:\Users\Jaryn01\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
[2013.04.12 09:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Jaryn01\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2013.04.12 09:10:22 | 000,092,664 | ---- | M] () -- C:\Users\Jaryn01\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
[2013.04.16 12:52:34 | 000,055,808 | ---- | M] () -- C:\Users\Jaryn01\AppData\Roaming\Seznam.cz\data\ffinstall\ffkill.exe
[2011.12.19 10:04:28 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Users\Jaryn01\AppData\Roaming\Seznam.cz\data\ffinstall\reg.exe
[2013.04.16 12:52:36 | 000,077,824 | ---- | M] () -- C:\Users\Jaryn01\AppData\Roaming\Seznam.cz\data\ffinstall\regctrl.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2014.02.20 13:30:04 | 000,020,880 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.02.20 13:30:04 | 000,020,880 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.02.19 08:26:24 | 000,127,122 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2014.02.19 08:26:24 | 000,111,140 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2014.02.19 08:26:24 | 000,646,714 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2014.02.19 08:26:24 | 000,623,012 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2014.02.19 08:26:24 | 001,503,636 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Google+ Auto Backup" = "C:\Users\Jaryn01\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart -- [2014.01.06 10:59:50 | 003,619,096 | ---- | M] (Google Inc.)
"IDMan" = C:\Program Files\Internet Download Manager\IDMan.exe /onboot -- [2014.02.05 13:37:28 | 003,825,232 | ---- | M] (Tonec Inc.)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.02.20 13:48:18 | 000,000,512 | ---- | M] () MD5=A71C291872070DDAE6BDEF30A734A673 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2014.02.05 20:18:41 | 000,213,184 | ---- | M] () -- \Games\World_of_Tanks\res\audio\objects_ice_crack.fsb
< *keygen* /s >
< *AntiWPA* /s >
< *loader* /s >
[2010.12.31 23:00:00 | 000,000,856 | ---- | M] () -- \$Recycle.Bin\S-1-5-21-4286924774-1133248727-1479155232-1000\$RDZ5ZFA.11\gui\maps\icons\library\YasenKrasen\loaderDestroyedSmall.png
[2013.07.16 04:40:06 | 000,071,208 | ---- | M] () -- \Games\World_of_Tanks\PhysXLoader.dll
[2014.02.05 20:18:41 | 000,001,508 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\eulaversionloader.pyc
[2014.02.05 20:18:41 | 000,002,209 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\graphicspresetsloader.pyc
[2014.02.05 20:18:41 | 000,007,130 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\guicolorsloader.pyc
[2014.02.05 20:18:41 | 000,003,955 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\guisoundsloader.pyc
[2014.02.05 20:18:41 | 000,006,579 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\logindataloader.pyc
[2014.02.05 20:18:41 | 000,002,753 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\windowsstoreddataloader.pyc
[2014.02.05 20:18:41 | 000,001,502 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\scaleform\framework\entities\abstract\loadermanagermeta.pyc
[2014.02.05 20:18:41 | 000,006,582 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\scaleform\framework\managers\loaders.pyc
[2014.02.05 20:18:41 | 000,003,649 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\helpers\rssdownloader.pyc
[2014.02.05 20:18:41 | 000,006,995 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\tutorial\loader.pyc
[2014.02.05 20:18:41 | 000,011,286 | ---- | M] () -- \Games\World_of_Tanks\res_bw\scripts\common\lib\unittest\loader.pyc
[2010.12.31 23:00:00 | 000,000,856 | ---- | M] () -- \Games\World_of_Tanks\res_mods\0.8.11\gui\maps\icons\library\YasenKrasen\loaderDestroyedSmall.png
[2013.03.09 07:17:04 | 000,268,440 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2013.03.09 07:17:04 | 000,019,080 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2014.01.06 19:47:02 | 000,000,702 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_advoptions.fen
[2014.01.06 19:47:02 | 000,000,790 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_debug.fen
[2014.01.06 19:47:02 | 000,000,723 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_download.fen
[2014.01.06 19:47:02 | 000,000,694 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_file_errors.fen
[2013.02.09 02:39:28 | 000,000,934 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_main.fen
[2014.01.06 19:47:04 | 000,000,634 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_manage_devices.fen
[2014.01.06 19:47:04 | 000,002,283 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_onboard.fen
[2014.01.06 19:47:04 | 000,001,417 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_options.fen
[2014.01.06 19:47:04 | 000,001,330 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_pinwheel_72.png
[2014.01.06 19:47:04 | 000,002,541 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_pinwheel_72x2.png
[2014.01.06 19:47:04 | 000,002,109 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_prefs.fen
[2014.01.06 19:47:04 | 000,000,956 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_quota_error1.fen
[2014.01.06 19:47:04 | 000,001,080 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_quota_error2.fen
[2014.01.06 19:47:04 | 000,001,139 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_quota_error_estimate.fen
[2014.01.06 19:47:04 | 000,002,181 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_welcome.fen
[2012.08.17 20:39:22 | 000,413,112 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\kas_loader.dll
[2013.10.09 08:49:10 | 000,369,344 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\prloader.dll
[2012.08.17 20:39:56 | 000,207,800 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\remote_eka_prague_loader.dll
[1 \Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\*.tmp files -> \Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\*.tmp -> ]
[2012.08.17 20:02:50 | 000,006,957 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\skin\resources\neutral\templates\images\safe_banking\preloader.gif
[2012.11.01 09:32:14 | 000,057,224 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2012.09.04 23:34:12 | 000,083,848 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013.04.23 15:35:56 | 000,031,516 | ---- | M] () -- \Program Files\Seznam.cz\distribution\install\cz.seznam.software.libfoxloader-3.1.2-win32.zip
[2013.02.20 16:28:38 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013.02.20 16:28:38 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013.02.20 16:28:38 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013.02.20 16:28:38 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013.02.20 16:28:38 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.02.20 16:28:38 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2014.01.06 10:52:30 | 003,244,032 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Programs\Google\Google+ Auto Backup\gpuploader_i18n.dll
[2014.01.06 10:47:04 | 000,000,702 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_advoptions.fen
[2014.01.06 10:47:04 | 000,000,790 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_debug.fen
[2014.01.06 10:47:04 | 000,000,723 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_download.fen
[2014.01.06 10:47:04 | 000,000,694 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_file_errors.fen
[2014.01.06 10:47:06 | 000,171,541 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_icons.psd
[2014.01.06 10:47:06 | 000,000,634 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_manage_devices.fen
[2014.01.06 10:47:06 | 000,002,283 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_onboard.fen
[2014.01.06 10:47:06 | 000,001,417 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_options.fen
[2014.01.06 10:47:06 | 000,002,109 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_prefs.fen
[2014.01.06 10:47:06 | 000,000,956 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_quota_error1.fen
[2014.01.06 10:47:06 | 000,001,080 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_quota_error2.fen
[2014.01.06 10:47:06 | 000,001,139 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_quota_error_estimate.fen
[2014.01.06 10:47:06 | 000,002,181 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_welcome.fen
[2014.01.17 15:27:19 | 000,071,894 | R--- | M] () -- \Users\Jaryn01\AppData\Roaming\Microsoft\Installer\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}\GPUploader.exe
[2013.04.15 12:32:10 | 000,060,416 | ---- | M] () -- \Users\Jaryn01\AppData\Roaming\Seznam.cz\bin\5826libfoxloader-x64.dll
[2013.03.29 12:37:34 | 000,059,384 | ---- | M] () -- \Users\Jaryn01\AppData\Roaming\Seznam.cz\bin\5826libfoxloader.dll
[2013.09.18 13:00:20 | 000,000,164 | ---- | M] () -- \Users\Jaryn01\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2013.04.23 15:35:56 | 000,031,516 | ---- | M] () -- \Users\Jaryn01\AppData\Roaming\Seznam.cz\install\cz.seznam.software.libfoxloader-3.1.2-win32.zip
[2013.03.25 15:27:20 | 000,000,665 | ---- | M] () -- \Users\Jaryn01\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.install.bat
[2013.03.25 15:27:26 | 000,000,117 | ---- | M] () -- \Users\Jaryn01\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.uninstall.bat
[2010.12.31 23:00:00 | 000,000,856 | ---- | M] () -- \Users\Jaryn01\Desktop\Nová složka\0.8.11\gui\maps\icons\library\YasenKrasen\loaderDestroyedSmall.png
[2010.12.31 23:00:00 | 000,000,856 | ---- | M] () -- \Users\Jaryn01\Desktop\WOT\zaměřovače\[8.9]Crabtr33_XVM_CZ_modpack_v1.04\[8.9]Crabtr33_XVM_CZ_modpack_v1.04\res_mods\0.8.9\gui\maps\icons\library\YasenKrasen\loaderDestroyedSmall.png
[2010.12.31 23:00:00 | 000,000,856 | ---- | M] () -- \Users\Jaryn01\Desktop\WOT\zaměřovače\8.10_Crabtr33_XVM_CZ_modpack_v0.81\8.10_Crabtr33_XVM_CZ_modpack_v0.81\res_mods\0.8.10\gui\maps\icons\library\YasenKrasen\loaderDestroyedSmall.png
[2010.12.31 23:00:00 | 000,000,856 | ---- | M] () -- \Users\Jaryn01\Desktop\WOT\zaměřovače\8.10_Crabtr33_XVM_CZ_modpack_v0.85\8.10_Crabtr33_XVM_CZ_modpack_v0.85\res_mods\0.8.10\gui\maps\icons\library\YasenKrasen\loaderDestroyedSmall.png
[2010.12.31 23:00:00 | 000,000,856 | ---- | M] () -- \Users\Jaryn01\Desktop\WOT\zaměřovače\8.10_Crabtr33_XVM_CZ_modpack_v1.06\8.10_Crabtr33_XVM_CZ_modpack_v1.06\res_mods\0.8.10\gui\maps\icons\library\YasenKrasen\loaderDestroyedSmall.png
[2010.12.31 23:00:00 | 000,000,856 | ---- | M] () -- \Users\Jaryn01\Desktop\WOT\zaměřovače\8.11_Crabtr33_XVM_CZ_modpack_v1.01\8.11_Crabtr33_XVM_CZ_modpack_v1.01\res_mods\0.8.11\gui\maps\icons\library\YasenKrasen\loaderDestroyedSmall.png
[2010.03.24 20:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2010.03.24 20:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013.10.24 12:21:48 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2013.07.08 12:04:40 | 000,009,622 | ---- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2012.12.13 20:29:24 | 000,003,530 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.07.14 09:43:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 09:43:57 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.07.14 09:43:57 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2012.12.13 19:14:28 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2012.12.13 19:14:28 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2012.12.13 19:14:28 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.14 09:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 08:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 08:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 05:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:45:38 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
