Podozrenie na zavirenie notebooku, dns server sa po minute sam zmeni na 127.0.0.1 a prestane tak fungovat pripojenie k internetu. Poprosim o kontrolu logu a dalsie pokyny.
Dakujem Orli
Logfile of random's system information tool 1.09 (written by random/random)
Run by Anička at 2014-02-22 14:41:03
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 30 GB (18%) free of 160 GB
Total RAM: 3063 MB (30% free)
HijackThis download failed
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Anička\AppData\Roaming\Mozilla\Firefox\Profiles\dz1i4fbk.default
prefs.js - "browser.startup.homepage" - "http://feed.snapdo.com/?publisher=Snapd ... 22/11/2013"
prefs.js - "keyword.URL" - "http://feed.snapdo.com/?publisher=Snapd ... 11/2013&q="
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon My Image Garden
"Path"=C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nitropdf.com/NitroPDF]
"Description"=NitroPDF Web Browser Plugin
"Path"=C:\Program Files\Nitro\Pro 8\npnitromozilla.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2012-06-14 175776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-02-21 1143168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14 4372120]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-02-21 1143168]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 947152]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-05-09 1029416]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-21 3767096]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"20131224"=C:\Program Files\AVAST Software\Avast\setup\emupdate\d2e4643d-7bc0-4259-afca-6b2690d5f49b.exe [2014-02-22 181136]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonQuickMenu]
C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [2012-04-03 1273448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify]
C:\Program Files\Connectify\Connectify.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-11-10 417792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwiftToDoList]
C:\Users\Anička\AppData\Local\Task List Guru\Task List Guru.exe -minimized []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Anička^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk]
C:\PROGRA~1\MICROS~3\Office14\ONENOTEM.EXE [2010-03-29 227712]
C:\Users\Anička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-02-22 14:41:03 ----D---- C:\rsit
2014-02-22 14:41:03 ----D---- C:\Program Files\trend micro
2014-02-21 21:26:56 ----D---- C:\Users\Anička\AppData\Roaming\AVAST Software
2014-02-21 20:34:40 ----A---- C:\Windows\system32\drivers\aswStm.sys
2014-02-21 20:34:39 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-02-21 20:34:38 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2014-02-21 20:34:37 ----A---- C:\Windows\system32\drivers\aswSP.sys
2014-02-21 20:34:36 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-02-21 20:34:34 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-02-21 20:34:32 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-02-21 20:34:24 ----A---- C:\Windows\system32\aswBoot.exe
2014-02-21 20:34:13 ----A---- C:\Windows\avastSS.scr
2014-02-21 20:33:17 ----D---- C:\Program Files\AVAST Software
2014-02-21 20:29:44 ----D---- C:\ProgramData\AVAST Software
2014-02-16 18:42:24 ----D---- C:\AdwCleaner
2014-02-16 18:42:15 ----D---- C:\Program Files\CCleaner
2014-02-15 10:27:27 ----D---- C:\Program Files\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2014-02-22 14:41:03 ----RD---- C:\Program Files
2014-02-22 14:36:00 ----D---- C:\Windows\Temp
2014-02-22 12:29:29 ----D---- C:\Users\Anička\AppData\Roaming\vlc
2014-02-22 09:35:26 ----D---- C:\Windows\system32\NDF
2014-02-22 09:14:47 ----HD---- C:\ProgramData
2014-02-22 00:24:27 ----D---- C:\Windows\debug
2014-02-21 23:17:27 ----SHD---- C:\Windows\Installer
2014-02-21 23:13:42 ----SHD---- C:\System Volume Information
2014-02-21 23:11:58 ----D---- C:\Windows\system32\DriverStore
2014-02-21 23:11:58 ----D---- C:\Windows\system32\catroot
2014-02-21 23:11:57 ----D---- C:\Windows\inf
2014-02-21 20:34:53 ----D---- C:\Windows\system32\Tasks
2014-02-21 20:34:40 ----D---- C:\Windows\system32\drivers
2014-02-21 20:34:24 ----D---- C:\Windows\winsxs
2014-02-21 20:34:24 ----D---- C:\Windows\System32
2014-02-21 20:34:23 ----AD---- C:\Windows
2014-02-21 13:06:40 ----D---- C:\Users\Anička\AppData\Roaming\Skype
2014-02-21 10:00:02 ----D---- C:\Windows\Prefetch
2014-02-21 08:58:32 ----D---- C:\Windows\Minidump
2014-02-20 00:05:16 ----D---- C:\Windows\system32\config
2014-02-17 07:58:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-02-17 07:53:32 ----D---- C:\Program Files\Google
2014-02-16 13:07:36 ----D---- C:\Windows\system32\catroot2
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-02-21 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-02-21 180248]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-01-20 195296]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2014-02-21 79720]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2014-02-21 775952]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2014-02-21 410784]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-04-19 242240]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2014-02-21 67824]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 100328]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-13 1035776]
R3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2014-02-21 64168]
R3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athr.sys [2009-07-13 1096704]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2010-11-20 60416]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2009-07-13 43008]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-20 84992]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-05-09 196400]
S1 chyceozj;chyceozj; \??\C:\Windows\system32\drivers\chyceozj.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2010-11-20 393216]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-20 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-20 25600]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 15872]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-02-21 50344]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 20456]
R2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8; C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe [2012-09-18 197128]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\system32\NLSSRV32.EXE [2012-09-18 69640]
R2 PenWesController;Penwes.com Service; C:\Program Files\Penwes\PenwesService.exe [2013-10-19 1515008]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]
R2 RosettaStoneDaemon;RosettaStoneDaemon; C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe [2011-03-31 1646056]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 295232]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-19 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-09-05 171680]
S2 Update LinkSwift;Update LinkSwift; C:\Program Files\LinkSwift\updateLinkSwift.exe []
S2 Util LinkSwift;Util LinkSwift; C:\Program Files\LinkSwift\bin\utilLinkSwift.exe []
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-11-09 1045256]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-19 116648]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-11-07 194032]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
DNS server sa sam meni na 127.0.0.1
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119534
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: DNS server sa sam meni na 127.0.0.1
Zdravím!
Jak je na tom váš oper. systém s legalitou?
Jak je na tom váš oper. systém s legalitou?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: DNS server sa sam meni na 127.0.0.1
mal by byt originalny, ale niesom si isty
problem bol kazdopadne medzitym vyrieseny, interet uz funguje, rovnako spravne funguje i DNS:
Dakujem inak za Vas cas, myslim ze problem by mal byt vyrieseny.
problem bol kazdopadne medzitym vyrieseny, interet uz funguje, rovnako spravne funguje i DNS:
pouzity tento postup, zrejme sa teda o vir nejednalo1. Click Start. Type cmd in the Start Search box, and then press ENTER.
2. At the command prompt, type the following command, and then press ENTER:
ipconfig /flushdns (there is a space between ipconfig and / )
It will show the message successfully flushed the DNS resolver cache.
3. At the command prompt, type the following command, and then press ENTER:
ipconfig /registerdns (there is a space between ipconfig and / )
4. At the command prompt, type the following command, and then press ENTER:
ipconfig /all (there is a space between ipconfig and /)
The ipconfig /all command displays Windows TCP/IP settings for all your network adapters.
Dakujem inak za Vas cas, myslim ze problem by mal byt vyrieseny.
-
Rudy
- Site Admin
- Příspěvky: 119534
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: DNS server sa sam meni na 127.0.0.1
Takže řešit problém budeme, až si jistý budete. Pokud je váš systém legální, měl byste mít na skříni PC vylepenu COA s textem Microsoft Windows7 Ultimate. Toto fórum cracklé oper. systémy neřeší: http://forum.viry.cz/viewtopic.php?f=12&t=115512 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: DNS server sa sam meni na 127.0.0.1
Potvrdzujem ze win 7 je originalny. Bol v ramci vybavy NTB pri jeho zakupeni. Takze ak je nieco treba fixnut podla logu, pocuvam 
.
.Re: DNS server sa sam meni na 127.0.0.1
naviac po restarte to znova prestalo fungovat, takze je dost mozne ze to zase bude vir 
-
Rudy
- Site Admin
- Příspěvky: 119534
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: DNS server sa sam meni na 127.0.0.1
Zkusíme tento postup:
Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:
Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:
a klikněte na >Prohledat<. Vložte oba logy.CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*loader* /s
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: DNS server sa sam meni na 127.0.0.1
OTL logfile created on: 7. 3. 2014 16:22:29 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Anička\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
2,99 Gb Total Physical Memory | 0,91 Gb Available Physical Memory | 30,54% Memory free
5,98 Gb Paging File | 3,56 Gb Available in Paging File | 59,56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 156,25 Gb Total Space | 23,41 Gb Free Space | 14,99% Space Free | Partition Type: NTFS
Drive D: | 141,83 Gb Total Space | 116,49 Gb Free Space | 82,13% Space Free | Partition Type: NTFS
Drive G: | 667,62 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: ANICKA-PC | User Name: Anička | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/03/07 15:33:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Anička\Downloads\OTL.exe
PRC - [2014/03/02 03:35:27 | 000,859,464 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014/02/28 16:25:22 | 006,118,400 | ---- | M] (Spotify Ltd) -- C:\Users\Anička\AppData\Roaming\Spotify\spotify.exe
PRC - [2014/02/28 16:25:06 | 001,171,968 | ---- | M] (Spotify Ltd) -- C:\Users\Anička\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2014/02/28 16:25:05 | 000,603,648 | ---- | M] () -- C:\Users\Anička\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
PRC - [2014/02/21 20:34:07 | 003,767,096 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/02/21 20:34:07 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/02/18 14:47:06 | 002,889,256 | ---- | M] (MyPCBackup.com) -- C:\Program Files\MyPC Backup\MyPC Backup.exe
PRC - [2014/02/18 14:47:06 | 000,036,392 | ---- | M] (Just Develop It) -- C:\Program Files\MyPC Backup\BackupStack.exe
PRC - [2014/01/13 14:22:34 | 001,286,656 | ---- | M] (Megaify Software Co., Ltd.) -- C:\Program Files\DriverToolkit\DriverToolkit.exe
PRC - [2014/01/03 01:32:12 | 001,363,616 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014/01/03 01:32:04 | 001,748,640 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2013/10/19 17:45:22 | 001,712,640 | ---- | M] () -- C:\Program Files\PenWes\Penwes.exe
PRC - [2013/10/19 14:54:24 | 001,515,008 | ---- | M] () -- C:\Program Files\PenWes\PenWesService.exe
PRC - [2013/01/27 10:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013/01/27 10:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/01/27 10:11:06 | 000,947,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/10/01 20:38:00 | 021,689,472 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office15\WINPROJ.EXE
PRC - [2012/09/23 19:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/09/18 13:28:32 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\System32\NLSSRV32.EXE
PRC - [2012/09/18 13:28:28 | 000,197,128 | ---- | M] (Nitro PDF Software) -- C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe
PRC - [2011/03/31 18:19:44 | 001,646,056 | ---- | M] (Rosetta Stone Ltd.) -- C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe
PRC - [2010/11/20 22:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 22:29:19 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/11/20 22:29:12 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
PRC - [2010/11/20 22:29:10 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2010/07/10 23:28:06 | 000,416,522 | ---- | M] () -- C:\Windows\AutoKMS.exe
PRC - [2010/03/29 19:26:00 | 000,227,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
PRC - [2010/03/27 07:38:44 | 001,422,168 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
PRC - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2001/01/13 01:15:44 | 000,054,272 | ---- | M] () -- C:\ProgramData\AutoKMS\Resources\MSGBox\Messagebox.exe
========== Modules (No Company Name) ==========
MOD - [2014/03/02 03:35:25 | 000,394,568 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.146\ppgooglenaclpluginchrome.dll
MOD - [2014/03/02 03:35:24 | 013,632,840 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll
MOD - [2014/03/02 03:35:23 | 004,061,000 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.146\pdf.dll
MOD - [2014/03/02 03:35:20 | 000,716,616 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.146\libglesv2.dll
MOD - [2014/03/02 03:35:19 | 000,100,168 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.146\libegl.dll
MOD - [2014/03/02 03:35:17 | 001,647,432 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.146\ffmpegsumo.dll
MOD - [2014/03/02 03:35:15 | 000,051,016 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.146\chrome_elf.dll
MOD - [2014/02/28 16:25:07 | 036,967,424 | ---- | M] () -- C:\Users\Anička\AppData\Roaming\Spotify\Data\libcef.dll
MOD - [2014/02/28 16:25:06 | 000,109,568 | ---- | M] () -- C:\Users\Anička\AppData\Roaming\Spotify\Data\libEGL.dll
MOD - [2014/02/28 16:25:05 | 000,887,808 | ---- | M] () -- C:\Users\Anička\AppData\Roaming\Spotify\Data\libGLESv2.dll
MOD - [2014/02/28 16:25:05 | 000,603,648 | ---- | M] () -- C:\Users\Anička\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
MOD - [2014/02/21 20:34:12 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/02/18 14:38:26 | 000,012,288 | ---- | M] () -- C:\Program Files\MyPC Backup\GetText.dll
MOD - [2013/11/22 15:02:25 | 000,911,872 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll
MOD - [2013/10/19 17:45:22 | 001,712,640 | ---- | M] () -- C:\Program Files\PenWes\Penwes.exe
MOD - [2013/04/09 22:55:54 | 000,093,032 | ---- | M] () -- C:\Program Files\DriverToolkit\zlibwapi.dll
MOD - [2012/09/18 13:28:38 | 002,673,672 | ---- | M] () -- C:\Program Files\Nitro\Pro 8\wxmsw28u_core_vc_pro8.dll
MOD - [2012/09/18 13:28:38 | 000,481,288 | ---- | M] () -- C:\Program Files\Nitro\Pro 8\wxmsw28u_xrc_vc_pro8.dll
MOD - [2012/09/18 13:28:38 | 000,450,056 | ---- | M] () -- C:\Program Files\Nitro\Pro 8\wxmsw28u_html_vc_pro8.dll
MOD - [2012/09/18 13:28:36 | 001,145,864 | ---- | M] () -- C:\Program Files\Nitro\Pro 8\wxbase28u_vc_pro8.dll
MOD - [2012/09/18 13:28:36 | 000,682,504 | ---- | M] () -- C:\Program Files\Nitro\Pro 8\wxmsw28u_adv_vc_pro8.dll
MOD - [2012/09/18 13:28:36 | 000,123,400 | ---- | M] () -- C:\Program Files\Nitro\Pro 8\wxbase28u_xml_vc_pro8.dll
MOD - [2010/11/21 02:15:49 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_cs_b77a5c561934e089\System.resources.dll
MOD - [2010/11/21 02:15:48 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/11/20 22:52:33 | 000,628,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\887ef2648686aad19feff405eddbffd2\System.EnterpriseServices.ni.dll
MOD - [2010/11/20 22:52:33 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\ad18f93fc713db2c4b29b25116c13bd8\System.Transactions.ni.dll
MOD - [2010/11/20 22:52:32 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\1e85062785e286cd9eae9c26d2c61f73\System.Data.ni.dll
MOD - [2010/11/20 22:52:10 | 012,432,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll
MOD - [2010/11/20 22:52:03 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll
MOD - [2010/11/20 22:50:41 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\461d3b6b3f43e6fbe6c897d5936e17e4\System.Xml.ni.dll
MOD - [2010/11/20 22:50:37 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bc09ad2d49d8535371845cd7532f9271\System.Configuration.ni.dll
MOD - [2010/11/20 22:50:36 | 007,963,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll
MOD - [2010/11/20 22:50:29 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll
MOD - [2010/11/20 22:29:11 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/01/30 01:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009/06/10 22:23:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Program Files\LinkSwift\bin\utilLinkSwift.exe -- (Util LinkSwift)
SRV - File not found [Auto | Stopped] -- C:\Program Files\LinkSwift\updateLinkSwift.exe -- (Update LinkSwift)
SRV - [2014/02/21 20:34:07 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014/02/18 14:47:06 | 000,036,392 | ---- | M] (Just Develop It) [Auto | Running] -- C:\Program Files\MyPC Backup\BackupStack.exe -- (BackupStack)
SRV - [2014/01/03 01:32:12 | 001,363,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014/01/03 01:32:04 | 001,748,640 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2013/11/09 23:42:35 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/10/19 14:54:24 | 001,515,008 | ---- | M] () [Auto | Running] -- C:\Program Files\PenWes\PenWesService.exe -- (PenWesController)
SRV - [2013/01/27 10:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/01/27 10:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/09/23 19:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/09/18 13:28:32 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\System32\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2012/09/18 13:28:28 | 000,197,128 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe -- (NitroDriverReadSpool8)
SRV - [2011/03/31 18:19:44 | 001,646,056 | ---- | M] (Rosetta Stone Ltd.) [Auto | Running] -- C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe -- (RosettaStoneDaemon)
SRV - [2010/03/25 09:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\chyceozj.sys -- (chyceozj)
DRV - [2014/02/21 20:34:15 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014/02/21 20:34:15 | 000,410,784 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2014/02/21 20:34:15 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/02/21 20:34:15 | 000,064,168 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\aswStm.sys -- (aswStm)
DRV - [2014/02/21 20:34:14 | 000,079,720 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2014/02/21 20:34:14 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014/02/21 20:34:14 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/04/19 14:38:10 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2013/01/20 14:59:04 | 000,100,328 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2010/11/20 22:29:34 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 22:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 22:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - [2010/11/20 22:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2010/11/20 22:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010/11/20 22:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 22:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 22:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010/11/20 22:29:03 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV - [2010/11/20 22:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 22:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/13 23:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/13 23:02:52 | 000,043,008 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2009/07/13 23:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?publisher=Snapd ... 22/11/2013
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?publisher=Snapd ... 22/11/2013
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://feed.snapdo.com/?publisher=Snapd ... 22/11/2013
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 10 40 E6 2C FF 3C CE 01 [binary data]
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?publisher=Snapd ... 22/11/2013
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?publisher=Snapd ... 22/11/2013
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... VI_csIT563
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://feed.snapdo.com/?publisher=Snapd ... 22/11/2013"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - prefs.js..keyword.URL: "http://feed.snapdo.com/?publisher=Snapd ... 11/2013&q="
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/02/24 10:36:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2013/04/28 19:27:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anička\AppData\Roaming\Mozilla\Extensions
[2014/02/14 10:50:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anička\AppData\Roaming\Mozilla\Firefox\Profiles\dz1i4fbk.default\Extensions
[2014/02/14 10:50:28 | 000,940,775 | ---- | M] () (No name found) -- C:\Users\Anička\AppData\Roaming\Mozilla\Firefox\Profiles\dz1i4fbk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/02/23 15:23:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/02/15 10:28:17 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://feed.snapdo.com/?publisher=Snapd ... 22/11/2013
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\33.0.1750.146\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - Extension: Dokumenty Google = C:\Users\Anička\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Users\Anička\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Anička\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Anička\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.4_0\
CHR - Extension: H013Eada0165 v Google = C:\Users\Anička\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Users\Anička\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2013.75_0\
CHR - Extension: PeĹaĹľenka Google = C:\Users\Anička\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Anička\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-773910472-3044729245-3086565107-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-773910472-3044729245-3086565107-1000..\Run: [Spotify] C:\Users\Anička\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-773910472-3044729245-3086565107-1000..\Run: [Spotify Web Helper] C:\Users\Anička\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Anička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
O4 - Startup: C:\Users\Anička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 147.229.190.143 147.229.191.143
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5EE36BB7-909A-46BF-9F9E-7AD7E2EA98E7}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6A26752F-0138-440C-B68B-907535414F42}: NameServer = 127.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F558F88A-ADAF-42A1-AF02-232A0B94FC1F}: DhcpNameServer = 147.229.190.143 147.229.191.143
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F558F88A-ADAF-42A1-AF02-232A0B94FC1F}: NameServer = 127.0.0.1
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012/09/18 21:57:25 | 000,000,175 | R--- | M] () - G:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{bf8da687-a8f1-11e2-ac19-00248cb40fda}\Shell - "" = AutoRun
O33 - MountPoints2\{bf8da687-a8f1-11e2-ac19-00248cb40fda}\Shell\AutoRun\command - "" = G:\setup.exe -- [2012/11/10 19:16:50 | 000,207,448 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{bf8da687-a8f1-11e2-ac19-00248cb40fda}\Shell\configure\command - "" = G:\setup.exe -- [2012/11/10 19:16:50 | 000,207,448 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{bf8da687-a8f1-11e2-ac19-00248cb40fda}\Shell\install\command - "" = G:\setup.exe -- [2012/11/10 19:16:50 | 000,207,448 | R--- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/03/07 15:28:00 | 000,000,000 | ---D | C] -- C:\Users\Anička\AppData\Local\Skype
[2014/03/07 15:27:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014/03/07 15:27:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2014/03/07 15:21:01 | 000,000,000 | ---D | C] -- C:\ProgramData\AutoKMS
[2014/03/07 15:11:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2014/03/07 15:11:52 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1991-06.com.microsoft
[2014/03/03 23:16:24 | 000,000,000 | ---D | C] -- C:\Users\Anička\JobChallenge2014
[2014/03/03 17:29:44 | 000,000,000 | ---D | C] -- C:\Users\Anička\KB
[2014/03/02 14:53:37 | 000,000,000 | -H-D | C] -- C:\Users\Anička\.picasaoriginals
[2014/02/28 16:25:24 | 000,000,000 | ---D | C] -- C:\Users\Anička\AppData\Local\Spotify
[2014/02/28 16:24:47 | 000,000,000 | ---D | C] -- C:\Users\Anička\AppData\Roaming\Spotify
[2014/02/28 00:36:54 | 000,000,000 | ---D | C] -- C:\Users\Anička\rf bakalarka
[2014/02/28 00:05:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2014/02/28 00:05:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2014/02/24 12:26:30 | 000,000,000 | ---D | C] -- C:\Users\Anička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
[2014/02/24 12:26:21 | 000,000,000 | ---D | C] -- C:\Program Files\MyPC Backup
[2014/02/24 12:22:01 | 000,000,000 | ---D | C] -- C:\Users\Anička\AppData\Local\DriverToolkit
[2014/02/24 12:21:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
[2014/02/24 12:21:54 | 000,000,000 | ---D | C] -- C:\Program Files\DriverToolkit
[2014/02/24 12:20:56 | 002,243,616 | ---- | C] (Megaify Software ) -- C:\Users\Anička\Documents\driver_setup.exe
[2014/02/22 14:41:03 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014/02/22 14:41:03 | 000,000,000 | ---D | C] -- C:\rsit
[2014/02/21 21:26:56 | 000,000,000 | ---D | C] -- C:\Users\Anička\AppData\Roaming\AVAST Software
[2014/02/21 20:35:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/02/21 20:34:40 | 000,064,168 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswStm.sys
[2014/02/21 20:34:38 | 000,775,952 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014/02/21 20:34:37 | 000,410,784 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014/02/21 20:34:34 | 000,067,824 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/02/21 20:34:32 | 000,079,720 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014/02/21 20:34:24 | 000,270,240 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/02/21 20:34:13 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/02/21 20:33:17 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/02/21 20:29:44 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/02/16 18:42:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014/02/16 18:42:24 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/02/16 18:42:15 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/02/15 10:27:27 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/02/15 10:17:21 | 000,000,000 | -H-D | C] -- C:\Users\Anička\Corel Auto-Preserve
[2014/02/14 11:10:23 | 000,000,000 | ---D | C] -- C:\Users\Anička\AppData\Local\e-academy Inc
[2014/02/13 22:57:43 | 000,000,000 | ---D | C] -- C:\Users\Anička\synergic
[2014/02/13 16:22:20 | 000,000,000 | ---D | C] -- C:\Users\Anička\parfums
[2014/02/08 11:36:38 | 000,000,000 | ---D | C] -- C:\Users\Anička\benatky
========== Files - Modified Within 30 Days ==========
[2014/03/07 16:00:02 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/03/07 15:38:38 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/03/07 15:29:12 | 000,021,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/03/07 15:29:12 | 000,021,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/03/07 15:27:08 | 000,002,701 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/03/07 15:21:22 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/03/07 15:20:58 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\DriverToolkit Autorun.job
[2014/03/07 15:20:31 | 000,438,824 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/03/07 15:20:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/03/07 15:20:07 | 2409,029,632 | -HS- | M] () -- C:\hiberfil.sys
[2014/03/07 12:14:36 | 000,623,144 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2014/03/07 12:14:36 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/03/07 12:14:36 | 000,121,788 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2014/03/07 12:14:36 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/03/04 09:39:02 | 000,002,141 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/03/03 21:26:12 | 000,001,270 | ---- | M] () -- C:\Users\Anička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
[2014/03/02 23:45:10 | 001,677,920 | ---- | M] () -- C:\Users\Anička\20140228_211821.jpg
[2014/03/02 23:24:30 | 001,238,226 | ---- | M] () -- C:\Users\Anička\20140228_222130.jpg
[2014/03/02 23:17:47 | 000,002,041 | -H-- | M] () -- C:\Users\Anička\.picasa.ini
[2014/03/02 23:16:09 | 000,053,446 | ---- | M] () -- C:\Users\Anička\sosassiikk.jpg
[2014/03/02 23:14:03 | 000,340,377 | ---- | M] () -- C:\Users\Anička\sassiik.jpg
[2014/03/02 23:06:38 | 001,524,203 | ---- | M] () -- C:\Users\Anička\20140228_211602.jpg
[2014/03/02 23:05:11 | 000,492,019 | ---- | M] () -- C:\Users\Anička\20140228_2211531.jpg
[2014/03/02 23:04:44 | 000,319,537 | ---- | M] () -- C:\Users\Anička\20140228_211757.jpg
[2014/03/02 23:01:27 | 000,059,076 | ---- | M] () -- C:\Users\Anička\1896808_10203413038991256_1778048025_n.jpg
[2014/03/02 22:56:35 | 000,042,101 | ---- | M] () -- C:\Users\Anička\unnamed (1).jpg
[2014/03/02 22:56:25 | 000,035,161 | ---- | M] () -- C:\Users\Anička\unnamed.jpg
[2014/03/02 14:53:38 | 000,453,811 | ---- | M] () -- C:\Users\Anička\DSC_28022014.jpg
[2014/03/01 14:09:54 | 000,858,119 | ---- | M] () -- C:\Users\Anička\sasiiik.jpg
[2014/03/01 13:47:15 | 000,365,307 | ---- | M] () -- C:\Users\Anička\zlaticka.jpg
[2014/03/01 13:45:24 | 000,361,139 | ---- | M] () -- C:\Users\Anička\20140228_211647.jpg
[2014/03/01 13:36:22 | 001,514,263 | ---- | M] () -- C:\Users\Anička\sasuliacicek.jpg
[2014/03/01 11:25:41 | 000,065,033 | ---- | M] () -- C:\Users\Anička\MjAxMy05OWUyYmY4NDlmMGE1YzQ0.png
[2014/02/28 16:25:22 | 000,001,811 | ---- | M] () -- C:\Users\Anička\Desktop\Spotify.lnk
[2014/02/28 10:47:47 | 000,109,031 | ---- | M] () -- C:\Users\Anička\anička listok.pdf
[2014/02/28 10:46:47 | 000,109,335 | ---- | M] () -- C:\Users\Anička\verča listok.pdf
[2014/02/24 23:27:26 | 000,023,460 | ---- | M] () -- C:\Users\Anička\discojpg_132742403717026.jpg
[2014/02/24 12:26:49 | 000,001,915 | ---- | M] () -- C:\Users\Anička\Desktop\Sync Folder.lnk
[2014/02/24 12:26:31 | 000,001,055 | ---- | M] () -- C:\Users\Anička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[2014/02/24 12:26:31 | 000,001,045 | ---- | M] () -- C:\Users\Anička\Desktop\MyPC Backup.lnk
[2014/02/24 12:26:08 | 003,495,331 | ---- | M] () -- C:\Users\Anička\Documents\CMOS_Camera_D-Max_GD-5A35A_VT_071213.zip
[2014/02/24 12:25:41 | 000,632,152 | ---- | M] () -- C:\Users\Anička\Documents\DriverGuide_Driver_Download_1228356.exe
[2014/02/24 12:21:57 | 000,001,025 | ---- | M] () -- C:\Users\Public\Desktop\DriverToolkit.lnk
[2014/02/24 12:21:16 | 002,243,616 | ---- | M] (Megaify Software ) -- C:\Users\Anička\Documents\driver_setup.exe
[2014/02/24 11:06:36 | 000,202,363 | ---- | M] () -- C:\Users\Anička\potvrdenie_o_studiu13_14.pdf
[2014/02/24 10:37:23 | 000,002,119 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/02/23 09:49:53 | 000,293,769 | ---- | M] () -- C:\Users\Anička\malovanie win 7.jpg
[2014/02/21 20:34:15 | 000,775,952 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014/02/21 20:34:15 | 000,410,784 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014/02/21 20:34:15 | 000,180,248 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/02/21 20:34:15 | 000,064,168 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswStm.sys
[2014/02/21 20:34:14 | 000,079,720 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014/02/21 20:34:14 | 000,067,824 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/02/21 20:34:14 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/02/21 20:34:13 | 000,270,240 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/02/21 20:34:13 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/02/21 08:58:30 | 214,581,629 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/02/18 15:45:18 | 000,119,308 | ---- | M] () -- C:\Users\Anička\Desktop\CHECK-OUT SELF-CERTIFICATION.pdf
[2014/02/18 11:37:28 | 000,061,190 | ---- | M] () -- C:\Users\Anička\Audi-4-rings-604x272.jpg
[2014/02/16 19:51:42 | 000,081,474 | ---- | M] () -- C:\Users\Anička\IMG-20140215-WA0000.jpg
[2014/02/15 12:07:26 | 000,059,699 | ---- | M] () -- C:\Users\Anička\sasiicek.jpg
[2014/02/15 12:05:03 | 000,056,938 | ---- | M] () -- C:\Users\Anička\sasicek.jpg
[2014/02/15 10:21:44 | 000,080,069 | ---- | M] () -- C:\Users\Anička\livinka.jpg
[2014/02/15 10:19:04 | 000,075,665 | ---- | M] () -- C:\Users\Anička\slivicek.jpg
[2014/02/15 10:17:21 | 000,081,148 | ---- | M] () -- C:\Users\Anička\slivik.jpg
[2014/02/15 10:12:03 | 000,149,965 | ---- | M] () -- C:\Users\Anička\sosasicek.jpg
[2014/02/14 11:10:24 | 000,003,147 | ---- | M] () -- C:\Users\Anička\Desktop\Shortcut to SecureDownloadManager.exe.lnk
[2014/02/12 12:44:29 | 000,305,994 | ---- | M] () -- C:\Users\Anička\kruljac_stanislav_potvrdenie_o_navsteve_skoly.jpg
[2014/02/11 22:02:07 | 000,046,224 | ---- | M] () -- C:\Users\Anička\bitcoin.JPG
[2014/02/11 18:41:43 | 000,065,968 | ---- | M] () -- C:\Users\Anička\ČSOB InternetBanking 24-faktura za december.pdf
[2014/02/11 11:06:20 | 000,038,922 | ---- | M] () -- C:\Users\Anička\jedalniček.JPG
[2014/02/10 12:51:49 | 000,173,553 | ---- | M] () -- C:\Users\Anička\Anna_Kruljacová_CV_EN.pdf
[2014/02/10 12:21:20 | 000,177,087 | ---- | M] () -- C:\Users\Anička\Anna_Kruljacová_CV_SK.pdf
[2014/02/08 05:05:38 | 000,755,499 | ---- | M] () -- C:\Users\Anička\DSC_03461.jpg
[2014/02/08 05:03:11 | 001,298,440 | ---- | M] () -- C:\Users\Anička\DSC_0346.jpg
[2014/02/06 19:48:05 | 000,063,434 | ---- | M] () -- C:\Users\Anička\Desktop\Castle - 06x14 - Dressed To Kill.Dimension.srt
========== Files Created - No Company Name ==========
[2014/03/07 15:38:37 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/03/07 15:27:08 | 000,002,701 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/03/02 23:45:09 | 001,677,920 | ---- | C] () -- C:\Users\Anička\20140228_211821.jpg
[2014/03/02 23:24:28 | 001,238,226 | ---- | C] () -- C:\Users\Anička\20140228_222130.jpg
[2014/03/02 23:16:09 | 000,053,446 | ---- | C] () -- C:\Users\Anička\sosassiikk.jpg
[2014/03/02 23:14:03 | 000,340,377 | ---- | C] () -- C:\Users\Anička\sassiik.jpg
[2014/03/02 23:06:37 | 001,524,203 | ---- | C] () -- C:\Users\Anička\20140228_211602.jpg