< *minodlogin* /s >
< *tnod* /s >
[2013.04.19 00:38:22 | 000,000,389 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\Cleaner\esetnod32av4.ini
[2013.04.19 00:38:22 | 000,000,397 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\Cleaner\esetnod32av4_x64.ini
[2013.04.19 00:38:22 | 000,000,385 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\Cleaner\esetnod32smarts4.ini
[2013.04.19 00:38:22 | 000,000,420 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\Cleaner\esetnod32smarts4_424_x64sp.ini
[2013.04.19 00:38:22 | 000,000,395 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\Cleaner\esetnod32smarts4_x64.ini
< *AutoKMS* /s >
[2012.12.12 17:43:51 | 001,725,440 | ---- | M] () -- \Windows\AutoKMS\AutoKMS.exe
[2012.12.12 17:43:51 | 000,000,720 | ---- | M] () -- \Windows\AutoKMS\AutoKMS.ini
[2014.02.20 13:25:04 | 000,319,570 | ---- | M] () -- \Windows\AutoKMS\AutoKMS.log
[2014.02.20 13:25:04 | 000,003,486 | ---- | M] () -- \Windows\System32\Tasks\AutoKMS
< *activator* /s >
< *serial* /s >
[2014.02.05 20:18:41 | 000,003,170 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\shared\gui_items\serializers.pyc
[2013.09.13 00:53:56 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.dll
[2013.10.11 02:08:57 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.ni.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.11.25 23:21:06 | 000,003,072 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.serialycz.cz_0.localstorage
[2013.11.25 23:21:06 | 000,003,608 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.serialycz.cz_0.localstorage-journal
[2014.02.10 20:03:32 | 000,003,072 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.serialzone.cz_0.localstorage
[2014.02.10 20:03:32 | 000,003,608 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.serialzone.cz_0.localstorage-journal
[2014.01.22 03:56:12 | 000,000,112 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Google\Picasa2\cache\cacheindex_serial.pmp
[2009.07.14 09:43:23 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 02:55:26 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.02.14 03:04:51 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\553e7bfc9cac5e4feaa83d8ee1e187bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.14 03:09:36 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f177ea74036d5fdc6c6b9c967dc877cf\System.Runtime.Serialization.ni.dll
[2014.02.14 03:19:55 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\046c2851963b30d0e14194051c03de33\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.14 03:19:50 | 002,659,328 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\be0a1bb51a0d8fb41140c8111ed56d19\System.Runtime.Serialization.ni.dll
[2014.02.14 03:22:03 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\bc1a3b2de28e513e09fe7322c122144f\System.Xml.Serialization.ni.dll
[2010.03.18 13:16:28 | 001,026,936 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\System.Runtime.Serialization.dll.x86
[2012.12.13 13:55:44 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.02.14 03:13:49 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.12.13 13:55:44 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2014.02.14 03:13:47 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.02.14 03:13:55 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 05:06:54 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 02:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.14 09:43:17 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2009.07.14 09:43:30 | 000,009,728 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2009.07.13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009.07.13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2009.07.14 03:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 03:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2009.07.14 09:43:55 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 03:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010.11.20 05:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 18:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 18:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2009.07.14 09:42:43 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 20:04:43 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 20:02:24 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2009.07.14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010.11.20 05:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 18:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 18:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2009.07.14 02:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 02:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2009.07.14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010.11.20 05:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 18:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 18:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 09:43:23 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010.11.05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 11:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2009.07.14 09:43:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 02:55:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:50 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2009.07.13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2009.07.14 09:43:15 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c002c1170ca9a88f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_c233d4df09982c29\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.14 09:43:17 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.07.14 09:43:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009.07.14 09:43:30 | 000,009,728 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c48c78a9ad8ff996\serial.sys.mui
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009.07.13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >
[10 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\3ff9393c9eae2c240878d0ad6a2f54a2\*.tmp files -> C:\Windows\SoftwareDistribution\Download\3ff9393c9eae2c240878d0ad6a2f54a2\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2013.08.27 11:20:43 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\Adobe
[2013.09.19 07:05:10 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\Apple Computer
[2014.01.24 09:58:37 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\BANDISOFT
[2014.02.10 20:47:54 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\BSplayer
[2013.02.24 12:17:45 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\BSplayer Pro
[2013.08.27 11:21:50 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\com.webkinesis.PicasaUploaderDesktop
[2013.01.27 07:13:16 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\DAEMON Tools Lite
[2014.02.20 13:25:37 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\DMCache
[2013.02.02 17:11:55 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\Downloaded Installations
[2013.03.22 18:31:05 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\GetRightToGo
[2013.07.10 10:47:52 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\GHISLER
[2012.12.12 17:15:53 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\Identities
[2014.02.14 09:24:32 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\IDM
[2013.03.22 18:57:00 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\InstallShield
[2012.12.12 18:34:54 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\Macromedia
[2009.07.14 10:20:06 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\Media Center Programs
[2014.01.15 19:36:31 | 000,000,000 | --SD | M] -- C:\Users\Jaryn01\AppData\Roaming\Microsoft
[2012.12.13 14:41:58 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\NVIDIA
[2013.09.23 08:20:45 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\Seznam.cz
[2013.09.16 16:32:02 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\Skype
[2013.02.07 10:34:44 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\TestApp
[2014.02.18 09:49:17 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\TS3Client
[2012.12.14 00:38:40 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\Wargaming.net
[2012.12.12 21:10:24 | 000,000,000 | ---D | M] -- C:\Users\Jaryn01\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Users\Jaryn01\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Users\Jaryn01\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Users\Jaryn01\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe
[2012.10.11 09:01:20 | 001,175,371 | ---- | M] () -- C:\Users\Jaryn01\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2010.08.14 10:42:54 | 000,113,152 | ---- | M] () -- C:\Users\Jaryn01\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 10:45:10 | 000,358,400 | ---- | M] () -- C:\Users\Jaryn01\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 10:42:06 | 000,137,728 | ---- | M] () -- C:\Users\Jaryn01\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 15:30:22 | 000,042,305 | ---- | M] () -- C:\Users\Jaryn01\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2014.02.14 08:51:26 | 005,878,032 | ---- | M] (Tonec Inc.) -- C:\Users\Jaryn01\AppData\Roaming\IDM\idmupdt.exe
[2013.09.19 17:50:55 | 000,010,134 | R--- | M] () -- C:\Users\Jaryn01\AppData\Roaming\Microsoft\Installer\{6AE22174-4FFA-4572-B692-31F0C386ED38}\ARPPRODUCTICON.exe
[2014.01.17 15:27:19 | 000,071,894 | R--- | M] () -- C:\Users\Jaryn01\AppData\Roaming\Microsoft\Installer\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}\GPUploader.exe
[2013.05.16 14:25:04 | 001,062,472 | ---- | M] () -- C:\Users\Jaryn01\AppData\Roaming\Seznam.cz\szninstall.exe
[2013.05.16 14:26:24 | 002,589,256 | ---- | M] () -- C:\Users\Jaryn01\AppData\Roaming\Seznam.cz\sznsetup.exe
[2013.04.29 11:53:34 | 000,045,560 | ---- | M] () -- C:\Users\Jaryn01\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
[2013.04.12 09:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Jaryn01\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2013.04.12 09:10:22 | 000,092,664 | ---- | M] () -- C:\Users\Jaryn01\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
[2013.04.16 12:52:34 | 000,055,808 | ---- | M] () -- C:\Users\Jaryn01\AppData\Roaming\Seznam.cz\data\ffinstall\ffkill.exe
[2011.12.19 10:04:28 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Users\Jaryn01\AppData\Roaming\Seznam.cz\data\ffinstall\reg.exe
[2013.04.16 12:52:36 | 000,077,824 | ---- | M] () -- C:\Users\Jaryn01\AppData\Roaming\Seznam.cz\data\ffinstall\regctrl.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2014.02.20 13:30:04 | 000,020,880 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.02.20 13:30:04 | 000,020,880 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.02.19 08:26:24 | 000,127,122 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2014.02.19 08:26:24 | 000,111,140 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2014.02.19 08:26:24 | 000,646,714 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2014.02.19 08:26:24 | 000,623,012 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2014.02.19 08:26:24 | 001,503,636 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Google+ Auto Backup" = "C:\Users\Jaryn01\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart -- [2014.01.06 10:59:50 | 003,619,096 | ---- | M] (Google Inc.)