[2014/03/02 23:05:11 | 000,492,019 | ---- | C] () -- C:\Users\Anička\20140228_2211531.jpg
[2014/03/02 23:04:44 | 000,319,537 | ---- | C] () -- C:\Users\Anička\20140228_211757.jpg
[2014/03/02 23:01:27 | 000,059,076 | ---- | C] () -- C:\Users\Anička\1896808_10203413038991256_1778048025_n.jpg
[2014/03/02 22:56:33 | 000,042,101 | ---- | C] () -- C:\Users\Anička\unnamed (1).jpg
[2014/03/02 22:56:25 | 000,035,161 | ---- | C] () -- C:\Users\Anička\unnamed.jpg
[2014/03/02 21:39:37 | 000,136,651 | ---- | C] () -- C:\Users\Anička\Silver.Linings.Playbook.2012.720p.x264.YIFY.srt
[2014/03/02 21:39:07 | 839,469,841 | ---- | C] () -- C:\Users\Anička\Silver.Linings.Playbook.2012.720p.x264.YIFY.mp4
[2014/03/02 14:53:38 | 000,453,811 | ---- | C] () -- C:\Users\Anička\DSC_28022014.jpg
[2014/03/01 14:09:54 | 000,858,119 | ---- | C] () -- C:\Users\Anička\sasiiik.jpg
[2014/03/01 13:47:13 | 000,365,307 | ---- | C] () -- C:\Users\Anička\zlaticka.jpg
[2014/03/01 13:45:24 | 000,361,139 | ---- | C] () -- C:\Users\Anička\20140228_211647.jpg
[2014/03/01 13:36:22 | 001,514,263 | ---- | C] () -- C:\Users\Anička\sasuliacicek.jpg
[2014/03/01 11:25:40 | 000,065,033 | ---- | C] () -- C:\Users\Anička\MjAxMy05OWUyYmY4NDlmMGE1YzQ0.png
[2014/02/28 16:25:22 | 000,001,811 | ---- | C] () -- C:\Users\Anička\Desktop\Spotify.lnk
[2014/02/28 16:25:22 | 000,001,797 | ---- | C] () -- C:\Users\Anička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2014/02/28 10:47:47 | 000,109,031 | ---- | C] () -- C:\Users\Anička\anička listok.pdf
[2014/02/28 10:46:47 | 000,109,335 | ---- | C] () -- C:\Users\Anička\verča listok.pdf
[2014/02/24 23:27:21 | 000,023,460 | ---- | C] () -- C:\Users\Anička\discojpg_132742403717026.jpg
[2014/02/24 12:26:49 | 000,001,915 | ---- | C] () -- C:\Users\Anička\Desktop\Sync Folder.lnk
[2014/02/24 12:26:32 | 000,000,348 | ---- | C] () -- C:\Windows\tasks\DriverToolkit Autorun.job
[2014/02/24 12:26:31 | 000,001,055 | ---- | C] () -- C:\Users\Anička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[2014/02/24 12:26:31 | 000,001,045 | ---- | C] () -- C:\Users\Anička\Desktop\MyPC Backup.lnk
[2014/02/24 12:26:08 | 003,495,331 | ---- | C] () -- C:\Users\Anička\Documents\CMOS_Camera_D-Max_GD-5A35A_VT_071213.zip
[2014/02/24 12:25:31 | 000,632,152 | ---- | C] () -- C:\Users\Anička\Documents\DriverGuide_Driver_Download_1228356.exe
[2014/02/24 12:21:57 | 000,001,025 | ---- | C] () -- C:\Users\Public\Desktop\DriverToolkit.lnk
[2014/02/24 11:06:35 | 000,202,363 | ---- | C] () -- C:\Users\Anička\potvrdenie_o_studiu13_14.pdf
[2014/02/23 09:49:53 | 000,293,769 | ---- | C] () -- C:\Users\Anička\malovanie win 7.jpg
[2014/02/21 20:35:12 | 000,002,119 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/02/21 20:34:39 | 000,180,248 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/02/21 20:34:36 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/02/18 15:45:18 | 000,119,308 | ---- | C] () -- C:\Users\Anička\Desktop\CHECK-OUT SELF-CERTIFICATION.pdf
[2014/02/18 11:37:28 | 000,061,190 | ---- | C] () -- C:\Users\Anička\Audi-4-rings-604x272.jpg
[2014/02/16 19:51:42 | 000,081,474 | ---- | C] () -- C:\Users\Anička\IMG-20140215-WA0000.jpg
[2014/02/15 12:07:26 | 000,059,699 | ---- | C] () -- C:\Users\Anička\sasiicek.jpg
[2014/02/15 12:05:03 | 000,056,938 | ---- | C] () -- C:\Users\Anička\sasicek.jpg
[2014/02/15 10:21:43 | 000,080,069 | ---- | C] () -- C:\Users\Anička\livinka.jpg
[2014/02/15 10:19:03 | 000,075,665 | ---- | C] () -- C:\Users\Anička\slivicek.jpg
[2014/02/15 10:12:03 | 000,149,965 | ---- | C] () -- C:\Users\Anička\sosasicek.jpg
[2014/02/15 10:10:25 | 000,081,148 | ---- | C] () -- C:\Users\Anička\slivik.jpg
[2014/02/12 12:44:29 | 000,305,994 | ---- | C] () -- C:\Users\Anička\kruljac_stanislav_potvrdenie_o_navsteve_skoly.jpg
[2014/02/11 22:02:06 | 000,046,224 | ---- | C] () -- C:\Users\Anička\bitcoin.JPG
[2014/02/11 18:41:43 | 000,065,968 | ---- | C] () -- C:\Users\Anička\ČSOB InternetBanking 24-faktura za december.pdf
[2014/02/11 11:06:20 | 000,038,922 | ---- | C] () -- C:\Users\Anička\jedalniček.JPG
[2014/02/10 12:51:48 | 000,173,553 | ---- | C] () -- C:\Users\Anička\Anna_Kruljacová_CV_EN.pdf
[2014/02/10 12:21:17 | 000,177,087 | ---- | C] () -- C:\Users\Anička\Anna_Kruljacová_CV_SK.pdf
[2014/02/08 05:05:34 | 000,755,499 | ---- | C] () -- C:\Users\Anička\DSC_03461.jpg
[2014/02/08 05:03:11 | 001,298,440 | ---- | C] () -- C:\Users\Anička\DSC_0346.jpg
[2014/02/05 21:05:22 | 000,063,434 | ---- | C] () -- C:\Users\Anička\Desktop\Castle - 06x14 - Dressed To Kill.Dimension.srt
[2014/02/03 09:38:10 | 000,176,858 | ---- | C] () -- C:\Users\Anička\Anna_Kruljacová_CV.pdf
[2014/02/01 17:53:45 | 000,013,092 | ---- | C] () -- C:\Users\Anička\anicka_fotka.jpg
[2014/02/01 17:53:00 | 000,015,480 | ---- | C] () -- C:\Users\Anička\anička.jpg
[2014/02/01 12:40:16 | 000,077,143 | ---- | C] () -- C:\Users\Anička\anička_rozvrh.JPG
[2014/01/30 15:53:02 | 000,095,498 | ---- | C] () -- C:\Users\Anička\rozvrh LV.jpg
[2014/01/26 02:04:42 | 000,300,727 | ---- | C] () -- C:\Users\Anička\IMG_16032012_213327.png
[2014/01/08 16:12:36 | 000,173,744 | ---- | C] () -- C:\Users\Anička\creeta2.jpg
[2014/01/08 16:08:31 | 000,180,213 | ---- | C] () -- C:\Users\Anička\creeta.jpg
[2014/01/08 16:07:45 | 000,164,618 | ---- | C] () -- C:\Users\Anička\creta.jpg
[2013/12/15 11:54:56 | 000,002,041 | -H-- | C] () -- C:\Users\Anička\.picasa.ini
[2013/11/09 19:04:02 | 000,007,680 | ---- | C] () -- C:\Users\Anička\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/04/19 15:17:04 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2013/04/19 15:04:14 | 000,416,522 | ---- | C] () -- C:\Windows\AutoKMS.exe
========== ZeroAccess Check ==========
[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/11/20 22:29:11 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2014/02/21 21:26:56 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\AVAST Software
[2013/11/18 16:06:46 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Canon
[2013/11/10 21:09:30 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\com.prezi.PreziDesktop
[2013/04/19 14:39:50 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\DAEMON Tools Lite
[2013/11/10 01:29:02 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Dextronet
[2013/04/28 10:36:23 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Downloaded Installations
[2013/05/10 14:31:35 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\e-academy Inc
[2013/04/28 10:53:58 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\FileOpen
[2013/09/21 18:30:07 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\FUJIFILM
[2014/01/08 15:31:32 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\IsolatedStorage
[2014/01/13 00:29:57 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Nitro
[2013/11/21 12:57:06 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Nitro PDF
[2014/01/08 22:33:47 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Solvusoft
[2014/03/07 16:13:27 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Spotify
[2013/11/07 22:10:30 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Ulead Systems
========== Purity Check ==========
< End of report >
druhy log sa vraj nejak zmazal a nikde ho nie je
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Anička\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
2,99 Gb Total Physical Memory | 0,91 Gb Available Physical Memory | 30,54% Memory free
5,98 Gb Paging File | 3,56 Gb Available in Paging File | 59,56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 156,25 Gb Total Space | 23,41 Gb Free Space | 14,99% Space Free | Partition Type: NTFS
Drive D: | 141,83 Gb Total Space | 116,49 Gb Free Space | 82,13% Space Free | Partition Type: NTFS
Drive G: | 667,62 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: ANICKA-PC | User Name: Anička | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/03/07 15:33:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Anička\Downloads\OTL.exe
PRC - [2014/03/02 03:35:27 | 000,859,464 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014/02/28 16:25:22 | 006,118,400 | ---- | M] (Spotify Ltd) -- C:\Users\Anička\AppData\Roaming\Spotify\spotify.exe
PRC - [2014/02/28 16:25:06 | 001,171,968 | ---- | M] (Spotify Ltd) -- C:\Users\Anička\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2014/02/28 16:25:05 | 000,603,648 | ---- | M] () -- C:\Users\Anička\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
PRC - [2014/02/21 20:34:07 | 003,767,096 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/02/21 20:34:07 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/02/18 14:47:06 | 002,889,256 | ---- | M] (MyPCBackup.com) -- C:\Program Files\MyPC Backup\MyPC Backup.exe
PRC - [2014/02/18 14:47:06 | 000,036,392 | ---- | M] (Just Develop It) -- C:\Program Files\MyPC Backup\BackupStack.exe
PRC - [2014/01/13 14:22:34 | 001,286,656 | ---- | M] (Megaify Software Co., Ltd.) -- C:\Program Files\DriverToolkit\DriverToolkit.exe
PRC - [2014/01/03 01:32:12 | 001,363,616 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014/01/03 01:32:04 | 001,748,640 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2013/10/19 17:45:22 | 001,712,640 | ---- | M] () -- C:\Program Files\PenWes\Penwes.exe
PRC - [2013/10/19 14:54:24 | 001,515,008 | ---- | M] () -- C:\Program Files\PenWes\PenWesService.exe
PRC - [2013/01/27 10:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013/01/27 10:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/01/27 10:11:06 | 000,947,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/10/01 20:38:00 | 021,689,472 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office15\WINPROJ.EXE
PRC - [2012/09/23 19:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/09/18 13:28:32 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\System32\NLSSRV32.EXE
PRC - [2012/09/18 13:28:28 | 000,197,128 | ---- | M] (Nitro PDF Software) -- C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe
PRC - [2011/03/31 18:19:44 | 001,646,056 | ---- | M] (Rosetta Stone Ltd.) -- C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe
PRC - [2010/11/20 22:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 22:29:19 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/11/20 22:29:12 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
PRC - [2010/11/20 22:29:10 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2010/07/10 23:28:06 | 000,416,522 | ---- | M] () -- C:\Windows\AutoKMS.exe
PRC - [2010/03/29 19:26:00 | 000,227,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
PRC - [2010/03/27 07:38:44 | 001,422,168 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
PRC - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2001/01/13 01:15:44 | 000,054,272 | ---- | M] () -- C:\ProgramData\AutoKMS\Resources\MSGBox\Messagebox.exe
========== Modules (No Company Name) ==========
MOD - [2014/03/02 03:35:25 | 000,394,568 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.146\ppgooglenaclpluginchrome.dll
MOD - [2014/03/02 03:35:24 | 013,632,840 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll
MOD - [2014/03/02 03:35:23 | 004,061,000 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.146\pdf.dll
MOD - [2014/03/02 03:35:20 | 000,716,616 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.146\libglesv2.dll
MOD - [2014/03/02 03:35:19 | 000,100,168 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.146\libegl.dll
MOD - [2014/03/02 03:35:17 | 001,647,432 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.146\ffmpegsumo.dll
MOD - [2014/03/02 03:35:15 | 000,051,016 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.146\chrome_elf.dll
MOD - [2014/02/28 16:25:07 | 036,967,424 | ---- | M] () -- C:\Users\Anička\AppData\Roaming\Spotify\Data\libcef.dll
MOD - [2014/02/28 16:25:06 | 000,109,568 | ---- | M] () -- C:\Users\Anička\AppData\Roaming\Spotify\Data\libEGL.dll
MOD - [2014/02/28 16:25:05 | 000,887,808 | ---- | M] () -- C:\Users\Anička\AppData\Roaming\Spotify\Data\libGLESv2.dll
MOD - [2014/02/28 16:25:05 | 000,603,648 | ---- | M] () -- C:\Users\Anička\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
MOD - [2014/02/21 20:34:12 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/02/18 14:38:26 | 000,012,288 | ---- | M] () -- C:\Program Files\MyPC Backup\GetText.dll
MOD - [2013/11/22 15:02:25 | 000,911,872 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll
MOD - [2013/10/19 17:45:22 | 001,712,640 | ---- | M] () -- C:\Program Files\PenWes\Penwes.exe
MOD - [2013/04/09 22:55:54 | 000,093,032 | ---- | M] () -- C:\Program Files\DriverToolkit\zlibwapi.dll
MOD - [2012/09/18 13:28:38 | 002,673,672 | ---- | M] () -- C:\Program Files\Nitro\Pro 8\wxmsw28u_core_vc_pro8.dll
MOD - [2012/09/18 13:28:38 | 000,481,288 | ---- | M] () -- C:\Program Files\Nitro\Pro 8\wxmsw28u_xrc_vc_pro8.dll
MOD - [2012/09/18 13:28:38 | 000,450,056 | ---- | M] () -- C:\Program Files\Nitro\Pro 8\wxmsw28u_html_vc_pro8.dll
MOD - [2012/09/18 13:28:36 | 001,145,864 | ---- | M] () -- C:\Program Files\Nitro\Pro 8\wxbase28u_vc_pro8.dll
MOD - [2012/09/18 13:28:36 | 000,682,504 | ---- | M] () -- C:\Program Files\Nitro\Pro 8\wxmsw28u_adv_vc_pro8.dll
MOD - [2012/09/18 13:28:36 | 000,123,400 | ---- | M] () -- C:\Program Files\Nitro\Pro 8\wxbase28u_xml_vc_pro8.dll
MOD - [2010/11/21 02:15:49 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_cs_b77a5c561934e089\System.resources.dll
MOD - [2010/11/21 02:15:48 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/11/20 22:52:33 | 000,628,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\887ef2648686aad19feff405eddbffd2\System.EnterpriseServices.ni.dll
MOD - [2010/11/20 22:52:33 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\ad18f93fc713db2c4b29b25116c13bd8\System.Transactions.ni.dll
MOD - [2010/11/20 22:52:32 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\1e85062785e286cd9eae9c26d2c61f73\System.Data.ni.dll
MOD - [2010/11/20 22:52:10 | 012,432,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll
MOD - [2010/11/20 22:52:03 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll
MOD - [2010/11/20 22:50:41 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\461d3b6b3f43e6fbe6c897d5936e17e4\System.Xml.ni.dll
MOD - [2010/11/20 22:50:37 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bc09ad2d49d8535371845cd7532f9271\System.Configuration.ni.dll
MOD - [2010/11/20 22:50:36 | 007,963,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll
MOD - [2010/11/20 22:50:29 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll
MOD - [2010/11/20 22:29:11 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/01/30 01:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009/06/10 22:23:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Program Files\LinkSwift\bin\utilLinkSwift.exe -- (Util LinkSwift)
SRV - File not found [Auto | Stopped] -- C:\Program Files\LinkSwift\updateLinkSwift.exe -- (Update LinkSwift)
SRV - [2014/02/21 20:34:07 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014/02/18 14:47:06 | 000,036,392 | ---- | M] (Just Develop It) [Auto | Running] -- C:\Program Files\MyPC Backup\BackupStack.exe -- (BackupStack)
SRV - [2014/01/03 01:32:12 | 001,363,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014/01/03 01:32:04 | 001,748,640 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2013/11/09 23:42:35 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/10/19 14:54:24 | 001,515,008 | ---- | M] () [Auto | Running] -- C:\Program Files\PenWes\PenWesService.exe -- (PenWesController)
SRV - [2013/01/27 10:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/01/27 10:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/09/23 19:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/09/18 13:28:32 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\System32\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2012/09/18 13:28:28 | 000,197,128 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe -- (NitroDriverReadSpool8)
SRV - [2011/03/31 18:19:44 | 001,646,056 | ---- | M] (Rosetta Stone Ltd.) [Auto | Running] -- C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe -- (RosettaStoneDaemon)
SRV - [2010/03/25 09:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\chyceozj.sys -- (chyceozj)
DRV - [2014/02/21 20:34:15 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014/02/21 20:34:15 | 000,410,784 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2014/02/21 20:34:15 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/02/21 20:34:15 | 000,064,168 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\aswStm.sys -- (aswStm)
DRV - [2014/02/21 20:34:14 | 000,079,720 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2014/02/21 20:34:14 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014/02/21 20:34:14 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/04/19 14:38:10 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2013/01/20 14:59:04 | 000,100,328 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2010/11/20 22:29:34 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 22:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 22:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - [2010/11/20 22:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2010/11/20 22:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010/11/20 22:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 22:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 22:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010/11/20 22:29:03 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV - [2010/11/20 22:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 22:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/13 23:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/13 23:02:52 | 000,043,008 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2009/07/13 23:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?publisher=Snapd ... 22/11/2013