"IDMan" = C:\Program Files\Internet Download Manager\IDMan.exe /onboot -- [2014.02.05 13:37:28 | 003,825,232 | ---- | M] (Tonec Inc.)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.02.20 13:48:18 | 000,000,512 | ---- | M] () MD5=A71C291872070DDAE6BDEF30A734A673 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2014.02.05 20:18:41 | 000,213,184 | ---- | M] () -- \Games\World_of_Tanks\res\audio\objects_ice_crack.fsb
< *keygen* /s >
< *AntiWPA* /s >
< *loader* /s >
[2010.12.31 23:00:00 | 000,000,856 | ---- | M] () -- \$Recycle.Bin\S-1-5-21-4286924774-1133248727-1479155232-1000\$RDZ5ZFA.11\gui\maps\icons\library\YasenKrasen\loaderDestroyedSmall.png
[2013.07.16 04:40:06 | 000,071,208 | ---- | M] () -- \Games\World_of_Tanks\PhysXLoader.dll
[2014.02.05 20:18:41 | 000,001,508 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\eulaversionloader.pyc
[2014.02.05 20:18:41 | 000,002,209 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\graphicspresetsloader.pyc
[2014.02.05 20:18:41 | 000,007,130 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\guicolorsloader.pyc
[2014.02.05 20:18:41 | 000,003,955 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\guisoundsloader.pyc
[2014.02.05 20:18:41 | 000,006,579 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\logindataloader.pyc
[2014.02.05 20:18:41 | 000,002,753 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\windowsstoreddataloader.pyc
[2014.02.05 20:18:41 | 000,001,502 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\scaleform\framework\entities\abstract\loadermanagermeta.pyc
[2014.02.05 20:18:41 | 000,006,582 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\scaleform\framework\managers\loaders.pyc
[2014.02.05 20:18:41 | 000,003,649 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\helpers\rssdownloader.pyc
[2014.02.05 20:18:41 | 000,006,995 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\tutorial\loader.pyc
[2014.02.05 20:18:41 | 000,011,286 | ---- | M] () -- \Games\World_of_Tanks\res_bw\scripts\common\lib\unittest\loader.pyc
[2010.12.31 23:00:00 | 000,000,856 | ---- | M] () -- \Games\World_of_Tanks\res_mods\0.8.11\gui\maps\icons\library\YasenKrasen\loaderDestroyedSmall.png
[2013.03.09 07:17:04 | 000,268,440 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2013.03.09 07:17:04 | 000,019,080 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2014.01.06 19:47:02 | 000,000,702 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_advoptions.fen
[2014.01.06 19:47:02 | 000,000,790 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_debug.fen
[2014.01.06 19:47:02 | 000,000,723 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_download.fen
[2014.01.06 19:47:02 | 000,000,694 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_file_errors.fen
[2013.02.09 02:39:28 | 000,000,934 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_main.fen
[2014.01.06 19:47:04 | 000,000,634 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_manage_devices.fen
[2014.01.06 19:47:04 | 000,002,283 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_onboard.fen
[2014.01.06 19:47:04 | 000,001,417 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_options.fen
[2014.01.06 19:47:04 | 000,001,330 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_pinwheel_72.png
[2014.01.06 19:47:04 | 000,002,541 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_pinwheel_72x2.png
[2014.01.06 19:47:04 | 000,002,109 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_prefs.fen
[2014.01.06 19:47:04 | 000,000,956 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_quota_error1.fen
[2014.01.06 19:47:04 | 000,001,080 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_quota_error2.fen
[2014.01.06 19:47:04 | 000,001,139 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_quota_error_estimate.fen
[2014.01.06 19:47:04 | 000,002,181 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_welcome.fen
[2012.08.17 20:39:22 | 000,413,112 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\kas_loader.dll
[2013.10.09 08:49:10 | 000,369,344 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\prloader.dll
[2012.08.17 20:39:56 | 000,207,800 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\remote_eka_prague_loader.dll
[1 \Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\*.tmp files -> \Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\*.tmp -> ]
[2012.08.17 20:02:50 | 000,006,957 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\skin\resources\neutral\templates\images\safe_banking\preloader.gif
[2012.11.01 09:32:14 | 000,057,224 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2012.09.04 23:34:12 | 000,083,848 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013.04.23 15:35:56 | 000,031,516 | ---- | M] () -- \Program Files\Seznam.cz\distribution\install\cz.seznam.software.libfoxloader-3.1.2-win32.zip
[2013.02.20 16:28:38 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013.02.20 16:28:38 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013.02.20 16:28:38 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013.02.20 16:28:38 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013.02.20 16:28:38 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.02.20 16:28:38 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2014.01.06 10:52:30 | 003,244,032 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Programs\Google\Google+ Auto Backup\gpuploader_i18n.dll
[2014.01.06 10:47:04 | 000,000,702 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_advoptions.fen
[2014.01.06 10:47:04 | 000,000,790 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_debug.fen
[2014.01.06 10:47:04 | 000,000,723 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_download.fen
[2014.01.06 10:47:04 | 000,000,694 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_file_errors.fen
[2014.01.06 10:47:06 | 000,171,541 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_icons.psd
[2014.01.06 10:47:06 | 000,000,634 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_manage_devices.fen
[2014.01.06 10:47:06 | 000,002,283 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_onboard.fen
[2014.01.06 10:47:06 | 000,001,417 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_options.fen
[2014.01.06 10:47:06 | 000,002,109 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_prefs.fen
[2014.01.06 10:47:06 | 000,000,956 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_quota_error1.fen
[2014.01.06 10:47:06 | 000,001,080 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_quota_error2.fen
[2014.01.06 10:47:06 | 000,001,139 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_quota_error_estimate.fen
[2014.01.06 10:47:06 | 000,002,181 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_welcome.fen
[2014.01.17 15:27:19 | 000,071,894 | R--- | M] () -- \Users\Jaryn01\AppData\Roaming\Microsoft\Installer\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}\GPUploader.exe
[2013.04.15 12:32:10 | 000,060,416 | ---- | M] () -- \Users\Jaryn01\AppData\Roaming\Seznam.cz\bin\5826libfoxloader-x64.dll
[2013.03.29 12:37:34 | 000,059,384 | ---- | M] () -- \Users\Jaryn01\AppData\Roaming\Seznam.cz\bin\5826libfoxloader.dll
[2013.09.18 13:00:20 | 000,000,164 | ---- | M] () -- \Users\Jaryn01\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2013.04.23 15:35:56 | 000,031,516 | ---- | M] () -- \Users\Jaryn01\AppData\Roaming\Seznam.cz\install\cz.seznam.software.libfoxloader-3.1.2-win32.zip
[2013.03.25 15:27:20 | 000,000,665 | ---- | M] () -- \Users\Jaryn01\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.install.bat
[2013.03.25 15:27:26 | 000,000,117 | ---- | M] () -- \Users\Jaryn01\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.uninstall.bat
[2010.12.31 23:00:00 | 000,000,856 | ---- | M] () -- \Users\Jaryn01\Desktop\Nová složka\0.8.11\gui\maps\icons\library\YasenKrasen\loaderDestroyedSmall.png
[2010.12.31 23:00:00 | 000,000,856 | ---- | M] () -- \Users\Jaryn01\Desktop\WOT\zaměřovače\[8.9]Crabtr33_XVM_CZ_modpack_v1.04\[8.9]Crabtr33_XVM_CZ_modpack_v1.04\res_mods\0.8.9\gui\maps\icons\library\YasenKrasen\loaderDestroyedSmall.png
[2010.12.31 23:00:00 | 000,000,856 | ---- | M] () -- \Users\Jaryn01\Desktop\WOT\zaměřovače\8.10_Crabtr33_XVM_CZ_modpack_v0.81\8.10_Crabtr33_XVM_CZ_modpack_v0.81\res_mods\0.8.10\gui\maps\icons\library\YasenKrasen\loaderDestroyedSmall.png
[2010.12.31 23:00:00 | 000,000,856 | ---- | M] () -- \Users\Jaryn01\Desktop\WOT\zaměřovače\8.10_Crabtr33_XVM_CZ_modpack_v0.85\8.10_Crabtr33_XVM_CZ_modpack_v0.85\res_mods\0.8.10\gui\maps\icons\library\YasenKrasen\loaderDestroyedSmall.png
[2010.12.31 23:00:00 | 000,000,856 | ---- | M] () -- \Users\Jaryn01\Desktop\WOT\zaměřovače\8.10_Crabtr33_XVM_CZ_modpack_v1.06\8.10_Crabtr33_XVM_CZ_modpack_v1.06\res_mods\0.8.10\gui\maps\icons\library\YasenKrasen\loaderDestroyedSmall.png