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?publisher=Snapd ... 22/11/2013
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://feed.snapdo.com/?publisher=Snapd ... 22/11/2013
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 10 40 E6 2C FF 3C CE 01 [binary data]
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?publisher=Snapd ... 22/11/2013
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?publisher=Snapd ... 22/11/2013
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... VI_csIT563
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://feed.snapdo.com/?publisher=Snapd ... 22/11/2013"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - prefs.js..keyword.URL: "http://feed.snapdo.com/?publisher=Snapd ... 11/2013&q="
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/02/24 10:36:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2013/04/28 19:27:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anička\AppData\Roaming\Mozilla\Extensions
[2014/02/14 10:50:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anička\AppData\Roaming\Mozilla\Firefox\Profiles\dz1i4fbk.default\Extensions
[2014/02/14 10:50:28 | 000,940,775 | ---- | M] () (No name found) -- C:\Users\Anička\AppData\Roaming\Mozilla\Firefox\Profiles\dz1i4fbk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/02/23 15:23:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/02/15 10:28:17 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://feed.snapdo.com/?publisher=Snapd ... 22/11/2013
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\33.0.1750.146\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - Extension: Dokumenty Google = C:\Users\Anička\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Users\Anička\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Anička\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Anička\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.4_0\
CHR - Extension: H013Eada0165 v Google = C:\Users\Anička\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Users\Anička\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2013.75_0\
CHR - Extension: PeĹaĹľenka Google = C:\Users\Anička\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Anička\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-773910472-3044729245-3086565107-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-773910472-3044729245-3086565107-1000..\Run: [Spotify] C:\Users\Anička\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-773910472-3044729245-3086565107-1000..\Run: [Spotify Web Helper] C:\Users\Anička\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Anička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
O4 - Startup: C:\Users\Anička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 147.229.190.143 147.229.191.143
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5EE36BB7-909A-46BF-9F9E-7AD7E2EA98E7}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6A26752F-0138-440C-B68B-907535414F42}: NameServer = 127.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F558F88A-ADAF-42A1-AF02-232A0B94FC1F}: DhcpNameServer = 147.229.190.143 147.229.191.143
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F558F88A-ADAF-42A1-AF02-232A0B94FC1F}: NameServer = 127.0.0.1
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012/09/18 21:57:25 | 000,000,175 | R--- | M] () - G:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{bf8da687-a8f1-11e2-ac19-00248cb40fda}\Shell - "" = AutoRun
O33 - MountPoints2\{bf8da687-a8f1-11e2-ac19-00248cb40fda}\Shell\AutoRun\command - "" = G:\setup.exe -- [2012/11/10 19:16:50 | 000,207,448 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{bf8da687-a8f1-11e2-ac19-00248cb40fda}\Shell\configure\command - "" = G:\setup.exe -- [2012/11/10 19:16:50 | 000,207,448 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{bf8da687-a8f1-11e2-ac19-00248cb40fda}\Shell\install\command - "" = G:\setup.exe -- [2012/11/10 19:16:50 | 000,207,448 | R--- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/03/07 15:28:00 | 000,000,000 | ---D | C] -- C:\Users\Anička\AppData\Local\Skype
[2014/03/07 15:27:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014/03/07 15:27:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2014/03/07 15:21:01 | 000,000,000 | ---D | C] -- C:\ProgramData\AutoKMS
[2014/03/07 15:11:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2014/03/07 15:11:52 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1991-06.com.microsoft
[2014/03/03 23:16:24 | 000,000,000 | ---D | C] -- C:\Users\Anička\JobChallenge2014
[2014/03/03 17:29:44 | 000,000,000 | ---D | C] -- C:\Users\Anička\KB
[2014/03/02 14:53:37 | 000,000,000 | -H-D | C] -- C:\Users\Anička\.picasaoriginals
[2014/02/28 16:25:24 | 000,000,000 | ---D | C] -- C:\Users\Anička\AppData\Local\Spotify
[2014/02/28 16:24:47 | 000,000,000 | ---D | C] -- C:\Users\Anička\AppData\Roaming\Spotify
[2014/02/28 00:36:54 | 000,000,000 | ---D | C] -- C:\Users\Anička\rf bakalarka
[2014/02/28 00:05:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2014/02/28 00:05:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2014/02/24 12:26:30 | 000,000,000 | ---D | C] -- C:\Users\Anička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
[2014/02/24 12:26:21 | 000,000,000 | ---D | C] -- C:\Program Files\MyPC Backup
[2014/02/24 12:22:01 | 000,000,000 | ---D | C] -- C:\Users\Anička\AppData\Local\DriverToolkit
[2014/02/24 12:21:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
[2014/02/24 12:21:54 | 000,000,000 | ---D | C] -- C:\Program Files\DriverToolkit
[2014/02/24 12:20:56 | 002,243,616 | ---- | C] (Megaify Software ) -- C:\Users\Anička\Documents\driver_setup.exe
[2014/02/22 14:41:03 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014/02/22 14:41:03 | 000,000,000 | ---D | C] -- C:\rsit
[2014/02/21 21:26:56 | 000,000,000 | ---D | C] -- C:\Users\Anička\AppData\Roaming\AVAST Software
[2014/02/21 20:35:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/02/21 20:34:40 | 000,064,168 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswStm.sys
[2014/02/21 20:34:38 | 000,775,952 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014/02/21 20:34:37 | 000,410,784 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014/02/21 20:34:34 | 000,067,824 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/02/21 20:34:32 | 000,079,720 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014/02/21 20:34:24 | 000,270,240 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/02/21 20:34:13 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/02/21 20:33:17 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/02/21 20:29:44 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/02/16 18:42:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014/02/16 18:42:24 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/02/16 18:42:15 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/02/15 10:27:27 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/02/15 10:17:21 | 000,000,000 | -H-D | C] -- C:\Users\Anička\Corel Auto-Preserve
[2014/02/14 11:10:23 | 000,000,000 | ---D | C] -- C:\Users\Anička\AppData\Local\e-academy Inc
[2014/02/13 22:57:43 | 000,000,000 | ---D | C] -- C:\Users\Anička\synergic
[2014/02/13 16:22:20 | 000,000,000 | ---D | C] -- C:\Users\Anička\parfums
[2014/02/08 11:36:38 | 000,000,000 | ---D | C] -- C:\Users\Anička\benatky
========== Files - Modified Within 30 Days ==========
[2014/03/07 16:00:02 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/03/07 15:38:38 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/03/07 15:29:12 | 000,021,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/03/07 15:29:12 | 000,021,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/03/07 15:27:08 | 000,002,701 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/03/07 15:21:22 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/03/07 15:20:58 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\DriverToolkit Autorun.job
[2014/03/07 15:20:31 | 000,438,824 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/03/07 15:20:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/03/07 15:20:07 | 2409,029,632 | -HS- | M] () -- C:\hiberfil.sys
[2014/03/07 12:14:36 | 000,623,144 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2014/03/07 12:14:36 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/03/07 12:14:36 | 000,121,788 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2014/03/07 12:14:36 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/03/04 09:39:02 | 000,002,141 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/03/03 21:26:12 | 000,001,270 | ---- | M] () -- C:\Users\Anička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
[2014/03/02 23:45:10 | 001,677,920 | ---- | M] () -- C:\Users\Anička\20140228_211821.jpg
[2014/03/02 23:24:30 | 001,238,226 | ---- | M] () -- C:\Users\Anička\20140228_222130.jpg
[2014/03/02 23:17:47 | 000,002,041 | -H-- | M] () -- C:\Users\Anička\.picasa.ini
[2014/03/02 23:16:09 | 000,053,446 | ---- | M] () -- C:\Users\Anička\sosassiikk.jpg
[2014/03/02 23:14:03 | 000,340,377 | ---- | M] () -- C:\Users\Anička\sassiik.jpg
[2014/03/02 23:06:38 | 001,524,203 | ---- | M] () -- C:\Users\Anička\20140228_211602.jpg
[2014/03/02 23:05:11 | 000,492,019 | ---- | M] () -- C:\Users\Anička\20140228_2211531.jpg
[2014/03/02 23:04:44 | 000,319,537 | ---- | M] () -- C:\Users\Anička\20140228_211757.jpg
[2014/03/02 23:01:27 | 000,059,076 | ---- | M] () -- C:\Users\Anička\1896808_10203413038991256_1778048025_n.jpg
[2014/03/02 22:56:35 | 000,042,101 | ---- | M] () -- C:\Users\Anička\unnamed (1).jpg
[2014/03/02 22:56:25 | 000,035,161 | ---- | M] () -- C:\Users\Anička\unnamed.jpg
[2014/03/02 14:53:38 | 000,453,811 | ---- | M] () -- C:\Users\Anička\DSC_28022014.jpg
[2014/03/01 14:09:54 | 000,858,119 | ---- | M] () -- C:\Users\Anička\sasiiik.jpg
[2014/03/01 13:47:15 | 000,365,307 | ---- | M] () -- C:\Users\Anička\zlaticka.jpg
[2014/03/01 13:45:24 | 000,361,139 | ---- | M] () -- C:\Users\Anička\20140228_211647.jpg
[2014/03/01 13:36:22 | 001,514,263 | ---- | M] () -- C:\Users\Anička\sasuliacicek.jpg
[2014/03/01 11:25:41 | 000,065,033 | ---- | M] () -- C:\Users\Anička\MjAxMy05OWUyYmY4NDlmMGE1YzQ0.png
[2014/02/28 16:25:22 | 000,001,811 | ---- | M] () -- C:\Users\Anička\Desktop\Spotify.lnk
[2014/02/28 10:47:47 | 000,109,031 | ---- | M] () -- C:\Users\Anička\anička listok.pdf
[2014/02/28 10:46:47 | 000,109,335 | ---- | M] () -- C:\Users\Anička\verča listok.pdf
[2014/02/24 23:27:26 | 000,023,460 | ---- | M] () -- C:\Users\Anička\discojpg_132742403717026.jpg
[2014/02/24 12:26:49 | 000,001,915 | ---- | M] () -- C:\Users\Anička\Desktop\Sync Folder.lnk
[2014/02/24 12:26:31 | 000,001,055 | ---- | M] () -- C:\Users\Anička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[2014/02/24 12:26:31 | 000,001,045 | ---- | M] () -- C:\Users\Anička\Desktop\MyPC Backup.lnk
[2014/02/24 12:26:08 | 003,495,331 | ---- | M] () -- C:\Users\Anička\Documents\CMOS_Camera_D-Max_GD-5A35A_VT_071213.zip
[2014/02/24 12:25:41 | 000,632,152 | ---- | M] () -- C:\Users\Anička\Documents\DriverGuide_Driver_Download_1228356.exe
[2014/02/24 12:21:57 | 000,001,025 | ---- | M] () -- C:\Users\Public\Desktop\DriverToolkit.lnk
[2014/02/24 12:21:16 | 002,243,616 | ---- | M] (Megaify Software ) -- C:\Users\Anička\Documents\driver_setup.exe
[2014/02/24 11:06:36 | 000,202,363 | ---- | M] () -- C:\Users\Anička\potvrdenie_o_studiu13_14.pdf
[2014/02/24 10:37:23 | 000,002,119 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/02/23 09:49:53 | 000,293,769 | ---- | M] () -- C:\Users\Anička\malovanie win 7.jpg
[2014/02/21 20:34:15 | 000,775,952 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014/02/21 20:34:15 | 000,410,784 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014/02/21 20:34:15 | 000,180,248 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/02/21 20:34:15 | 000,064,168 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswStm.sys
[2014/02/21 20:34:14 | 000,079,720 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014/02/21 20:34:14 | 000,067,824 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/02/21 20:34:14 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/02/21 20:34:13 | 000,270,240 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/02/21 20:34:13 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/02/21 08:58:30 | 214,581,629 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/02/18 15:45:18 | 000,119,308 | ---- | M] () -- C:\Users\Anička\Desktop\CHECK-OUT SELF-CERTIFICATION.pdf
[2014/02/18 11:37:28 | 000,061,190 | ---- | M] () -- C:\Users\Anička\Audi-4-rings-604x272.jpg
[2014/02/16 19:51:42 | 000,081,474 | ---- | M] () -- C:\Users\Anička\IMG-20140215-WA0000.jpg
[2014/02/15 12:07:26 | 000,059,699 | ---- | M] () -- C:\Users\Anička\sasiicek.jpg
[2014/02/15 12:05:03 | 000,056,938 | ---- | M] () -- C:\Users\Anička\sasicek.jpg
[2014/02/15 10:21:44 | 000,080,069 | ---- | M] () -- C:\Users\Anička\livinka.jpg
[2014/02/15 10:19:04 | 000,075,665 | ---- | M] () -- C:\Users\Anička\slivicek.jpg
[2014/02/15 10:17:21 | 000,081,148 | ---- | M] () -- C:\Users\Anička\slivik.jpg
[2014/02/15 10:12:03 | 000,149,965 | ---- | M] () -- C:\Users\Anička\sosasicek.jpg
[2014/02/14 11:10:24 | 000,003,147 | ---- | M] () -- C:\Users\Anička\Desktop\Shortcut to SecureDownloadManager.exe.lnk
[2014/02/12 12:44:29 | 000,305,994 | ---- | M] () -- C:\Users\Anička\kruljac_stanislav_potvrdenie_o_navsteve_skoly.jpg
[2014/02/11 22:02:07 | 000,046,224 | ---- | M] () -- C:\Users\Anička\bitcoin.JPG
[2014/02/11 18:41:43 | 000,065,968 | ---- | M] () -- C:\Users\Anička\ČSOB InternetBanking 24-faktura za december.pdf
[2014/02/11 11:06:20 | 000,038,922 | ---- | M] () -- C:\Users\Anička\jedalniček.JPG
[2014/02/10 12:51:49 | 000,173,553 | ---- | M] () -- C:\Users\Anička\Anna_Kruljacová_CV_EN.pdf
[2014/02/10 12:21:20 | 000,177,087 | ---- | M] () -- C:\Users\Anička\Anna_Kruljacová_CV_SK.pdf
[2014/02/08 05:05:38 | 000,755,499 | ---- | M] () -- C:\Users\Anička\DSC_03461.jpg
[2014/02/08 05:03:11 | 001,298,440 | ---- | M] () -- C:\Users\Anička\DSC_0346.jpg
[2014/02/06 19:48:05 | 000,063,434 | ---- | M] () -- C:\Users\Anička\Desktop\Castle - 06x14 - Dressed To Kill.Dimension.srt
========== Files Created - No Company Name ==========
[2014/03/07 15:38:37 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/03/07 15:27:08 | 000,002,701 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/03/02 23:45:09 | 001,677,920 | ---- | C] () -- C:\Users\Anička\20140228_211821.jpg
[2014/03/02 23:24:28 | 001,238,226 | ---- | C] () -- C:\Users\Anička\20140228_222130.jpg
[2014/03/02 23:16:09 | 000,053,446 | ---- | C] () -- C:\Users\Anička\sosassiikk.jpg
[2014/03/02 23:14:03 | 000,340,377 | ---- | C] () -- C:\Users\Anička\sassiik.jpg
[2014/03/02 23:06:37 | 001,524,203 | ---- | C] () -- C:\Users\Anička\20140228_211602.jpg
[2014/03/02 23:05:11 | 000,492,019 | ---- | C] () -- C:\Users\Anička\20140228_2211531.jpg
[2014/03/02 23:04:44 | 000,319,537 | ---- | C] () -- C:\Users\Anička\20140228_211757.jpg
[2014/03/02 23:01:27 | 000,059,076 | ---- | C] () -- C:\Users\Anička\1896808_10203413038991256_1778048025_n.jpg
[2014/03/02 22:56:33 | 000,042,101 | ---- | C] () -- C:\Users\Anička\unnamed (1).jpg
[2014/03/02 22:56:25 | 000,035,161 | ---- | C] () -- C:\Users\Anička\unnamed.jpg
[2014/03/02 21:39:37 | 000,136,651 | ---- | C] () -- C:\Users\Anička\Silver.Linings.Playbook.2012.720p.x264.YIFY.srt
[2014/03/02 21:39:07 | 839,469,841 | ---- | C] () -- C:\Users\Anička\Silver.Linings.Playbook.2012.720p.x264.YIFY.mp4
[2014/03/02 14:53:38 | 000,453,811 | ---- | C] () -- C:\Users\Anička\DSC_28022014.jpg
[2014/03/01 14:09:54 | 000,858,119 | ---- | C] () -- C:\Users\Anička\sasiiik.jpg
[2014/03/01 13:47:13 | 000,365,307 | ---- | C] () -- C:\Users\Anička\zlaticka.jpg
[2014/03/01 13:45:24 | 000,361,139 | ---- | C] () -- C:\Users\Anička\20140228_211647.jpg
[2014/03/01 13:36:22 | 001,514,263 | ---- | C] () -- C:\Users\Anička\sasuliacicek.jpg
[2014/03/01 11:25:40 | 000,065,033 | ---- | C] () -- C:\Users\Anička\MjAxMy05OWUyYmY4NDlmMGE1YzQ0.png
[2014/02/28 16:25:22 | 000,001,811 | ---- | C] () -- C:\Users\Anička\Desktop\Spotify.lnk
[2014/02/28 16:25:22 | 000,001,797 | ---- | C] () -- C:\Users\Anička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2014/02/28 10:47:47 | 000,109,031 | ---- | C] () -- C:\Users\Anička\anička listok.pdf
[2014/02/28 10:46:47 | 000,109,335 | ---- | C] () -- C:\Users\Anička\verča listok.pdf
[2014/02/24 23:27:21 | 000,023,460 | ---- | C] () -- C:\Users\Anička\discojpg_132742403717026.jpg
[2014/02/24 12:26:49 | 000,001,915 | ---- | C] () -- C:\Users\Anička\Desktop\Sync Folder.lnk
[2014/02/24 12:26:32 | 000,000,348 | ---- | C] () -- C:\Windows\tasks\DriverToolkit Autorun.job
[2014/02/24 12:26:31 | 000,001,055 | ---- | C] () -- C:\Users\Anička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[2014/02/24 12:26:31 | 000,001,045 | ---- | C] () -- C:\Users\Anička\Desktop\MyPC Backup.lnk
[2014/02/24 12:26:08 | 003,495,331 | ---- | C] () -- C:\Users\Anička\Documents\CMOS_Camera_D-Max_GD-5A35A_VT_071213.zip
[2014/02/24 12:25:31 | 000,632,152 | ---- | C] () -- C:\Users\Anička\Documents\DriverGuide_Driver_Download_1228356.exe
[2014/02/24 12:21:57 | 000,001,025 | ---- | C] () -- C:\Users\Public\Desktop\DriverToolkit.lnk
[2014/02/24 11:06:35 | 000,202,363 | ---- | C] () -- C:\Users\Anička\potvrdenie_o_studiu13_14.pdf
[2014/02/23 09:49:53 | 000,293,769 | ---- | C] () -- C:\Users\Anička\malovanie win 7.jpg
[2014/02/21 20:35:12 | 000,002,119 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/02/21 20:34:39 | 000,180,248 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/02/21 20:34:36 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/02/18 15:45:18 | 000,119,308 | ---- | C] () -- C:\Users\Anička\Desktop\CHECK-OUT SELF-CERTIFICATION.pdf