[2010.12.31 23:00:00 | 000,000,856 | ---- | M] () -- \Users\Jaryn01\Desktop\WOT\zaměřovače\8.11_Crabtr33_XVM_CZ_modpack_v1.01\8.11_Crabtr33_XVM_CZ_modpack_v1.01\res_mods\0.8.11\gui\maps\icons\library\YasenKrasen\loaderDestroyedSmall.png
[2010.03.24 20:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2010.03.24 20:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013.10.24 12:21:48 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2013.07.08 12:04:40 | 000,009,622 | ---- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2012.12.13 20:29:24 | 000,003,530 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.07.14 09:43:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 09:43:57 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.07.14 09:43:57 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2012.12.13 19:14:28 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2012.12.13 19:14:28 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2012.12.13 19:14:28 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.14 09:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 08:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 08:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 05:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:45:38 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
< *minodlogin* /s >
< *tnod* /s >
[2013.04.19 00:38:22 | 000,000,389 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\Cleaner\esetnod32av4.ini
[2013.04.19 00:38:22 | 000,000,397 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\Cleaner\esetnod32av4_x64.ini
[2013.04.19 00:38:22 | 000,000,385 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\Cleaner\esetnod32smarts4.ini
[2013.04.19 00:38:22 | 000,000,420 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\Cleaner\esetnod32smarts4_424_x64sp.ini
[2013.04.19 00:38:22 | 000,000,395 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\Cleaner\esetnod32smarts4_x64.ini
< *AutoKMS* /s >
[2012.12.12 17:43:51 | 001,725,440 | ---- | M] () -- \Windows\AutoKMS\AutoKMS.exe
[2012.12.12 17:43:51 | 000,000,720 | ---- | M] () -- \Windows\AutoKMS\AutoKMS.ini
[2014.02.20 13:25:04 | 000,319,570 | ---- | M] () -- \Windows\AutoKMS\AutoKMS.log
[2014.02.20 13:25:04 | 000,003,486 | ---- | M] () -- \Windows\System32\Tasks\AutoKMS
< *activator* /s >
< *serial* /s >
[2014.02.05 20:18:41 | 000,003,170 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\shared\gui_items\serializers.pyc
[2013.09.13 00:53:56 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.dll
[2013.10.11 02:08:57 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.ni.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.11.25 23:21:06 | 000,003,072 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.serialycz.cz_0.localstorage
[2013.11.25 23:21:06 | 000,003,608 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.serialycz.cz_0.localstorage-journal
[2014.02.10 20:03:32 | 000,003,072 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.serialzone.cz_0.localstorage
[2014.02.10 20:03:32 | 000,003,608 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.serialzone.cz_0.localstorage-journal
[2014.01.22 03:56:12 | 000,000,112 | ---- | M] () -- \Users\Jaryn01\AppData\Local\Google\Picasa2\cache\cacheindex_serial.pmp
[2009.07.14 09:43:23 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 02:55:26 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.02.14 03:04:51 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\553e7bfc9cac5e4feaa83d8ee1e187bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.14 03:09:36 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f177ea74036d5fdc6c6b9c967dc877cf\System.Runtime.Serialization.ni.dll
[2014.02.14 03:19:55 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\046c2851963b30d0e14194051c03de33\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.14 03:19:50 | 002,659,328 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\be0a1bb51a0d8fb41140c8111ed56d19\System.Runtime.Serialization.ni.dll
[2014.02.14 03:22:03 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\bc1a3b2de28e513e09fe7322c122144f\System.Xml.Serialization.ni.dll
[2010.03.18 13:16:28 | 001,026,936 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\System.Runtime.Serialization.dll.x86
[2012.12.13 13:55:44 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.02.14 03:13:49 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.12.13 13:55:44 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2014.02.14 03:13:47 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.02.14 03:13:55 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 05:06:54 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 02:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.14 09:43:17 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2009.07.14 09:43:30 | 000,009,728 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2009.07.13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009.07.13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2009.07.14 03:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 03:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2009.07.14 09:43:55 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 03:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010.11.20 05:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 18:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 18:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2009.07.14 09:42:43 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 20:04:43 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 20:02:24 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2009.07.14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010.11.20 05:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 18:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 18:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2009.07.14 02:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 02:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2009.07.14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010.11.20 05:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 18:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 18:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 09:43:23 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010.11.05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 11:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2009.07.14 09:43:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 02:55:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:50 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2009.07.13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2009.07.14 09:43:15 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c002c1170ca9a88f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_c233d4df09982c29\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.14 09:43:17 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.07.14 09:43:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009.07.14 09:43:30 | 000,009,728 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c48c78a9ad8ff996\serial.sys.mui
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009.07.13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >
-
vrbickyjaroslav
- Návštěvník
- Příspěvky: 33
- Registrován: 07 led 2007 20:51
Re: Preventivní kontrola
OTL Extras logfile created on: 20.2.2014 13:46:45 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jaryn01\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,31 Gb Available Physical Memory | 76,93% Memory free
6,00 Gb Paging File | 5,34 Gb Available in Paging File | 89,01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,79 Gb Total Space | 152,62 Gb Free Space | 65,56% Space Free | Partition Type: NTFS
Drive E: | 596,16 Gb Total Space | 139,74 Gb Free Space | 23,44% Space Free | Partition Type: NTFS
Computer Name: JARYN01-PC | User Name: Jaryn01 | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-4286924774-1133248727-1479155232-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{054C5809-C3E5-4783-86AC-236F47E9D3FF}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{1AA1906C-3BEE-4DA6-91B0-A7160CD39495}" = rport=445 | protocol=6 | dir=out | app=system |
"{1ADA7C34-DE43-4B17-8015-B54E745E73A6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1D7113A9-F969-41B9-9D93-718B78E67B21}" = lport=33333 | protocol=6 | dir=in | name=war thunder |
"{297EEBE7-5145-47B0-89E3-FD21874840D9}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{3795ABEA-06A5-40C7-BA95-DCA2EEA912B5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{38325B79-CAC4-4C84-B975-993E8C1BCCDB}" = lport=137 | protocol=17 | dir=in | app=system |
"{3A5A200F-9CAF-4B85-8A66-186DEC9A3068}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{47756DAC-8BB9-46C1-B88A-A5080DDD02CA}" = lport=6881 | protocol=6 | dir=in | name=war thunder |
"{51EC285D-DFE5-4580-AE9F-36B31055BA66}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{57528515-CB5F-4CA9-A3F2-FAE65F47CE62}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{5B60B3FE-F032-4CC2-ABB8-0CC84464110C}" = lport=139 | protocol=6 | dir=in | app=system |
"{61AE2D15-B591-4441-904B-B3F128576364}" = rport=139 | protocol=6 | dir=out | app=system |
"{62E33320-98BB-4530-90BB-CC6DD387D055}" = lport=27022 | protocol=6 | dir=in | name=war thunder |
"{665A1966-4F10-41B2-A3F6-7F46BDE0CCEF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6792A2D4-A2DB-4DCE-9A45-DBB933E08EC2}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{67D19B5B-98C2-4892-B11D-34A8C28480BF}" = lport=20443 | protocol=6 | dir=in | name=war thunder |
"{7018C004-2906-41CD-A916-60ECD314DC55}" = lport=443 | protocol=6 | dir=in | name=war thunder |
"{750C425D-F690-4387-96B0-3BAAFA6D9E2D}" = lport=8090 | protocol=6 | dir=in | name=war thunder |
"{7F4F2F0B-02FA-41B9-9505-3A4FA2EAF73C}" = lport=80 | protocol=6 | dir=in | name=war thunder |
"{82A84D78-E1E4-416C-B39E-99B4470211B3}" = lport=7853 | protocol=6 | dir=in | name=war thunder |
"{8BCA16A8-B156-4340-806F-729CDE601309}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{91F2F45E-B204-4F58-8FA9-E86256A55491}" = rport=138 | protocol=17 | dir=out | app=system |
"{97D11077-2866-4245-8EC2-A9E2AFD5E288}" = lport=20010 | protocol=17 | dir=in | name=war thunder |
"{9BCD2CF7-B20E-42E3-90FF-19050B63FB25}" = lport=7852 | protocol=6 | dir=in | name=war thunder |
"{9F4109A7-6354-4709-AF21-2B0B13B7A661}" = lport=445 | protocol=6 | dir=in | app=system |
"{CECCF588-6A55-430C-ADCC-DBD94A7CE71B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DAB88500-51A5-42A9-88AC-2421B2C5C217}" = lport=7850 | protocol=6 | dir=in | name=war thunder |
"{DFA2CA7F-1680-44B9-9BE2-F27B29AF00C9}" = lport=138 | protocol=17 | dir=in | app=system |
"{E3BB3F3A-F058-46C0-8971-CED1F21C4653}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{E7E71C99-E84C-44FE-AD4B-1087CA19E066}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FA3EF25B-0A8D-43DE-9137-E8053069368B}" = lport=3478 | protocol=17 | dir=in | name=war thunder |
"{FC2A8ED2-6F25-45C9-8EA6-BB85F68A9AFF}" = rport=137 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{033FACAB-B531-4D33-897F-CE220F572BB3}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{0AFFF669-8B98-4BE3-A6D7-71D77825938D}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{0D4AD0F1-EE06-484D-B110-7DDF5A8A292F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{1967F7DC-BEAE-4D65-8C1B-52AC96E7C555}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2BF9B3A4-1EEE-4E40-9CD0-25DF381B91D2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4B26F372-B922-4675-AFB4-22F7B53209E4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{55D31694-07C2-4C05-A31F-2BFAC44C800A}" = protocol=6 | dir=in | app=c:\program files\warthunder\launcher.exe |
"{57A60DA8-EF03-405A-8342-A79267C0A6FC}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{5B569870-DACE-407D-9F40-72D7748BFA16}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{64042B6B-3874-424F-A939-854A70024E5B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{7AB0C89C-B99B-4790-901C-BDF73A832E99}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{81DA26ED-CD7D-4E94-9E80-DA071889CE73}" = protocol=17 | dir=in | app=c:\program files\warthunder\launcher.exe |
"{93E5E81B-8648-4FBE-A0AA-B369078950CC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{96454DB8-C00E-4E2D-BE1B-301EF01EA8C3}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{A00AD30E-68F0-4F85-8674-C31BE87A78C5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{DCA1CF13-1F56-434C-9DFF-F2922C833747}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{E32327FA-F0D5-417E-9EA8-DD9D8604962E}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{F356CB09-EB12-4726-BA5F-6AD415368CD7}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"TCP Query User{43233FDB-10EF-4F79-B2E4-7D99FF13A5CC}C:\users\jaryn01\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\jaryn01\appdata\local\akamai\netsession_win.exe |
"TCP Query User{8EB9C4A9-AF74-4469-A078-DF0C71DE1808}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"UDP Query User{7B29D09D-E579-4623-9206-FD460268E282}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"UDP Query User{F72F30FB-4163-4ABA-9479-4D0D3E820F47}C:\users\jaryn01\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\jaryn01\appdata\local\akamai\netsession_win.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A5B39D2-7ED6-4779-BCC9-37F381139DB3}" = Adobe AIR
"{1D557982-6BBB-454A-93AC-41B4A53CB216}" = O&O CleverCache
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1" = World of Tanks
"{362483B1-91EB-4CB4-B9BB-3B4B4C644404}" = ZC0301PLH_Driver_Setup
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{41DB3D33-D655-40BB-8BF3-824768DD6170}" = O&O Defrag Professional
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.7
"{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63E0F6F8-7043-4554-9509-98FB537379A9}" = VIMICRO USB PC Camera (VC0303)
"{6AE22174-4FFA-4572-B692-31F0C386ED38}" = Consolas Font Family
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}" = Software Version Updater
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A50DE037-B5C0-4C8A-8049-B0C576B313D1}" = Google+ Auto Backup
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Czech
"{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D303B}" = VIMICRO USB PC Camera (ZC0301PLH)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 310.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.15.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1" = War Thunder Launcher 1.0.1.302
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FF3D660E-E5CC-47FD-8050-1B4DE3BA81A9}" = Dual-Core Optimizer
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Bandicam" = Bandicam
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"BSPlayerf" = BS.Player FREE
"DAEMON Tools Lite" = DAEMON Tools Lite
"DokanLibrary" = Dokan Library 0.6.0
"FormatFactory" = FormatFactory 3.3.1.0
"Google Chrome" = Google Chrome
"InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"Internet Download Manager" = Internet Download Manager
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Picasa 3" = Picasa 3
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Totalcmd" = Total Commander (Remove or Repair)
"Video Player" = Video Player
"Webexp Enhanced" = Webexp Enhanced
"WinASO Registry Optimizer_is1" = WinASO Registry Optimizer 4.8.0
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"WNLT" = IB Updater Service
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-4286924774-1133248727-1479155232-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"SeznamInstall" = Seznam Software
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 30.8.2013 6:49:09 | Computer Name = Jaryn01-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\totalcmd\TCUNIN64.EXE se nezdařilo.
Závislé
sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 1.9.2013 13:01:18 | Computer Name = Jaryn01-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\totalcmd\TCUNIN64.EXE se nezdařilo.
Závislé
sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 1.9.2013 18:30:50 | Computer Name = Jaryn01-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\totalcmd\TCUNIN64.EXE se nezdařilo.
Závislé
sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 3.9.2013 4:32:25 | Computer Name = Jaryn01-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\totalcmd\TCUNIN64.EXE se nezdařilo.
Závislé
sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 5.9.2013 10:08:25 | Computer Name = Jaryn01-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\totalcmd\TCUNIN64.EXE se nezdařilo.
Závislé
sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 7.9.2013 18:58:20 | Computer Name = Jaryn01-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\totalcmd\TCUNIN64.EXE se nezdařilo.
Závislé
sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 9.9.2013 2:48:32 | Computer Name = Jaryn01-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\totalcmd\TCUNIN64.EXE se nezdařilo.
Závislé
sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 10.9.2013 2:40:38 | Computer Name = Jaryn01-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\totalcmd\TCUNIN64.EXE se nezdařilo.
Závislé
sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 11.9.2013 2:20:36 | Computer Name = Jaryn01-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\totalcmd\TCUNIN64.EXE se nezdařilo.