[2014/02/18 11:37:28 | 000,061,190 | ---- | C] () -- C:\Users\Anička\Audi-4-rings-604x272.jpg
[2014/02/16 19:51:42 | 000,081,474 | ---- | C] () -- C:\Users\Anička\IMG-20140215-WA0000.jpg
[2014/02/15 12:07:26 | 000,059,699 | ---- | C] () -- C:\Users\Anička\sasiicek.jpg
[2014/02/15 12:05:03 | 000,056,938 | ---- | C] () -- C:\Users\Anička\sasicek.jpg
[2014/02/15 10:21:43 | 000,080,069 | ---- | C] () -- C:\Users\Anička\livinka.jpg
[2014/02/15 10:19:03 | 000,075,665 | ---- | C] () -- C:\Users\Anička\slivicek.jpg
[2014/02/15 10:12:03 | 000,149,965 | ---- | C] () -- C:\Users\Anička\sosasicek.jpg
[2014/02/15 10:10:25 | 000,081,148 | ---- | C] () -- C:\Users\Anička\slivik.jpg
[2014/02/12 12:44:29 | 000,305,994 | ---- | C] () -- C:\Users\Anička\kruljac_stanislav_potvrdenie_o_navsteve_skoly.jpg
[2014/02/11 22:02:06 | 000,046,224 | ---- | C] () -- C:\Users\Anička\bitcoin.JPG
[2014/02/11 18:41:43 | 000,065,968 | ---- | C] () -- C:\Users\Anička\ČSOB InternetBanking 24-faktura za december.pdf
[2014/02/11 11:06:20 | 000,038,922 | ---- | C] () -- C:\Users\Anička\jedalniček.JPG
[2014/02/10 12:51:48 | 000,173,553 | ---- | C] () -- C:\Users\Anička\Anna_Kruljacová_CV_EN.pdf
[2014/02/10 12:21:17 | 000,177,087 | ---- | C] () -- C:\Users\Anička\Anna_Kruljacová_CV_SK.pdf
[2014/02/08 05:05:34 | 000,755,499 | ---- | C] () -- C:\Users\Anička\DSC_03461.jpg
[2014/02/08 05:03:11 | 001,298,440 | ---- | C] () -- C:\Users\Anička\DSC_0346.jpg
[2014/02/05 21:05:22 | 000,063,434 | ---- | C] () -- C:\Users\Anička\Desktop\Castle - 06x14 - Dressed To Kill.Dimension.srt
[2014/02/03 09:38:10 | 000,176,858 | ---- | C] () -- C:\Users\Anička\Anna_Kruljacová_CV.pdf
[2014/02/01 17:53:45 | 000,013,092 | ---- | C] () -- C:\Users\Anička\anicka_fotka.jpg
[2014/02/01 17:53:00 | 000,015,480 | ---- | C] () -- C:\Users\Anička\anička.jpg
[2014/02/01 12:40:16 | 000,077,143 | ---- | C] () -- C:\Users\Anička\anička_rozvrh.JPG
[2014/01/30 15:53:02 | 000,095,498 | ---- | C] () -- C:\Users\Anička\rozvrh LV.jpg
[2014/01/26 02:04:42 | 000,300,727 | ---- | C] () -- C:\Users\Anička\IMG_16032012_213327.png
[2014/01/08 16:12:36 | 000,173,744 | ---- | C] () -- C:\Users\Anička\creeta2.jpg
[2014/01/08 16:08:31 | 000,180,213 | ---- | C] () -- C:\Users\Anička\creeta.jpg
[2014/01/08 16:07:45 | 000,164,618 | ---- | C] () -- C:\Users\Anička\creta.jpg
[2013/12/15 11:54:56 | 000,002,041 | -H-- | C] () -- C:\Users\Anička\.picasa.ini
[2013/11/09 19:04:02 | 000,007,680 | ---- | C] () -- C:\Users\Anička\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/04/19 15:17:04 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2013/04/19 15:04:14 | 000,416,522 | ---- | C] () -- C:\Windows\AutoKMS.exe
========== ZeroAccess Check ==========
[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/11/20 22:29:11 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2014/02/21 21:26:56 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\AVAST Software
[2013/11/18 16:06:46 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Canon
[2013/11/10 21:09:30 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\com.prezi.PreziDesktop
[2013/04/19 14:39:50 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\DAEMON Tools Lite
[2013/11/10 01:29:02 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Dextronet
[2013/04/28 10:36:23 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Downloaded Installations
[2013/05/10 14:31:35 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\e-academy Inc
[2013/04/28 10:53:58 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\FileOpen
[2013/09/21 18:30:07 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\FUJIFILM
[2014/01/08 15:31:32 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\IsolatedStorage
[2014/01/13 00:29:57 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Nitro
[2013/11/21 12:57:06 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Nitro PDF
[2014/01/08 22:33:47 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Solvusoft
[2014/03/07 16:13:27 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Spotify
[2013/11/07 22:10:30 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Ulead Systems
========== Purity Check ==========
< End of report >
druhy log sa vraj nejak zmazal a nikde ho nie je
-
Rudy
- Site Admin
- Příspěvky: 119534
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: DNS server sa sam meni na 127.0.0.1
Bez druhého logu je mi ten sken k ničemu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: DNS server sa sam meni na 127.0.0.1
OTL log:
OTL logfile created on: 12. 3. 2014 22:58:57 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Anička\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
2,99 Gb Total Physical Memory | 1,25 Gb Available Physical Memory | 41,91% Memory free
5,98 Gb Paging File | 3,88 Gb Available in Paging File | 64,93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 156,25 Gb Total Space | 20,03 Gb Free Space | 12,82% Space Free | Partition Type: NTFS
Drive D: | 141,83 Gb Total Space | 116,49 Gb Free Space | 82,13% Space Free | Partition Type: NTFS
Drive G: | 667,62 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: ANICKA-PC | User Name: Anička | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/03/12 22:58:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Anička\Downloads\OTL.exe
PRC - [2014/03/02 03:35:27 | 000,859,464 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014/02/28 16:25:06 | 001,171,968 | ---- | M] (Spotify Ltd) -- C:\Users\Anička\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2014/02/21 20:34:07 | 003,767,096 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/02/21 20:34:07 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/01/13 14:22:34 | 001,286,656 | ---- | M] (Megaify Software Co., Ltd.) -- C:\Program Files\DriverToolkit\DriverToolkit.exe
PRC - [2013/10/19 17:45:22 | 001,712,640 | ---- | M] () -- C:\Program Files\PenWes\Penwes.exe
PRC - [2013/10/19 14:54:24 | 001,515,008 | ---- | M] () -- C:\Program Files\PenWes\PenWesService.exe
PRC - [2013/01/27 10:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013/01/27 10:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/01/27 10:11:06 | 000,947,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/09/23 19:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/09/18 13:28:32 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\System32\NLSSRV32.EXE
PRC - [2012/09/18 13:28:28 | 000,197,128 | ---- | M] (Nitro PDF Software) -- C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe
PRC - [2011/03/31 18:19:44 | 001,646,056 | ---- | M] (Rosetta Stone Ltd.) -- C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe
PRC - [2010/11/20 22:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 22:29:19 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/03/29 19:26:00 | 000,227,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
PRC - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
========== Modules (No Company Name) ==========
MOD - [2014/03/02 03:35:25 | 000,394,568 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.146\ppgooglenaclpluginchrome.dll
MOD - [2014/03/02 03:35:24 | 013,632,840 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll
MOD - [2014/03/02 03:35:23 | 004,061,000 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.146\pdf.dll
MOD - [2014/03/02 03:35:20 | 000,716,616 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.146\libglesv2.dll
MOD - [2014/03/02 03:35:19 | 000,100,168 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.146\libegl.dll
MOD - [2014/03/02 03:35:17 | 001,647,432 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.146\ffmpegsumo.dll
MOD - [2014/03/02 03:35:15 | 000,051,016 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.146\chrome_elf.dll
MOD - [2014/02/21 20:34:12 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013/10/19 17:45:22 | 001,712,640 | ---- | M] () -- C:\Program Files\PenWes\Penwes.exe
MOD - [2013/04/09 22:55:54 | 000,093,032 | ---- | M] () -- C:\Program Files\DriverToolkit\zlibwapi.dll
MOD - [2010/01/30 01:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
========== Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Program Files\LinkSwift\bin\utilLinkSwift.exe -- (Util LinkSwift)
SRV - File not found [Auto | Stopped] -- C:\Program Files\LinkSwift\updateLinkSwift.exe -- (Update LinkSwift)
SRV - [2014/02/21 20:34:07 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/11/09 23:42:35 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013/10/19 14:54:24 | 001,515,008 | ---- | M] () [Auto | Running] -- C:\Program Files\PenWes\PenWesService.exe -- (PenWesController)
SRV - [2013/07/25 09:40:44 | 000,162,672 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/01/27 10:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/01/27 10:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/09/23 19:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/09/18 13:28:32 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\System32\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2012/09/18 13:28:28 | 000,197,128 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe -- (NitroDriverReadSpool8)
SRV - [2011/03/31 18:19:44 | 001,646,056 | ---- | M] (Rosetta Stone Ltd.) [Auto | Running] -- C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe -- (RosettaStoneDaemon)
SRV - [2010/03/25 09:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\chyceozj.sys -- (chyceozj)
DRV - [2014/02/21 20:34:15 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014/02/21 20:34:15 | 000,410,784 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2014/02/21 20:34:15 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/02/21 20:34:15 | 000,064,168 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\aswStm.sys -- (aswStm)
DRV - [2014/02/21 20:34:14 | 000,079,720 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2014/02/21 20:34:14 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014/02/21 20:34:14 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/04/19 14:38:10 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2013/01/20 14:59:04 | 000,100,328 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2010/11/20 22:29:34 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 22:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 22:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - [2010/11/20 22:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2010/11/20 22:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010/11/20 22:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 22:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 22:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010/11/20 22:29:03 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV - [2010/11/20 22:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 22:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/13 23:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/13 23:02:52 | 000,043,008 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2009/07/13 23:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?publisher=Snapd ... 22/11/2013
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?publisher=Snapd ... 22/11/2013
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://feed.snapdo.com/?publisher=Snapd ... 22/11/2013
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 10 40 E6 2C FF 3C CE 01 [binary data]
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?publisher=Snapd ... 22/11/2013
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?publisher=Snapd ... 22/11/2013
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... VI_csIT563
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://feed.snapdo.com/?publisher=Snapd ... 22/11/2013"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - prefs.js..keyword.URL: "http://feed.snapdo.com/?publisher=Snapd ... 11/2013&q="
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/03/12 18:31:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2013/04/28 19:27:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anička\AppData\Roaming\Mozilla\Extensions
[2014/02/14 10:50:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anička\AppData\Roaming\Mozilla\Firefox\Profiles\dz1i4fbk.default\Extensions
[2014/02/14 10:50:28 | 000,940,775 | ---- | M] () (No name found) -- C:\Users\Anička\AppData\Roaming\Mozilla\Firefox\Profiles\dz1i4fbk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/03/10 19:13:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/02/15 10:28:17 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://feed.snapdo.com/?publisher=Snapd ... 22/11/2013
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\33.0.1750.146\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - Extension: Dokumenty Google = C:\Users\Anička\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Users\Anička\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Anička\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Anička\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.4_0\
CHR - Extension: H013Eada0165 v Google = C:\Users\Anička\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Users\Anička\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2013.75_0\
CHR - Extension: PeĹaĹľenka Google = C:\Users\Anička\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Anička\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-773910472-3044729245-3086565107-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-773910472-3044729245-3086565107-1000..\Run: [Spotify] C:\Users\Anička\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-773910472-3044729245-3086565107-1000..\Run: [Spotify Web Helper] C:\Users\Anička\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Anička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 147.229.190.143 147.229.191.143
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5EE36BB7-909A-46BF-9F9E-7AD7E2EA98E7}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F558F88A-ADAF-42A1-AF02-232A0B94FC1F}: DhcpNameServer = 147.229.190.143 147.229.191.143
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F558F88A-ADAF-42A1-AF02-232A0B94FC1F}: NameServer = 127.0.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012/09/18 21:57:25 | 000,000,175 | R--- | M] () - G:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{bf8da687-a8f1-11e2-ac19-00248cb40fda}\Shell - "" = AutoRun
O33 - MountPoints2\{bf8da687-a8f1-11e2-ac19-00248cb40fda}\Shell\AutoRun\command - "" = G:\setup.exe -- [2012/11/10 19:16:50 | 000,207,448 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{bf8da687-a8f1-11e2-ac19-00248cb40fda}\Shell\configure\command - "" = G:\setup.exe -- [2012/11/10 19:16:50 | 000,207,448 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{bf8da687-a8f1-11e2-ac19-00248cb40fda}\Shell\install\command - "" = G:\setup.exe -- [2012/11/10 19:16:50 | 000,207,448 | R--- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014/03/10 19:17:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014/03/10 19:16:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2014/03/10 19:16:57 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2014/03/07 15:28:00 | 000,000,000 | ---D | C] -- C:\Users\Anička\AppData\Local\Skype
[2014/03/07 15:11:52 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1991-06.com.microsoft
[2014/03/03 23:16:24 | 000,000,000 | ---D | C] -- C:\Users\Anička\JobChallenge2014
[2014/03/03 17:29:44 | 000,000,000 | ---D | C] -- C:\Users\Anička\KB
[2014/03/02 14:53:37 | 000,000,000 | ---D | C] -- C:\Users\Anička\.picasaoriginals
[2014/02/28 16:25:24 | 000,000,000 | ---D | C] -- C:\Users\Anička\AppData\Local\Spotify
[2014/02/28 16:24:47 | 000,000,000 | ---D | C] -- C:\Users\Anička\AppData\Roaming\Spotify
[2014/02/28 00:36:54 | 000,000,000 | ---D | C] -- C:\Users\Anička\rf bakalarka
[2014/02/28 00:05:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2014/02/28 00:05:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2014/02/24 12:22:01 | 000,000,000 | ---D | C] -- C:\Users\Anička\AppData\Local\DriverToolkit
[2014/02/24 12:21:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
[2014/02/24 12:21:54 | 000,000,000 | ---D | C] -- C:\Program Files\DriverToolkit
[2014/02/24 12:20:56 | 002,243,616 | ---- | C] (Megaify Software ) -- C:\Users\Anička\Documents\driver_setup.exe
[2014/02/22 14:41:03 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014/02/21 21:26:56 | 000,000,000 | ---D | C] -- C:\Users\Anička\AppData\Roaming\AVAST Software
[2014/02/21 20:35:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/02/21 20:34:40 | 000,064,168 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswStm.sys
[2014/02/21 20:34:38 | 000,775,952 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014/02/21 20:34:37 | 000,410,784 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014/02/21 20:34:34 | 000,067,824 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/02/21 20:34:32 | 000,079,720 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014/02/21 20:34:24 | 000,270,240 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/02/21 20:34:13 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/02/21 20:33:17 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/02/21 20:29:44 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/02/16 18:42:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014/02/16 18:42:24 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/02/16 18:42:15 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/02/15 10:27:27 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/02/15 10:17:21 | 000,000,000 | -H-D | C] -- C:\Users\Anička\Corel Auto-Preserve