Závislé
sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 13.9.2013 18:37:09 | Computer Name = Jaryn01-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: nvtray.exe, verze: 7.17.13.1106, časové
razítko: 0x50f950f4 Název chybujícího modulu: nvtray.exe, verze: 7.17.13.1106, časové
razítko: 0x50f950f4 Kód výjimky: 0x40000015 Posun chyby: 0x0010333f ID chybujícího
procesu: 0xb58 Čas spuštění chybující aplikace: 0x01ceb0cdfab95020 Cesta k chybující
aplikaci: C:\Program Files\NVIDIA Corporation\Display\nvtray.exe Cesta k chybujícímu
modulu: C:\Program Files\NVIDIA Corporation\Display\nvtray.exe ID zprávy: 0629d250-1cc5-11e3-a3bd-0017318739ae
[ System Events ]
Error - 20.2.2014 8:44:45 | Computer Name = Jaryn01-PC | Source = DCOM | ID = 10005
Description =
Error - 20.2.2014 8:44:47 | Computer Name = Jaryn01-PC | Source = DCOM | ID = 10005
Description =
Error - 20.2.2014 8:44:47 | Computer Name = Jaryn01-PC | Source = DCOM | ID = 10005
Description =
Error - 20.2.2014 8:44:47 | Computer Name = Jaryn01-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068
Error - 20.2.2014 8:44:47 | Computer Name = Jaryn01-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068
Error - 20.2.2014 8:44:47 | Computer Name = Jaryn01-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068
Error - 20.2.2014 8:44:47 | Computer Name = Jaryn01-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068
Error - 20.2.2014 8:44:47 | Computer Name = Jaryn01-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068
Error - 20.2.2014 8:44:47 | Computer Name = Jaryn01-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068
Error - 20.2.2014 8:46:02 | Computer Name = Jaryn01-PC | Source = DCOM | ID = 10005
Description =
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jaryn01\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,31 Gb Available Physical Memory | 76,93% Memory free
6,00 Gb Paging File | 5,34 Gb Available in Paging File | 89,01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,79 Gb Total Space | 152,62 Gb Free Space | 65,56% Space Free | Partition Type: NTFS
Drive E: | 596,16 Gb Total Space | 139,74 Gb Free Space | 23,44% Space Free | Partition Type: NTFS
Computer Name: JARYN01-PC | User Name: Jaryn01 | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-4286924774-1133248727-1479155232-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{054C5809-C3E5-4783-86AC-236F47E9D3FF}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{1AA1906C-3BEE-4DA6-91B0-A7160CD39495}" = rport=445 | protocol=6 | dir=out | app=system |
"{1ADA7C34-DE43-4B17-8015-B54E745E73A6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1D7113A9-F969-41B9-9D93-718B78E67B21}" = lport=33333 | protocol=6 | dir=in | name=war thunder |
"{297EEBE7-5145-47B0-89E3-FD21874840D9}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{3795ABEA-06A5-40C7-BA95-DCA2EEA912B5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{38325B79-CAC4-4C84-B975-993E8C1BCCDB}" = lport=137 | protocol=17 | dir=in | app=system |
"{3A5A200F-9CAF-4B85-8A66-186DEC9A3068}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{47756DAC-8BB9-46C1-B88A-A5080DDD02CA}" = lport=6881 | protocol=6 | dir=in | name=war thunder |
"{51EC285D-DFE5-4580-AE9F-36B31055BA66}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{57528515-CB5F-4CA9-A3F2-FAE65F47CE62}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{5B60B3FE-F032-4CC2-ABB8-0CC84464110C}" = lport=139 | protocol=6 | dir=in | app=system |
"{61AE2D15-B591-4441-904B-B3F128576364}" = rport=139 | protocol=6 | dir=out | app=system |
"{62E33320-98BB-4530-90BB-CC6DD387D055}" = lport=27022 | protocol=6 | dir=in | name=war thunder |
"{665A1966-4F10-41B2-A3F6-7F46BDE0CCEF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6792A2D4-A2DB-4DCE-9A45-DBB933E08EC2}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{67D19B5B-98C2-4892-B11D-34A8C28480BF}" = lport=20443 | protocol=6 | dir=in | name=war thunder |
"{7018C004-2906-41CD-A916-60ECD314DC55}" = lport=443 | protocol=6 | dir=in | name=war thunder |
"{750C425D-F690-4387-96B0-3BAAFA6D9E2D}" = lport=8090 | protocol=6 | dir=in | name=war thunder |
"{7F4F2F0B-02FA-41B9-9505-3A4FA2EAF73C}" = lport=80 | protocol=6 | dir=in | name=war thunder |
"{82A84D78-E1E4-416C-B39E-99B4470211B3}" = lport=7853 | protocol=6 | dir=in | name=war thunder |
"{8BCA16A8-B156-4340-806F-729CDE601309}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{91F2F45E-B204-4F58-8FA9-E86256A55491}" = rport=138 | protocol=17 | dir=out | app=system |
"{97D11077-2866-4245-8EC2-A9E2AFD5E288}" = lport=20010 | protocol=17 | dir=in | name=war thunder |
"{9BCD2CF7-B20E-42E3-90FF-19050B63FB25}" = lport=7852 | protocol=6 | dir=in | name=war thunder |
"{9F4109A7-6354-4709-AF21-2B0B13B7A661}" = lport=445 | protocol=6 | dir=in | app=system |
"{CECCF588-6A55-430C-ADCC-DBD94A7CE71B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DAB88500-51A5-42A9-88AC-2421B2C5C217}" = lport=7850 | protocol=6 | dir=in | name=war thunder |
"{DFA2CA7F-1680-44B9-9BE2-F27B29AF00C9}" = lport=138 | protocol=17 | dir=in | app=system |
"{E3BB3F3A-F058-46C0-8971-CED1F21C4653}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{E7E71C99-E84C-44FE-AD4B-1087CA19E066}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FA3EF25B-0A8D-43DE-9137-E8053069368B}" = lport=3478 | protocol=17 | dir=in | name=war thunder |
"{FC2A8ED2-6F25-45C9-8EA6-BB85F68A9AFF}" = rport=137 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{033FACAB-B531-4D33-897F-CE220F572BB3}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{0AFFF669-8B98-4BE3-A6D7-71D77825938D}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{0D4AD0F1-EE06-484D-B110-7DDF5A8A292F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{1967F7DC-BEAE-4D65-8C1B-52AC96E7C555}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2BF9B3A4-1EEE-4E40-9CD0-25DF381B91D2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4B26F372-B922-4675-AFB4-22F7B53209E4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{55D31694-07C2-4C05-A31F-2BFAC44C800A}" = protocol=6 | dir=in | app=c:\program files\warthunder\launcher.exe |
"{57A60DA8-EF03-405A-8342-A79267C0A6FC}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{5B569870-DACE-407D-9F40-72D7748BFA16}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{64042B6B-3874-424F-A939-854A70024E5B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{7AB0C89C-B99B-4790-901C-BDF73A832E99}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{81DA26ED-CD7D-4E94-9E80-DA071889CE73}" = protocol=17 | dir=in | app=c:\program files\warthunder\launcher.exe |
"{93E5E81B-8648-4FBE-A0AA-B369078950CC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{96454DB8-C00E-4E2D-BE1B-301EF01EA8C3}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{A00AD30E-68F0-4F85-8674-C31BE87A78C5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{DCA1CF13-1F56-434C-9DFF-F2922C833747}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{E32327FA-F0D5-417E-9EA8-DD9D8604962E}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{F356CB09-EB12-4726-BA5F-6AD415368CD7}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"TCP Query User{43233FDB-10EF-4F79-B2E4-7D99FF13A5CC}C:\users\jaryn01\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\jaryn01\appdata\local\akamai\netsession_win.exe |
"TCP Query User{8EB9C4A9-AF74-4469-A078-DF0C71DE1808}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"UDP Query User{7B29D09D-E579-4623-9206-FD460268E282}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"UDP Query User{F72F30FB-4163-4ABA-9479-4D0D3E820F47}C:\users\jaryn01\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\jaryn01\appdata\local\akamai\netsession_win.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A5B39D2-7ED6-4779-BCC9-37F381139DB3}" = Adobe AIR
"{1D557982-6BBB-454A-93AC-41B4A53CB216}" = O&O CleverCache
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1" = World of Tanks
"{362483B1-91EB-4CB4-B9BB-3B4B4C644404}" = ZC0301PLH_Driver_Setup
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{41DB3D33-D655-40BB-8BF3-824768DD6170}" = O&O Defrag Professional
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.7
"{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63E0F6F8-7043-4554-9509-98FB537379A9}" = VIMICRO USB PC Camera (VC0303)
"{6AE22174-4FFA-4572-B692-31F0C386ED38}" = Consolas Font Family
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}" = Software Version Updater
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A50DE037-B5C0-4C8A-8049-B0C576B313D1}" = Google+ Auto Backup
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Czech
"{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D303B}" = VIMICRO USB PC Camera (ZC0301PLH)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 310.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.15.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1" = War Thunder Launcher 1.0.1.302
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FF3D660E-E5CC-47FD-8050-1B4DE3BA81A9}" = Dual-Core Optimizer
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Bandicam" = Bandicam
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"BSPlayerf" = BS.Player FREE
"DAEMON Tools Lite" = DAEMON Tools Lite
"DokanLibrary" = Dokan Library 0.6.0
"FormatFactory" = FormatFactory 3.3.1.0
"Google Chrome" = Google Chrome
"InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"Internet Download Manager" = Internet Download Manager
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Picasa 3" = Picasa 3
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Totalcmd" = Total Commander (Remove or Repair)
"Video Player" = Video Player
"Webexp Enhanced" = Webexp Enhanced
"WinASO Registry Optimizer_is1" = WinASO Registry Optimizer 4.8.0
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"WNLT" = IB Updater Service
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-4286924774-1133248727-1479155232-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"SeznamInstall" = Seznam Software
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 30.8.2013 6:49:09 | Computer Name = Jaryn01-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\totalcmd\TCUNIN64.EXE se nezdařilo.
Závislé
sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 1.9.2013 13:01:18 | Computer Name = Jaryn01-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\totalcmd\TCUNIN64.EXE se nezdařilo.
Závislé
sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 1.9.2013 18:30:50 | Computer Name = Jaryn01-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\totalcmd\TCUNIN64.EXE se nezdařilo.
Závislé
sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 3.9.2013 4:32:25 | Computer Name = Jaryn01-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\totalcmd\TCUNIN64.EXE se nezdařilo.
Závislé
sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 5.9.2013 10:08:25 | Computer Name = Jaryn01-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\totalcmd\TCUNIN64.EXE se nezdařilo.
Závislé
sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 7.9.2013 18:58:20 | Computer Name = Jaryn01-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\totalcmd\TCUNIN64.EXE se nezdařilo.
Závislé
sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 9.9.2013 2:48:32 | Computer Name = Jaryn01-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\totalcmd\TCUNIN64.EXE se nezdařilo.
Závislé
sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 10.9.2013 2:40:38 | Computer Name = Jaryn01-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\totalcmd\TCUNIN64.EXE se nezdařilo.
Závislé
sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 11.9.2013 2:20:36 | Computer Name = Jaryn01-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\totalcmd\TCUNIN64.EXE se nezdařilo.
Závislé
sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 13.9.2013 18:37:09 | Computer Name = Jaryn01-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: nvtray.exe, verze: 7.17.13.1106, časové
razítko: 0x50f950f4 Název chybujícího modulu: nvtray.exe, verze: 7.17.13.1106, časové
razítko: 0x50f950f4 Kód výjimky: 0x40000015 Posun chyby: 0x0010333f ID chybujícího
procesu: 0xb58 Čas spuštění chybující aplikace: 0x01ceb0cdfab95020 Cesta k chybující
aplikaci: C:\Program Files\NVIDIA Corporation\Display\nvtray.exe Cesta k chybujícímu
modulu: C:\Program Files\NVIDIA Corporation\Display\nvtray.exe ID zprávy: 0629d250-1cc5-11e3-a3bd-0017318739ae
[ System Events ]
Error - 20.2.2014 8:44:45 | Computer Name = Jaryn01-PC | Source = DCOM | ID = 10005
Description =
Error - 20.2.2014 8:44:47 | Computer Name = Jaryn01-PC | Source = DCOM | ID = 10005
Description =
Error - 20.2.2014 8:44:47 | Computer Name = Jaryn01-PC | Source = DCOM | ID = 10005
Description =
Error - 20.2.2014 8:44:47 | Computer Name = Jaryn01-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068
Error - 20.2.2014 8:44:47 | Computer Name = Jaryn01-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068
Error - 20.2.2014 8:44:47 | Computer Name = Jaryn01-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068
Error - 20.2.2014 8:44:47 | Computer Name = Jaryn01-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068
Error - 20.2.2014 8:44:47 | Computer Name = Jaryn01-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068
Error - 20.2.2014 8:44:47 | Computer Name = Jaryn01-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068
Error - 20.2.2014 8:46:02 | Computer Name = Jaryn01-PC | Source = DCOM | ID = 10005
Description =
< End of report >
-
vrbickyjaroslav
- Návštěvník
- Příspěvky: 33
- Registrován: 07 led 2007 20:51
Re: Preventivní kontrola
Logy jsou po spuštění v nouzovém režimu, jinak hlásí:
Cannot create file C:Users\Jaryn01\Desktop\cmd.bat.
Cannot create file C:Users\Jaryn01\Desktop\cmd.bat.
Re: Preventivní kontrola
Jen se jeste zeptam, jak je to s legalitou office a systemu? Ultimate neni zrovna bezna domaci verze 
Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
vrbickyjaroslav
- Návštěvník
- Příspěvky: 33
- Registrován: 07 led 2007 20:51
Re: Preventivní kontrola
Zdravím systém ani office nic nehlásí.Přikládám log.
Malwarebytes Anti-Malware 1.75.0.1300
http://www.malwarebytes.org
Verze: v2014.02.20.06
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.16518
Jaryn01 :: JARYN01-PC [administrátor]
20.2.2014 15:56:04
MBAM-log-2014-02-20 (16-54-58).txt
Typ: Kompletní kontrola (C:\|D:\|E:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 380205
Uplynulý čas: 54 minut, 39 sekund
Nalezené procesy v paměti: 1
C:\Windows\System32\dmwu.exe (Adware.InstallBrain) -> 1624 -> Nebyla provedena žádná instrukce.
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 17
HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\Updater.AmiUpd.1 (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\Updater.AmiUpd (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1} (PUP.Optional.Conduit) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video Player (PUP.Optional.Amonetize) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\WNLT (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\iVIDI Plugin (PUP.Optional.Ividi.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Webexp Enhanced (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\WNLT (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService (Adware.InstallBrain) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video Player (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 5
HKCU\SOFTWARE\WNLT|URL (PUP.Optional.InstallBrain.A) -> Data: SWEETPACKS_SEARCH -> Nebyla provedena žádná instrukce.
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: 92544391268159177 -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Mozilla\Firefox\Extensions|ext@WebexpEnhancedV1alpha131.net (PUP.Optional.WebExpEnhanced.A) -> Data: C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131\ff -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\WNLT|PDV (PUP.Optional.InstallBrain.A) -> Data: [UPGRADEONIDLE] [BLACKLIST=1] [TAILUPGRADECAPTURE] -> Nebyla provedena žádná instrukce.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: 92544391268159177 -> Nebyla provedena žádná instrukce.
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 20
C:\Windows\System32\WNLT\Installation (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\WNLT\Installation\Uninstall (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\BetterSurf (PUP.Optional.BetterSurf) -> Nebyla provedena žádná instrukce.
C:\Program Files\WebexpEnhancedV1 (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131 (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131\ch (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131\ff (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131\ff\chrome (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131\ff\chrome\content (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131\ff\chrome\content\icons (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131\ff\chrome\content\icons\default (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131\ie (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368 (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368\ch (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368\ff (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368\ff\chrome (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368\ff\chrome\content (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368\ff\chrome\content\icons (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368\ff\chrome\content\icons\default (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368\ie (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
Nalezené soubory: 46
C:\Users\Jaryn01\AppData\Local\SwvUpdater\Updater.exe (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
C:\Users\Jaryn01\Downloads\rcpsetupst_RC1_ZZ_L_1.exe (PUP.Optional.RegCleanerPro) -> Nebyla provedena žádná instrukce.
C:\Users\Jaryn01\Downloads\iLividSetup-r400-n-bc.exe (PUP.Optional.Bandoo) -> Nebyla provedena žádná instrukce.
C:\Program Files\Conduit\Community Alerts\Alert.dll (PUP.Optional.Conduit) -> Nebyla provedena žádná instrukce.
C:\Program Files\Defense Grid - The Awakening\Uninstall.exe (Malware.Packer.Krunchy) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368\uninstall.exe (PUP.Optional.Amonetize) -> Nebyla provedena žádná instrukce.
C:\Program Files\WinASO\Registry Optimizer\1_Patch.exe (PUP.Hacktool.Patcher) -> Nebyla provedena žádná instrukce.
C:\Program Files\Internet Download Manager\Patch.exe (Riskware.Tool.CK) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SkywalkerSetup[1].exe (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WSSetup[1].exe (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WSSetup[2].exe (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
E:\Záloha\Programy\2D_3D_3.61\2D+3D Screensaver Maker 3.61\2D3DSSM.exe (Spyware.Keylogger) -> Nebyla provedena žádná instrukce.
E:\Záloha\Antiviry\Ganjin_s+Kaspersky+2011+Trial+Reset+v1.4a\Ganjin's Kaspersky 2011 Trial Reset v1.4a\gjn_ktr2011.zip (RiskWare.Tool.CK) -> Nebyla provedena žádná instrukce.
E:\Záloha\Češtiny\battlefield2_cz_2.exe (PUP.Optional.Miner) -> Nebyla provedena žádná instrukce.
E:\_hry green2\Devastator\NFOviewer.exe (Malware.Packer.Krunchy) -> Nebyla provedena žádná instrukce.
E:\_hry green2\frontlines\vty-0179.rar (Trojan.Agent.BEWGen) -> Nebyla provedena žádná instrukce.
E:\_hry green2\cod4\rzr-cod4.exe (Trojan.Agent.CK) -> Nebyla provedena žádná instrukce.