[2014/02/14 11:10:23 | 000,000,000 | ---D | C] -- C:\Users\Anička\AppData\Local\e-academy Inc
[2014/02/13 22:57:43 | 000,000,000 | ---D | C] -- C:\Users\Anička\synergic
[2014/02/13 16:22:20 | 000,000,000 | ---D | C] -- C:\Users\Anička\parfums
========== Files - Modified Within 30 Days ==========
[2014/03/12 23:01:46 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/03/12 23:00:00 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/03/12 22:59:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/03/12 21:49:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/03/12 19:03:40 | 000,154,024 | ---- | M] () -- C:\Users\Anička\stanko - bus.pdf
[2014/03/12 19:03:37 | 000,021,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/03/12 19:03:37 | 000,021,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/03/12 18:56:09 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\DriverToolkit Autorun.job
[2014/03/12 18:55:36 | 2409,029,632 | -HS- | M] () -- C:\hiberfil.sys
[2014/03/12 18:34:05 | 000,002,047 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/03/12 18:29:45 | 000,000,374 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2014/03/12 18:29:31 | 000,412,632 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/03/11 23:04:52 | 000,281,488 | ---- | M] () -- C:\Users\Anička\sdeckami.jpg
[2014/03/11 23:03:34 | 000,310,690 | ---- | M] () -- C:\Users\Anička\spalimavitom.jpg
[2014/03/11 23:03:23 | 000,300,192 | ---- | M] () -- C:\Users\Anička\2014-03-11 22.47.02.jpg
[2014/03/11 22:58:57 | 000,682,179 | ---- | M] () -- C:\Users\Anička\Desktop\2014-03-11 22.47.02.jpg
[2014/03/10 20:15:26 | 000,178,978 | ---- | M] () -- C:\Users\Anička\Anna_Kruljacová_CV_SK.pdf
[2014/03/10 20:14:36 | 000,130,304 | ---- | M] () -- C:\Users\Anička\Anna_Kruljacová_motivačný.pdf
[2014/03/10 19:17:00 | 000,002,511 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/03/10 13:53:57 | 000,623,144 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2014/03/10 13:53:57 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/03/10 13:53:57 | 000,121,788 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2014/03/10 13:53:57 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/03/08 23:57:57 | 000,002,024 | -H-- | M] () -- C:\Users\Anička\Documents\Default.rdp
[2014/03/08 00:01:43 | 000,002,141 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/03/07 23:36:33 | 000,207,792 | ---- | M] () -- C:\Users\Anička\1939745_10201750152021123_309158559_o12.jpg
[2014/03/07 23:36:10 | 000,001,794 | -H-- | M] () -- C:\Users\Anička\.picasa.ini
[2014/03/07 23:35:34 | 000,259,874 | ---- | M] () -- C:\Users\Anička\1939745_10201750152021123_309158559_o.jpg
[2014/03/07 22:59:45 | 000,016,631 | ---- | M] () -- C:\Users\Anička\anička12.jpg
[2014/03/02 23:45:10 | 001,677,920 | ---- | M] () -- C:\Users\Anička\20140228_211821.jpg
[2014/03/02 23:24:30 | 001,238,226 | ---- | M] () -- C:\Users\Anička\20140228_222130.jpg
[2014/03/02 23:16:09 | 000,053,446 | ---- | M] () -- C:\Users\Anička\sosassiikk.jpg
[2014/03/02 23:14:03 | 000,340,377 | ---- | M] () -- C:\Users\Anička\sassiik.jpg
[2014/03/02 23:06:38 | 001,524,203 | ---- | M] () -- C:\Users\Anička\20140228_211602.jpg
[2014/03/02 23:05:11 | 000,492,019 | ---- | M] () -- C:\Users\Anička\20140228_2211531.jpg
[2014/03/02 23:04:44 | 000,319,537 | ---- | M] () -- C:\Users\Anička\20140228_211757.jpg
[2014/03/02 23:01:27 | 000,059,076 | ---- | M] () -- C:\Users\Anička\1896808_10203413038991256_1778048025_n.jpg
[2014/03/02 22:56:35 | 000,042,101 | ---- | M] () -- C:\Users\Anička\unnamed (1).jpg
[2014/03/02 22:56:25 | 000,035,161 | ---- | M] () -- C:\Users\Anička\unnamed.jpg
[2014/03/02 14:53:38 | 000,453,811 | ---- | M] () -- C:\Users\Anička\DSC_28022014.jpg
[2014/03/01 14:09:54 | 000,858,119 | ---- | M] () -- C:\Users\Anička\sasiiik.jpg
[2014/03/01 13:47:15 | 000,365,307 | ---- | M] () -- C:\Users\Anička\zlaticka.jpg
[2014/03/01 13:45:24 | 000,361,139 | ---- | M] () -- C:\Users\Anička\20140228_211647.jpg
[2014/03/01 13:36:22 | 001,514,263 | ---- | M] () -- C:\Users\Anička\sasuliacicek.jpg
[2014/03/01 11:25:41 | 000,065,033 | ---- | M] () -- C:\Users\Anička\MjAxMy05OWUyYmY4NDlmMGE1YzQ0.png
[2014/02/28 16:25:22 | 000,001,811 | ---- | M] () -- C:\Users\Anička\Desktop\Spotify.lnk
[2014/02/28 10:47:47 | 000,109,031 | ---- | M] () -- C:\Users\Anička\anička listok.pdf
[2014/02/28 10:46:47 | 000,109,335 | ---- | M] () -- C:\Users\Anička\verča listok.pdf
[2014/02/24 23:27:26 | 000,023,460 | ---- | M] () -- C:\Users\Anička\discojpg_132742403717026.jpg
[2014/02/24 12:26:08 | 003,495,331 | ---- | M] () -- C:\Users\Anička\Documents\CMOS_Camera_D-Max_GD-5A35A_VT_071213.zip
[2014/02/24 12:25:41 | 000,632,152 | ---- | M] () -- C:\Users\Anička\Documents\DriverGuide_Driver_Download_1228356.exe
[2014/02/24 12:21:57 | 000,001,025 | ---- | M] () -- C:\Users\Public\Desktop\DriverToolkit.lnk
[2014/02/24 12:21:16 | 002,243,616 | ---- | M] (Megaify Software ) -- C:\Users\Anička\Documents\driver_setup.exe
[2014/02/24 11:06:36 | 000,202,363 | ---- | M] () -- C:\Users\Anička\potvrdenie_o_studiu13_14.pdf
[2014/02/23 09:49:53 | 000,293,769 | ---- | M] () -- C:\Users\Anička\malovanie win 7.jpg
[2014/02/21 20:34:15 | 000,775,952 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014/02/21 20:34:15 | 000,410,784 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014/02/21 20:34:15 | 000,180,248 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/02/21 20:34:15 | 000,064,168 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswStm.sys
[2014/02/21 20:34:14 | 000,079,720 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014/02/21 20:34:14 | 000,067,824 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/02/21 20:34:14 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/02/21 20:34:13 | 000,270,240 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/02/21 20:34:13 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/02/21 08:58:30 | 214,581,629 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/02/19 03:28:18 | 000,001,270 | ---- | M] () -- C:\Users\Anička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
[2014/02/18 15:45:18 | 000,119,308 | ---- | M] () -- C:\Users\Anička\Desktop\CHECK-OUT SELF-CERTIFICATION.pdf
[2014/02/18 11:37:28 | 000,061,190 | ---- | M] () -- C:\Users\Anička\Audi-4-rings-604x272.jpg
[2014/02/16 19:51:42 | 000,081,474 | ---- | M] () -- C:\Users\Anička\IMG-20140215-WA0000.jpg
[2014/02/15 12:07:26 | 000,059,699 | ---- | M] () -- C:\Users\Anička\sasiicek.jpg
[2014/02/15 12:05:03 | 000,056,938 | ---- | M] () -- C:\Users\Anička\sasicek.jpg
[2014/02/15 10:21:44 | 000,080,069 | ---- | M] () -- C:\Users\Anička\livinka.jpg
[2014/02/15 10:19:04 | 000,075,665 | ---- | M] () -- C:\Users\Anička\slivicek.jpg
[2014/02/15 10:17:21 | 000,081,148 | ---- | M] () -- C:\Users\Anička\slivik.jpg
[2014/02/15 10:12:03 | 000,149,965 | ---- | M] () -- C:\Users\Anička\sosasicek.jpg
[2014/02/14 11:10:24 | 000,003,147 | ---- | M] () -- C:\Users\Anička\Desktop\Shortcut to SecureDownloadManager.exe.lnk
[2014/02/12 12:44:29 | 000,305,994 | ---- | M] () -- C:\Users\Anička\kruljac_stanislav_potvrdenie_o_navsteve_skoly.jpg
[2014/02/11 22:02:07 | 000,046,224 | ---- | M] () -- C:\Users\Anička\bitcoin.JPG
[2014/02/11 18:41:43 | 000,065,968 | ---- | M] () -- C:\Users\Anička\ČSOB InternetBanking 24-faktura za december.pdf
[2014/02/11 11:06:20 | 000,038,922 | ---- | M] () -- C:\Users\Anička\jedalniček.JPG
========== Files Created - No Company Name ==========
[2014/03/12 19:03:40 | 000,154,024 | ---- | C] () -- C:\Users\Anička\stanko - bus.pdf
[2014/03/11 23:04:51 | 000,281,488 | ---- | C] () -- C:\Users\Anička\sdeckami.jpg
[2014/03/11 23:03:34 | 000,310,690 | ---- | C] () -- C:\Users\Anička\spalimavitom.jpg
[2014/03/11 23:03:23 | 000,300,192 | ---- | C] () -- C:\Users\Anička\2014-03-11 22.47.02.jpg
[2014/03/11 22:58:55 | 000,682,179 | ---- | C] () -- C:\Users\Anička\Desktop\2014-03-11 22.47.02.jpg
[2014/03/10 20:14:31 | 000,130,304 | ---- | C] () -- C:\Users\Anička\Anna_Kruljacová_motivačný.pdf
[2014/03/10 19:17:00 | 000,002,511 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/03/08 20:18:57 | 000,002,024 | -H-- | C] () -- C:\Users\Anička\Documents\Default.rdp
[2014/03/07 23:36:33 | 000,207,792 | ---- | C] () -- C:\Users\Anička\1939745_10201750152021123_309158559_o12.jpg
[2014/03/07 23:35:34 | 000,259,874 | ---- | C] () -- C:\Users\Anička\1939745_10201750152021123_309158559_o.jpg
[2014/03/07 22:59:45 | 000,016,631 | ---- | C] () -- C:\Users\Anička\anička12.jpg
[2014/03/07 15:38:37 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/03/02 23:45:09 | 001,677,920 | ---- | C] () -- C:\Users\Anička\20140228_211821.jpg
[2014/03/02 23:24:28 | 001,238,226 | ---- | C] () -- C:\Users\Anička\20140228_222130.jpg
[2014/03/02 23:16:09 | 000,053,446 | ---- | C] () -- C:\Users\Anička\sosassiikk.jpg
[2014/03/02 23:14:03 | 000,340,377 | ---- | C] () -- C:\Users\Anička\sassiik.jpg
[2014/03/02 23:06:37 | 001,524,203 | ---- | C] () -- C:\Users\Anička\20140228_211602.jpg
[2014/03/02 23:05:11 | 000,492,019 | ---- | C] () -- C:\Users\Anička\20140228_2211531.jpg
[2014/03/02 23:04:44 | 000,319,537 | ---- | C] () -- C:\Users\Anička\20140228_211757.jpg
[2014/03/02 23:01:27 | 000,059,076 | ---- | C] () -- C:\Users\Anička\1896808_10203413038991256_1778048025_n.jpg
[2014/03/02 22:56:33 | 000,042,101 | ---- | C] () -- C:\Users\Anička\unnamed (1).jpg
[2014/03/02 22:56:25 | 000,035,161 | ---- | C] () -- C:\Users\Anička\unnamed.jpg
[2014/03/02 21:39:07 | 839,469,841 | ---- | C] () -- C:\Users\Anička\Silver.Linings.Playbook.2012.720p.x264.YIFY.mp4
[2014/03/02 14:53:38 | 000,453,811 | ---- | C] () -- C:\Users\Anička\DSC_28022014.jpg
[2014/03/01 14:09:54 | 000,858,119 | ---- | C] () -- C:\Users\Anička\sasiiik.jpg
[2014/03/01 13:47:13 | 000,365,307 | ---- | C] () -- C:\Users\Anička\zlaticka.jpg
[2014/03/01 13:45:24 | 000,361,139 | ---- | C] () -- C:\Users\Anička\20140228_211647.jpg
[2014/03/01 13:36:22 | 001,514,263 | ---- | C] () -- C:\Users\Anička\sasuliacicek.jpg
[2014/03/01 11:25:40 | 000,065,033 | ---- | C] () -- C:\Users\Anička\MjAxMy05OWUyYmY4NDlmMGE1YzQ0.png
[2014/02/28 16:25:22 | 000,001,811 | ---- | C] () -- C:\Users\Anička\Desktop\Spotify.lnk
[2014/02/28 16:25:22 | 000,001,797 | ---- | C] () -- C:\Users\Anička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2014/02/28 10:47:47 | 000,109,031 | ---- | C] () -- C:\Users\Anička\anička listok.pdf
[2014/02/28 10:46:47 | 000,109,335 | ---- | C] () -- C:\Users\Anička\verča listok.pdf
[2014/02/24 23:27:21 | 000,023,460 | ---- | C] () -- C:\Users\Anička\discojpg_132742403717026.jpg
[2014/02/24 12:26:32 | 000,000,348 | ---- | C] () -- C:\Windows\tasks\DriverToolkit Autorun.job
[2014/02/24 12:26:08 | 003,495,331 | ---- | C] () -- C:\Users\Anička\Documents\CMOS_Camera_D-Max_GD-5A35A_VT_071213.zip
[2014/02/24 12:25:31 | 000,632,152 | ---- | C] () -- C:\Users\Anička\Documents\DriverGuide_Driver_Download_1228356.exe
[2014/02/24 12:21:57 | 000,001,025 | ---- | C] () -- C:\Users\Public\Desktop\DriverToolkit.lnk
[2014/02/24 11:06:35 | 000,202,363 | ---- | C] () -- C:\Users\Anička\potvrdenie_o_studiu13_14.pdf
[2014/02/23 09:49:53 | 000,293,769 | ---- | C] () -- C:\Users\Anička\malovanie win 7.jpg
[2014/02/21 20:35:12 | 000,002,047 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/02/21 20:34:39 | 000,180,248 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/02/21 20:34:36 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/02/18 15:45:18 | 000,119,308 | ---- | C] () -- C:\Users\Anička\Desktop\CHECK-OUT SELF-CERTIFICATION.pdf
[2014/02/18 11:37:28 | 000,061,190 | ---- | C] () -- C:\Users\Anička\Audi-4-rings-604x272.jpg
[2014/02/16 19:51:42 | 000,081,474 | ---- | C] () -- C:\Users\Anička\IMG-20140215-WA0000.jpg
[2014/02/15 12:07:26 | 000,059,699 | ---- | C] () -- C:\Users\Anička\sasiicek.jpg
[2014/02/15 12:05:03 | 000,056,938 | ---- | C] () -- C:\Users\Anička\sasicek.jpg
[2014/02/15 10:21:43 | 000,080,069 | ---- | C] () -- C:\Users\Anička\livinka.jpg
[2014/02/15 10:19:03 | 000,075,665 | ---- | C] () -- C:\Users\Anička\slivicek.jpg
[2014/02/15 10:12:03 | 000,149,965 | ---- | C] () -- C:\Users\Anička\sosasicek.jpg
[2014/02/15 10:10:25 | 000,081,148 | ---- | C] () -- C:\Users\Anička\slivik.jpg
[2014/02/12 12:44:29 | 000,305,994 | ---- | C] () -- C:\Users\Anička\kruljac_stanislav_potvrdenie_o_navsteve_skoly.jpg
[2014/02/11 22:02:06 | 000,046,224 | ---- | C] () -- C:\Users\Anička\bitcoin.JPG
[2014/02/11 18:41:43 | 000,065,968 | ---- | C] () -- C:\Users\Anička\ČSOB InternetBanking 24-faktura za december.pdf
[2014/02/11 11:06:20 | 000,038,922 | ---- | C] () -- C:\Users\Anička\jedalniček.JPG
[2014/02/10 12:51:48 | 000,173,553 | ---- | C] () -- C:\Users\Anička\Anna_Kruljacová_CV_EN.pdf
[2014/02/10 12:21:17 | 000,178,978 | ---- | C] () -- C:\Users\Anička\Anna_Kruljacová_CV_SK.pdf
[2014/02/08 05:05:34 | 000,755,499 | ---- | C] () -- C:\Users\Anička\DSC_03461.jpg
[2014/02/08 05:03:11 | 001,298,440 | ---- | C] () -- C:\Users\Anička\DSC_0346.jpg
[2014/02/03 09:38:10 | 000,176,858 | ---- | C] () -- C:\Users\Anička\Anna_Kruljacová_CV.pdf
[2014/02/01 17:53:45 | 000,013,092 | ---- | C] () -- C:\Users\Anička\anicka_fotka.jpg
[2014/02/01 17:53:00 | 000,015,480 | ---- | C] () -- C:\Users\Anička\anička.jpg
[2014/02/01 12:40:16 | 000,077,143 | ---- | C] () -- C:\Users\Anička\anička_rozvrh.JPG
[2014/01/30 15:53:02 | 000,095,498 | ---- | C] () -- C:\Users\Anička\rozvrh LV.jpg
[2014/01/26 02:04:42 | 000,300,727 | ---- | C] () -- C:\Users\Anička\IMG_16032012_213327.png
[2014/01/08 16:12:36 | 000,173,744 | ---- | C] () -- C:\Users\Anička\creeta2.jpg
[2014/01/08 16:08:31 | 000,180,213 | ---- | C] () -- C:\Users\Anička\creeta.jpg
[2014/01/08 16:07:45 | 000,164,618 | ---- | C] () -- C:\Users\Anička\creta.jpg
[2013/12/15 11:54:56 | 000,001,794 | -H-- | C] () -- C:\Users\Anička\.picasa.ini
[2013/11/09 19:04:02 | 000,007,680 | ---- | C] () -- C:\Users\Anička\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/04/19 15:17:04 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2013/04/19 15:04:14 | 000,416,522 | ---- | C] () -- C:\Windows\AutoKMS.exe
========== ZeroAccess Check ==========
[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/11/20 22:29:11 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2014/02/21 21:26:56 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\AVAST Software
[2013/11/18 16:06:46 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Canon
[2013/11/10 21:09:30 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\com.prezi.PreziDesktop
[2013/04/19 14:39:50 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\DAEMON Tools Lite
[2013/11/10 01:29:02 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Dextronet
[2013/04/28 10:36:23 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Downloaded Installations
[2013/05/10 14:31:35 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\e-academy Inc
[2013/04/28 10:53:58 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\FileOpen
[2013/09/21 18:30:07 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\FUJIFILM
[2014/01/08 15:31:32 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\IsolatedStorage
[2014/01/13 00:29:57 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Nitro
[2014/03/08 20:19:54 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Nitro PDF
[2014/01/08 22:33:47 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Solvusoft
[2014/03/12 18:59:33 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Spotify
[2013/11/07 22:10:30 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Ulead Systems
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009/07/14 05:53:46 | 000,032,252 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU(32).TXT
[2009/07/14 05:53:46 | 000,032,588 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/07/14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2013/04/19 14:10:41 | 000,000,920 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013/04/19 14:10:42 | 000,000,924 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2014/02/24 12:26:32 | 000,000,348 | ---- | C] () -- C:\Windows\Tasks\DriverToolkit Autorun.job
< >
< MD5 for: ATAPI.SYS >
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010/11/20 22:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010/11/20 22:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010/11/20 22:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010/11/20 22:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010/11/20 22:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2010/11/20 22:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\explorer.exe
[2010/11/20 22:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
< MD5 for: HAL.DLL >
[2010/11/20 22:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010/11/20 22:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
< MD5 for: SCECLI.DLL >
[2010/11/20 22:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010/11/20 22:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: SERVICES.EXE >
[2009/07/14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009/07/14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
< MD5 for: TCPIP.SYS >
[2011/04/25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\SoftwareDistribution\Download\919003e3012e674674fc2a83c2329826\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2010/11/20 22:29:20 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\System32\drivers\tcpip.sys
[2010/11/20 22:29:20 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2013/01/04 05:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\SoftwareDistribution\Download\23d7661dc2a73222aa66aa721bf7026c\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2011/04/25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\SoftwareDistribution\Download\919003e3012e674674fc2a83c2329826\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013/01/03 06:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\SoftwareDistribution\Download\23d7661dc2a73222aa66aa721bf7026c\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010/11/20 22:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 22:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010/11/20 22:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 22:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
< >
< %systemroot%*.* /U /s >
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[61 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\02fe105b022dcdca24c3ad324b184e62\*.tmp files -> C:\Windows\SoftwareDistribution\Download\02fe105b022dcdca24c3ad324b184e62\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\2b1c4a4bebe8035f633e69533afa1ff3\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2b1c4a4bebe8035f633e69533afa1ff3\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\2bc60671863c6bf061e8a3312abe5b33\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2bc60671863c6bf061e8a3312abe5b33\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\36f271032037145dc366a57ee27ed070\*.tmp files -> C:\Windows\SoftwareDistribution\Download\36f271032037145dc366a57ee27ed070\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\622e294d53dbab40e6a37cda97b199d7\*.tmp files -> C:\Windows\SoftwareDistribution\Download\622e294d53dbab40e6a37cda97b199d7\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\789964dc09c1e02ed5d01e6a0a200879\*.tmp files -> C:\Windows\SoftwareDistribution\Download\789964dc09c1e02ed5d01e6a0a200879\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\79503a7502d1ed9c9a2120e88c7c6964\*.tmp files -> C:\Windows\SoftwareDistribution\Download\79503a7502d1ed9c9a2120e88c7c6964\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\7e447a3f1c4c7a5679cd9cc1c4d6b4b7\*.tmp files -> C:\Windows\SoftwareDistribution\Download\7e447a3f1c4c7a5679cd9cc1c4d6b4b7\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\80a01a9b4f7e328462d22e9cbd9a9210\*.tmp files -> C:\Windows\SoftwareDistribution\Download\80a01a9b4f7e328462d22e9cbd9a9210\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\8a45649f9a29a8940a3f73f1d11a3ec2\*.tmp files -> C:\Windows\SoftwareDistribution\Download\8a45649f9a29a8940a3f73f1d11a3ec2\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\9b7d1c92e3e02e6697f0b60618ca2eb2\*.tmp files -> C:\Windows\SoftwareDistribution\Download\9b7d1c92e3e02e6697f0b60618ca2eb2\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\ac7f3d35f0010fadf6b42bf6b3bedade\*.tmp files -> C:\Windows\SoftwareDistribution\Download\ac7f3d35f0010fadf6b42bf6b3bedade\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\aef66cef979109455449e967a6d1fa1d\*.tmp files -> C:\Windows\SoftwareDistribution\Download\aef66cef979109455449e967a6d1fa1d\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\af08f22acbdb110f5731890c49a1efe0\*.tmp files -> C:\Windows\SoftwareDistribution\Download\af08f22acbdb110f5731890c49a1efe0\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\f17d03c25482724b4c57d8ee350f642e\*.tmp files -> C:\Windows\SoftwareDistribution\Download\f17d03c25482724b4c57d8ee350f642e\*.tmp -> ]
[21 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2013/11/23 13:12:38 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Adobe
[2014/02/21 21:26:56 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\AVAST Software
[2013/11/18 16:06:46 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Canon
[2013/11/10 21:09:30 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\com.prezi.PreziDesktop
[2013/05/29 09:14:59 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Corel
[2013/04/19 14:39:50 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\DAEMON Tools Lite
[2013/11/10 01:29:02 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Dextronet
[2013/04/28 10:36:23 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Downloaded Installations
[2013/05/10 14:31:35 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\e-academy Inc
[2013/04/28 10:53:58 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\FileOpen
[2013/09/21 18:30:07 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\FUJIFILM
[2013/04/19 14:05:39 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Identities
[2014/01/08 15:31:32 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\IsolatedStorage
[2013/11/09 23:38:43 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Macromedia
[2010/11/21 02:24:45 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Media Center Programs
[2014/03/08 18:46:38 | 000,000,000 | --SD | M] -- C:\Users\Anička\AppData\Roaming\Microsoft
[2013/04/28 19:27:11 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Mozilla
[2014/01/13 00:29:57 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Nitro
[2014/03/08 20:19:54 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Nitro PDF
[2014/03/12 18:54:11 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Skype
[2014/01/08 22:33:47 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Solvusoft
[2014/03/12 18:59:33 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Spotify
[2013/11/07 22:10:30 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Ulead Systems
[2014/03/12 18:54:11 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\vlc
< %APPDATA%\*.exe /s >
[2013/05/10 14:31:36 | 000,009,662 | R--- | M] () -- C:\Users\Anička\AppData\Roaming\Microsoft\Installer\{4A5667B2-5D13-46C2-85B5-9D46A6096F61}\_853F67D554F05449430E7E.exe
[2014/01/08 15:48:04 | 000,071,894 | R--- | M] () -- C:\Users\Anička\AppData\Roaming\Microsoft\Installer\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}\GPUploader.exe
[2014/02/14 11:10:24 | 000,009,662 | R--- | M] () -- C:\Users\Anička\AppData\Roaming\Microsoft\Installer\{E040B65B-8683-4228-8C33-D44A141E40EA}\_112D608FD02CD87FDC7735.exe
[2014/02/14 11:10:24 | 000,009,662 | R--- | M] () -- C:\Users\Anička\AppData\Roaming\Microsoft\Installer\{E040B65B-8683-4228-8C33-D44A141E40EA}\_80D807FC3A72E5B428F1ED.exe
[2014/02/14 11:10:24 | 000,009,662 | R--- | M] () -- C:\Users\Anička\AppData\Roaming\Microsoft\Installer\{E040B65B-8683-4228-8C33-D44A141E40EA}\_853F67D554F05449430E7E.exe
[2014/02/28 16:25:22 | 006,118,400 | ---- | M] (Spotify Ltd) -- C:\Users\Anička\AppData\Roaming\Spotify\spotify.exe
[2014/02/28 16:25:08 | 000,062,464 | ---- | M] (Spotify Ltd) -- C:\Users\Anička\AppData\Roaming\Spotify\SpotifyLauncher.exe
[2014/02/28 16:25:05 | 000,603,648 | ---- | M] () -- C:\Users\Anička\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
[2014/02/28 16:25:06 | 001,171,968 | ---- | M] (Spotify Ltd) -- C:\Users\Anička\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2014/03/12 18:56:09 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\DriverToolkit Autorun.job
[2014/03/12 22:59:00 | 000,000,920 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014/03/12 23:00:00 | 000,000,924 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2014/03/12 19:03:37 | 000,021,072 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/03/12 19:03:37 | 000,021,072 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/03/12 18:29:31 | 000,412,632 | ---- | M] () -- C:\Windows\system32\FNTCACHE.DAT
[2014/03/10 13:53:57 | 000,121,788 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2014/03/10 13:53:57 | 000,106,388 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2014/03/10 13:53:57 | 000,623,144 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2014/03/10 13:53:57 | 000,616,008 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2014/03/10 13:53:57 | 001,470,062 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2013/03/14 09:23:30 | 003,672,640 | ---- | M] (Disc Soft Ltd)
"Spotify" = "C:\Users\Anička\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart -- [2014/02/28 16:25:22 | 006,118,400 | ---- | M] (Spotify Ltd)
"Spotify Web Helper" = "C:\Users\Anička\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" -- [2014/02/28 16:25:06 | 001,171,968 | ---- | M] (Spotify Ltd)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2014/02/15 10:28:16 | 000,275,568 | ---- | M] (Mozilla Corporation) MD5=D9184C5FF3FD526761D518A95ABA74A3 -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2010/11/20 22:29:33 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2014/03/02 03:35:27 | 000,859,464 | ---- | M] (Google Inc.) MD5=026C4CA19FAE1F84894A99735B15AACA -- C:\Program Files\Google\Chrome\Application\chrome.exe
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014/03/12 23:01:46 | 000,000,512 | ---- | M] () MD5=68BDE62B4264310D0E7EA76409D5A866 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2010/08/18 10:56:05 | 000,000,000 | ---- | M] () -- \Záloha\Application Data\Mozilla\Firefox\Profiles\b3ipyiin.default\CT2405280\feed\http___crackle_com_rss_media_sxsw_featured_rss_history.xml
[2010/08/18 10:56:05 | 000,000,000 | ---- | M] () -- \Záloha\Application Data\Mozilla\Firefox\Profiles\b3ipyiin.default\CT2405280\feed\http___crackle_com_rss_media_sxsw_featured_rss_structured.xml
< *keygen* /s >
[2012/09/23 09:19:18 | 000,636,928 | ---- | M] () -- \Users\Anička\AppData\Local\Temp\7zOBC30.tmp\keygen_np8.exe
[2014/03/12 18:57:43 | 000,071,812 | ---- | M] () -- \Windows\Prefetch\KEYGEN.EXE-8569740F.pf
[2011/05/07 13:46:19 | 000,000,030 | ---- | M] () -- \Záloha\Desktop\Keygen.txt
[2010/10/24 17:49:51 | 000,000,030 | ---- | M] () -- \Záloha\Desktop\škola VUT\ZPC-projekt\Keygen.txt
< *loader* /s >
[2010/03/24 19:12:34 | 000,249,680 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010/03/24 19:12:34 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012/07/19 15:50:50 | 000,001,626 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Loader.elf
[2012/07/19 15:49:36 | 000,658,592 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Loader.exe
[2010/01/15 08:15:30 | 000,000,824 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\FBUploader\FBUploader.bmp
[2010/01/15 08:14:44 | 000,003,824 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\FBUploader\FBUploader.png
[2011/09/15 10:15:32 | 000,848,896 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\FBUploader\fpv7uploader_facebook.exe
[2011/09/15 10:15:32 | 000,610,304 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\FBUploader\de\fpv7uploader_facebook.resources.dll
[2011/09/15 10:15:32 | 000,606,208 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\FBUploader\es\fpv7uploader_facebook.resources.dll
[2011/09/15 10:15:32 | 000,610,304 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\FBUploader\fr\fpv7uploader_facebook.resources.dll
[2011/09/15 10:15:32 | 000,610,304 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\FBUploader\ja\fpv7uploader_facebook.resources.dll
[2011/09/15 10:15:32 | 000,606,208 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\FBUploader\ko\fpv7uploader_facebook.resources.dll
[2011/09/15 10:15:32 | 000,606,208 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\FBUploader\zh-CHS\fpv7uploader_facebook.resources.dll
[2010/03/04 19:41:14 | 000,588,800 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\HNUploader\fpv7uploader_hnpc.exe
[2010/03/05 10:04:12 | 000,000,824 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\HNUploader\HNUploader.bmp
[2010/03/05 10:03:12 | 000,005,699 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\HNUploader\HNUploader.png
[2012/06/18 18:18:04 | 000,445,952 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\MFPUploader\mfpuploader.exe
[2012/06/14 14:33:18 | 000,002,012 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\MFPUploader\System\MFPUploader.frs
[2011/03/02 11:53:12 | 000,745,472 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\MixiUploader\mfs_mixi_uploader.exe
[2011/03/02 14:07:40 | 000,000,824 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\WMUploader\WMUploader.bmp
[2011/03/10 11:17:06 | 000,577,024 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\WMUploader\wmuploader.exe
[2011/03/02 14:08:26 | 000,004,521 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\WMUploader\WMUploader.png
[2011/03/01 09:48:32 | 000,002,054 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\WMUploader\System\WMUploader.frs
[2011/01/31 17:10:10 | 000,274,432 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\YTUploader\LDR_YTUploader.exe
[2009/11/12 09:54:26 | 000,000,824 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\YTUploader\YTUploader.bmp
[2011/09/08 10:49:42 | 000,031,232 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\YTUploader\YTUploader.dll
[2011/09/08 10:49:52 | 000,544,768 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\YTUploader\YTUploader.exe
[2011/03/02 06:42:24 | 000,000,031 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\YTUploader\YTUploader.ini
[2009/11/24 10:49:56 | 000,004,618 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\YTUploader\YTUploader.png
[2011/09/08 10:49:36 | 000,036,864 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\YTUploader\YTUploaderLib.dll
[2014/01/06 19:47:02 | 000,000,702 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_advoptions.fen
[2014/01/06 19:47:02 | 000,000,790 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_debug.fen
[2014/01/06 19:47:02 | 000,000,723 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_download.fen
[2014/01/06 19:47:02 | 000,000,694 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_file_errors.fen
[2013/02/09 02:39:28 | 000,000,934 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_main.fen
[2014/01/06 19:47:04 | 000,000,634 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_manage_devices.fen
[2014/01/06 19:47:04 | 000,002,283 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_onboard.fen
[2014/01/06 19:47:04 | 000,001,417 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_options.fen
[2014/01/06 19:47:04 | 000,001,330 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_pinwheel_72.png
[2014/01/06 19:47:04 | 000,002,541 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_pinwheel_72x2.png
[2014/01/06 19:47:04 | 000,002,109 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_prefs.fen
[2014/01/06 19:47:04 | 000,000,956 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_quota_error1.fen
[2014/01/06 19:47:04 | 000,001,080 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_quota_error2.fen
[2014/01/06 19:47:04 | 000,001,139 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_quota_error_estimate.fen
[2014/01/06 19:47:04 | 000,002,181 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_welcome.fen
[2013/10/11 13:41:40 | 000,053,602 | ---- | M] () -- \Program Files\Prezi Desktop 4\assets\export\content\loader-air-local.swf
[2013/06/19 15:59:00 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013/06/19 15:59:00 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013/06/19 15:59:00 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013/06/19 15:59:00 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013/06/19 15:59:00 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013/06/19 15:59:00 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2014/01/29 20:37:31 | 000,003,208 | ---- | M] () -- \Users\Anička\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.4_0\skin\ajax-loader.gif
[2013/06/22 19:36:18 | 000,109,448 | ---- | M] () -- \Users\Anička\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\09ZQ9YDZ\AdLoader-b3e321cab5fbc3c4ed10b513bb467bae.min[1].js
[2013/07/16 19:27:16 | 000,109,448 | ---- | M] () -- \Users\Anička\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\09ZQ9YDZ\AdLoader-b3e321cab5fbc3c4ed10b513bb467bae.min[2].js
[2013/06/22 19:36:18 | 000,001,511 | ---- | M] () -- \Users\Anička\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\09ZQ9YDZ\AdLoader[2].htm
[2014/03/10 19:17:55 | 000,001,870 | ---- | M] () -- \Users\Anička\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2RBG4A8P\AdLoader[1].htm
[2014/03/05 08:56:36 | 000,001,870 | ---- | M] () -- \Users\Anička\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7B45E77Y\AdLoader[1].htm
[2014/02/23 12:24:36 | 000,111,819 | ---- | M] () -- \Users\Anička\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CT38EJ6X\AdLoader-725aebe4743338ea770018ce780c157b.min[1].js
[2014/03/08 11:56:04 | 000,112,122 | ---- | M] () -- \Users\Anička\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QNZ8ZWS0\AdLoader-7b473315d0084c71df83cdee72aab144.min[1].js
[2013/04/19 14:10:10 | 000,002,895 | ---- | M] () -- \Users\Anička\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X8K5L5JX\rmsloaderdelayed[1].js
[2014/01/06 10:52:30 | 003,244,032 | ---- | M] () -- \Users\Anička\AppData\Local\Programs\Google\Google+ Auto Backup\gpuploader_i18n.dll
[2014/01/06 10:47:04 | 000,000,702 | ---- | M] () -- \Users\Anička\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_advoptions.fen
[2014/01/06 10:47:04 | 000,000,790 | ---- | M] () -- \Users\Anička\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_debug.fen
[2014/01/06 10:47:04 | 000,000,723 | ---- | M] () -- \Users\Anička\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_download.fen
[2014/01/06 10:47:04 | 000,000,694 | ---- | M] () -- \Users\Anička\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_file_errors.fen
[2014/01/06 10:47:06 | 000,171,541 | ---- | M] () -- \Users\Anička\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_icons.psd
[2014/01/06 10:47:06 | 000,000,634 | ---- | M] () -- \Users\Anička\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_manage_devices.fen