E:\_hry green2\cod4\Call of Duty 4\t\rzr-cd4f.001 (Trojan.Agent.CK) -> Nebyla provedena žádná instrukce.
C:\Windows\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\dmwu.exe (Adware.InstallBrain) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\WNLT\Installation\Config.bin (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\WNLT\Installation\HSChromeRegSetup.exe (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\WNLT\Installation\NTSetup.exe (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\WNLT\Installation\SKSetup.exe (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\WNLT\Installation\uninstaller.exe (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\WNLT\Installation\WSSetup.exe (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\WNLT\Installation\Uninstall\msvcp100.dll (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\WNLT\Installation\Uninstall\msvcr100.dll (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\WNLT\Installation\Uninstall\uninstaller.exe (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\WNLT\Installation\Uninstall\UninstallerLauncher.exe (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131\uninstall.exe (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131\ch\WebexpEnhancedV1alpha131.crx (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131\ff\chrome.manifest (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131\ff\install.rdf (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131\ff\chrome\content\ffWebexpEnhancedV1alpha131.js (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131\ff\chrome\content\overlay.xul (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131\ff\chrome\content\icons\Thumbs.db (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131\ff\chrome\content\icons\default\WebexpEnhancedV1alpha131_32.png (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368\uninstall.exe (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368\ch\VideoPlayerV3beta368.crx (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368\ff\chrome.manifest (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368\ff\install.rdf (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368\ff\chrome\content\ffVideoPlayerV3beta368.js (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368\ff\chrome\content\overlay.xul (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368\ff\chrome\content\icons\Thumbs.db (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368\ff\chrome\content\icons\default\VideoPlayerV3beta368_32.png (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
(konec)
Malwarebytes Anti-Malware 1.75.0.1300
http://www.malwarebytes.org
Verze: v2014.02.20.06
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.16518
Jaryn01 :: JARYN01-PC [administrátor]
20.2.2014 15:56:04
MBAM-log-2014-02-20 (16-54-58).txt
Typ: Kompletní kontrola (C:\|D:\|E:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 380205
Uplynulý čas: 54 minut, 39 sekund
Nalezené procesy v paměti: 1
C:\Windows\System32\dmwu.exe (Adware.InstallBrain) -> 1624 -> Nebyla provedena žádná instrukce.
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 17
HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\Updater.AmiUpd.1 (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\Updater.AmiUpd (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1} (PUP.Optional.Conduit) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video Player (PUP.Optional.Amonetize) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\WNLT (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\iVIDI Plugin (PUP.Optional.Ividi.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Webexp Enhanced (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\WNLT (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService (Adware.InstallBrain) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video Player (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 5
HKCU\SOFTWARE\WNLT|URL (PUP.Optional.InstallBrain.A) -> Data: SWEETPACKS_SEARCH -> Nebyla provedena žádná instrukce.
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: 92544391268159177 -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Mozilla\Firefox\Extensions|ext@WebexpEnhancedV1alpha131.net (PUP.Optional.WebExpEnhanced.A) -> Data: C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131\ff -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\WNLT|PDV (PUP.Optional.InstallBrain.A) -> Data: [UPGRADEONIDLE] [BLACKLIST=1] [TAILUPGRADECAPTURE] -> Nebyla provedena žádná instrukce.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: 92544391268159177 -> Nebyla provedena žádná instrukce.
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 20
C:\Windows\System32\WNLT\Installation (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\WNLT\Installation\Uninstall (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\BetterSurf (PUP.Optional.BetterSurf) -> Nebyla provedena žádná instrukce.
C:\Program Files\WebexpEnhancedV1 (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131 (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131\ch (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131\ff (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131\ff\chrome (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131\ff\chrome\content (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131\ff\chrome\content\icons (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131\ff\chrome\content\icons\default (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131\ie (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368 (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368\ch (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368\ff (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368\ff\chrome (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368\ff\chrome\content (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368\ff\chrome\content\icons (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368\ff\chrome\content\icons\default (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368\ie (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
Nalezené soubory: 46
C:\Users\Jaryn01\AppData\Local\SwvUpdater\Updater.exe (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
C:\Users\Jaryn01\Downloads\rcpsetupst_RC1_ZZ_L_1.exe (PUP.Optional.RegCleanerPro) -> Nebyla provedena žádná instrukce.
C:\Users\Jaryn01\Downloads\iLividSetup-r400-n-bc.exe (PUP.Optional.Bandoo) -> Nebyla provedena žádná instrukce.
C:\Program Files\Conduit\Community Alerts\Alert.dll (PUP.Optional.Conduit) -> Nebyla provedena žádná instrukce.
C:\Program Files\Defense Grid - The Awakening\Uninstall.exe (Malware.Packer.Krunchy) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368\uninstall.exe (PUP.Optional.Amonetize) -> Nebyla provedena žádná instrukce.
C:\Program Files\WinASO\Registry Optimizer\1_Patch.exe (PUP.Hacktool.Patcher) -> Nebyla provedena žádná instrukce.
C:\Program Files\Internet Download Manager\Patch.exe (Riskware.Tool.CK) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SkywalkerSetup[1].exe (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WSSetup[1].exe (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WSSetup[2].exe (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
E:\Záloha\Programy\2D_3D_3.61\2D+3D Screensaver Maker 3.61\2D3DSSM.exe (Spyware.Keylogger) -> Nebyla provedena žádná instrukce.
E:\Záloha\Antiviry\Ganjin_s+Kaspersky+2011+Trial+Reset+v1.4a\Ganjin's Kaspersky 2011 Trial Reset v1.4a\gjn_ktr2011.zip (RiskWare.Tool.CK) -> Nebyla provedena žádná instrukce.
E:\Záloha\Češtiny\battlefield2_cz_2.exe (PUP.Optional.Miner) -> Nebyla provedena žádná instrukce.
E:\_hry green2\Devastator\NFOviewer.exe (Malware.Packer.Krunchy) -> Nebyla provedena žádná instrukce.
E:\_hry green2\frontlines\vty-0179.rar (Trojan.Agent.BEWGen) -> Nebyla provedena žádná instrukce.
E:\_hry green2\cod4\rzr-cod4.exe (Trojan.Agent.CK) -> Nebyla provedena žádná instrukce.
E:\_hry green2\cod4\Call of Duty 4\t\rzr-cd4f.001 (Trojan.Agent.CK) -> Nebyla provedena žádná instrukce.
C:\Windows\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\dmwu.exe (Adware.InstallBrain) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\WNLT\Installation\Config.bin (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\WNLT\Installation\HSChromeRegSetup.exe (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\WNLT\Installation\NTSetup.exe (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\WNLT\Installation\SKSetup.exe (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\WNLT\Installation\uninstaller.exe (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\WNLT\Installation\WSSetup.exe (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\WNLT\Installation\Uninstall\msvcp100.dll (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\WNLT\Installation\Uninstall\msvcr100.dll (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\WNLT\Installation\Uninstall\uninstaller.exe (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\WNLT\Installation\Uninstall\UninstallerLauncher.exe (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131\uninstall.exe (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131\ch\WebexpEnhancedV1alpha131.crx (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131\ff\chrome.manifest (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131\ff\install.rdf (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131\ff\chrome\content\ffWebexpEnhancedV1alpha131.js (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131\ff\chrome\content\overlay.xul (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131\ff\chrome\content\icons\Thumbs.db (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha131\ff\chrome\content\icons\default\WebexpEnhancedV1alpha131_32.png (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368\uninstall.exe (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368\ch\VideoPlayerV3beta368.crx (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368\ff\chrome.manifest (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368\ff\install.rdf (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368\ff\chrome\content\ffVideoPlayerV3beta368.js (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368\ff\chrome\content\overlay.xul (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368\ff\chrome\content\icons\Thumbs.db (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta368\ff\chrome\content\icons\default\VideoPlayerV3beta368_32.png (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
(konec)
Re: Preventivní kontrola
Neptal jsem se, jestli neco hlasi, ale jestli mate licencevrbickyjaroslav píše:Zdravím systém ani office nic nehlásí.
Nalezy nechte odstranit. Po odstraneni a restartu pc test zopakujte, at vime, ze se to nevraci. Napiste, jestli neco nasel. Podle toho zvolim dalsi postup.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
vrbickyjaroslav
- Návštěvník
- Příspěvky: 33
- Registrován: 07 led 2007 20:51
Re: Preventivní kontrola
Vše je legální a nálezy byly úspěšně odstraněny.Děkuji mnohokrát za pomoc.J.
Re: Preventivní kontrola
Jasne, takze ten crack je tam jen jako zapomenuta vanocni ozdoba, achjo 
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?