[2014/01/06 10:47:06 | 000,002,283 | ---- | M] () -- \Users\Anička\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_onboard.fen
[2014/01/06 10:47:06 | 000,001,417 | ---- | M] () -- \Users\Anička\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_options.fen
[2014/01/06 10:47:06 | 000,002,109 | ---- | M] () -- \Users\Anička\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_prefs.fen
[2014/01/06 10:47:06 | 000,000,956 | ---- | M] () -- \Users\Anička\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_quota_error1.fen
[2014/01/06 10:47:06 | 000,001,080 | ---- | M] () -- \Users\Anička\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_quota_error2.fen
[2014/01/06 10:47:06 | 000,001,139 | ---- | M] () -- \Users\Anička\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_quota_error_estimate.fen
[2014/01/06 10:47:06 | 000,002,181 | ---- | M] () -- \Users\Anička\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_welcome.fen
[2014/01/28 19:35:56 | 000,072,638 | ---- | M] () -- \Users\Anička\AppData\Local\Skype\Apps\login\images\loader.gif
[2014/01/28 19:35:56 | 000,003,032 | ---- | M] () -- \Users\Anička\AppData\Local\Skype\Apps\login\images\loader.png
[2014/01/28 19:35:56 | 000,006,012 | ---- | M] () -- \Users\Anička\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014/01/28 19:35:56 | 000,021,956 | ---- | M] () -- \Users\Anička\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014/01/28 19:35:56 | 000,009,772 | ---- | M] () -- \Users\Anička\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2013/05/02 20:43:56 | 000,000,753 | ---- | M] () -- \Users\Anička\AppData\Local\Temp\Temporary Internet Files\Content.IE5\C92ZDYS6\AdLoader[1].htm
[2013/04/28 19:20:05 | 000,105,903 | ---- | M] () -- \Users\Anička\AppData\Local\Temp\Temporary Internet Files\Content.IE5\K7PGX2S4\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2014/01/08 15:48:04 | 000,071,894 | R--- | M] () -- \Users\Anička\AppData\Roaming\Microsoft\Installer\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}\GPUploader.exe
[2013/11/22 14:54:49 | 000,656,443 | ---- | M] () -- \Users\Anička\Downloads\Google.Books.Downloader.v2.3.exe
[2009/07/14 13:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2012/10/04 17:40:37 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\ad7b8cfdb711865249ce6247b8e8e8d1\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\ad7b8cfdb711865249ce6247b8e8e8d1\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009/07/14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2010/11/21 02:16:08 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2010/11/21 02:16:08 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2010/11/21 02:16:08 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2010/11/20 22:31:02 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2010/11/20 22:31:02 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2010/11/20 22:31:02 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009/07/14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2010/11/21 02:15:24 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2010/11/20 22:23:54 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009/07/14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/12/04 17:00:50 | 000,072,638 | ---- | M] () -- \Záloha\All Users\Application Data\Skype\Apps\login\images\loader.gif
[2012/12/04 17:00:50 | 000,003,032 | ---- | M] () -- \Záloha\All Users\Application Data\Skype\Apps\login\images\loader.png
[2012/12/04 17:00:50 | 000,009,772 | ---- | M] () -- \Záloha\All Users\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2013/02/10 23:12:38 | 000,010,145 | ---- | M] () -- \Záloha\Application Data\Mozilla\Firefox\Profiles\b3ipyiin.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\modules\ExternalLibraryLoader.jsm
[2013/02/10 15:15:06 | 000,010,145 | ---- | M] () -- \Záloha\Application Data\Mozilla\Firefox\Profiles\b3ipyiin.default\extensions\{930f1200-f5f1-4870-bac6-e233ec8e7023}\modules\ExternalLibraryLoader.jsm
[2013/02/11 00:03:44 | 000,010,145 | ---- | M] () -- \Záloha\Application Data\Mozilla\Firefox\Profiles\b3ipyiin.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\modules\ExternalLibraryLoader.jsm
[2011/04/09 22:20:24 | 000,434,176 | ---- | M] () -- \Záloha\My Documents\Downloads\Downloader_for_SQL_Srv_2008_EE_EN.exe
[2010/12/14 12:36:18 | 000,421,888 | ---- | M] () -- \Záloha\My Documents\Downloads\Downloader_for_Visio_Professional_2007.exe
[1 \Záloha\My Documents\Downloads\*.tmp files -> \Záloha\My Documents\Downloads\*.tmp -> ]
< End of report >
OTL logfile created on: 12. 3. 2014 22:58:57 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Anička\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
2,99 Gb Total Physical Memory | 1,25 Gb Available Physical Memory | 41,91% Memory free
5,98 Gb Paging File | 3,88 Gb Available in Paging File | 64,93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 156,25 Gb Total Space | 20,03 Gb Free Space | 12,82% Space Free | Partition Type: NTFS
Drive D: | 141,83 Gb Total Space | 116,49 Gb Free Space | 82,13% Space Free | Partition Type: NTFS
Drive G: | 667,62 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: ANICKA-PC | User Name: Anička | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/03/12 22:58:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Anička\Downloads\OTL.exe
PRC - [2014/03/02 03:35:27 | 000,859,464 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014/02/28 16:25:06 | 001,171,968 | ---- | M] (Spotify Ltd) -- C:\Users\Anička\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2014/02/21 20:34:07 | 003,767,096 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/02/21 20:34:07 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/01/13 14:22:34 | 001,286,656 | ---- | M] (Megaify Software Co., Ltd.) -- C:\Program Files\DriverToolkit\DriverToolkit.exe
PRC - [2013/10/19 17:45:22 | 001,712,640 | ---- | M] () -- C:\Program Files\PenWes\Penwes.exe
PRC - [2013/10/19 14:54:24 | 001,515,008 | ---- | M] () -- C:\Program Files\PenWes\PenWesService.exe
PRC - [2013/01/27 10:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013/01/27 10:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/01/27 10:11:06 | 000,947,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/09/23 19:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/09/18 13:28:32 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\System32\NLSSRV32.EXE
PRC - [2012/09/18 13:28:28 | 000,197,128 | ---- | M] (Nitro PDF Software) -- C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe
PRC - [2011/03/31 18:19:44 | 001,646,056 | ---- | M] (Rosetta Stone Ltd.) -- C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe
PRC - [2010/11/20 22:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 22:29:19 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/03/29 19:26:00 | 000,227,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
PRC - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
========== Modules (No Company Name) ==========
MOD - [2014/03/02 03:35:25 | 000,394,568 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.146\ppgooglenaclpluginchrome.dll
MOD - [2014/03/02 03:35:24 | 013,632,840 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll
MOD - [2014/03/02 03:35:23 | 004,061,000 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.146\pdf.dll
MOD - [2014/03/02 03:35:20 | 000,716,616 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.146\libglesv2.dll
MOD - [2014/03/02 03:35:19 | 000,100,168 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.146\libegl.dll
MOD - [2014/03/02 03:35:17 | 001,647,432 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.146\ffmpegsumo.dll
MOD - [2014/03/02 03:35:15 | 000,051,016 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.146\chrome_elf.dll
MOD - [2014/02/21 20:34:12 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013/10/19 17:45:22 | 001,712,640 | ---- | M] () -- C:\Program Files\PenWes\Penwes.exe
MOD - [2013/04/09 22:55:54 | 000,093,032 | ---- | M] () -- C:\Program Files\DriverToolkit\zlibwapi.dll
MOD - [2010/01/30 01:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
========== Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Program Files\LinkSwift\bin\utilLinkSwift.exe -- (Util LinkSwift)
SRV - File not found [Auto | Stopped] -- C:\Program Files\LinkSwift\updateLinkSwift.exe -- (Update LinkSwift)
SRV - [2014/02/21 20:34:07 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/11/09 23:42:35 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013/10/19 14:54:24 | 001,515,008 | ---- | M] () [Auto | Running] -- C:\Program Files\PenWes\PenWesService.exe -- (PenWesController)
SRV - [2013/07/25 09:40:44 | 000,162,672 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/01/27 10:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/01/27 10:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/09/23 19:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/09/18 13:28:32 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\System32\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2012/09/18 13:28:28 | 000,197,128 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe -- (NitroDriverReadSpool8)
SRV - [2011/03/31 18:19:44 | 001,646,056 | ---- | M] (Rosetta Stone Ltd.) [Auto | Running] -- C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe -- (RosettaStoneDaemon)
SRV - [2010/03/25 09:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\chyceozj.sys -- (chyceozj)
DRV - [2014/02/21 20:34:15 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014/02/21 20:34:15 | 000,410,784 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2014/02/21 20:34:15 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/02/21 20:34:15 | 000,064,168 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\aswStm.sys -- (aswStm)
DRV - [2014/02/21 20:34:14 | 000,079,720 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2014/02/21 20:34:14 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014/02/21 20:34:14 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/04/19 14:38:10 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2013/01/20 14:59:04 | 000,100,328 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2010/11/20 22:29:34 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 22:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 22:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - [2010/11/20 22:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2010/11/20 22:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010/11/20 22:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 22:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 22:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010/11/20 22:29:03 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV - [2010/11/20 22:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 22:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/13 23:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/13 23:02:52 | 000,043,008 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2009/07/13 23:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?publisher=Snapd ... 22/11/2013
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?publisher=Snapd ... 22/11/2013
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://feed.snapdo.com/?publisher=Snapd ... 22/11/2013
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 10 40 E6 2C FF 3C CE 01 [binary data]
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?publisher=Snapd ... 22/11/2013
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?publisher=Snapd ... 22/11/2013
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... VI_csIT563
IE - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://feed.snapdo.com/?publisher=Snapd ... 22/11/2013"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - prefs.js..keyword.URL: "http://feed.snapdo.com/?publisher=Snapd ... 11/2013&q="
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/03/12 18:31:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2013/04/28 19:27:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anička\AppData\Roaming\Mozilla\Extensions
[2014/02/14 10:50:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anička\AppData\Roaming\Mozilla\Firefox\Profiles\dz1i4fbk.default\Extensions
[2014/02/14 10:50:28 | 000,940,775 | ---- | M] () (No name found) -- C:\Users\Anička\AppData\Roaming\Mozilla\Firefox\Profiles\dz1i4fbk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/03/10 19:13:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/02/15 10:28:17 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://feed.snapdo.com/?publisher=Snapd ... 22/11/2013
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\33.0.1750.146\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - Extension: Dokumenty Google = C:\Users\Anička\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Users\Anička\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Anička\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Anička\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.4_0\
CHR - Extension: H013Eada0165 v Google = C:\Users\Anička\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Users\Anička\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2013.75_0\
CHR - Extension: PeĹaĹľenka Google = C:\Users\Anička\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Anička\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-773910472-3044729245-3086565107-1000\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-773910472-3044729245-3086565107-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-773910472-3044729245-3086565107-1000..\Run: [Spotify] C:\Users\Anička\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-773910472-3044729245-3086565107-1000..\Run: [Spotify Web Helper] C:\Users\Anička\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Anička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 147.229.190.143 147.229.191.143
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5EE36BB7-909A-46BF-9F9E-7AD7E2EA98E7}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F558F88A-ADAF-42A1-AF02-232A0B94FC1F}: DhcpNameServer = 147.229.190.143 147.229.191.143
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F558F88A-ADAF-42A1-AF02-232A0B94FC1F}: NameServer = 127.0.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012/09/18 21:57:25 | 000,000,175 | R--- | M] () - G:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{bf8da687-a8f1-11e2-ac19-00248cb40fda}\Shell - "" = AutoRun
O33 - MountPoints2\{bf8da687-a8f1-11e2-ac19-00248cb40fda}\Shell\AutoRun\command - "" = G:\setup.exe -- [2012/11/10 19:16:50 | 000,207,448 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{bf8da687-a8f1-11e2-ac19-00248cb40fda}\Shell\configure\command - "" = G:\setup.exe -- [2012/11/10 19:16:50 | 000,207,448 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{bf8da687-a8f1-11e2-ac19-00248cb40fda}\Shell\install\command - "" = G:\setup.exe -- [2012/11/10 19:16:50 | 000,207,448 | R--- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014/03/10 19:17:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014/03/10 19:16:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2014/03/10 19:16:57 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2014/03/07 15:28:00 | 000,000,000 | ---D | C] -- C:\Users\Anička\AppData\Local\Skype
[2014/03/07 15:11:52 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1991-06.com.microsoft
[2014/03/03 23:16:24 | 000,000,000 | ---D | C] -- C:\Users\Anička\JobChallenge2014
[2014/03/03 17:29:44 | 000,000,000 | ---D | C] -- C:\Users\Anička\KB
[2014/03/02 14:53:37 | 000,000,000 | ---D | C] -- C:\Users\Anička\.picasaoriginals
[2014/02/28 16:25:24 | 000,000,000 | ---D | C] -- C:\Users\Anička\AppData\Local\Spotify
[2014/02/28 16:24:47 | 000,000,000 | ---D | C] -- C:\Users\Anička\AppData\Roaming\Spotify
[2014/02/28 00:36:54 | 000,000,000 | ---D | C] -- C:\Users\Anička\rf bakalarka
[2014/02/28 00:05:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2014/02/28 00:05:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2014/02/24 12:22:01 | 000,000,000 | ---D | C] -- C:\Users\Anička\AppData\Local\DriverToolkit
[2014/02/24 12:21:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
[2014/02/24 12:21:54 | 000,000,000 | ---D | C] -- C:\Program Files\DriverToolkit
[2014/02/24 12:20:56 | 002,243,616 | ---- | C] (Megaify Software ) -- C:\Users\Anička\Documents\driver_setup.exe
[2014/02/22 14:41:03 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014/02/21 21:26:56 | 000,000,000 | ---D | C] -- C:\Users\Anička\AppData\Roaming\AVAST Software
[2014/02/21 20:35:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/02/21 20:34:40 | 000,064,168 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswStm.sys
[2014/02/21 20:34:38 | 000,775,952 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014/02/21 20:34:37 | 000,410,784 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014/02/21 20:34:34 | 000,067,824 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/02/21 20:34:32 | 000,079,720 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014/02/21 20:34:24 | 000,270,240 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/02/21 20:34:13 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/02/21 20:33:17 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/02/21 20:29:44 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/02/16 18:42:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014/02/16 18:42:24 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/02/16 18:42:15 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/02/15 10:27:27 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/02/15 10:17:21 | 000,000,000 | -H-D | C] -- C:\Users\Anička\Corel Auto-Preserve
[2014/02/14 11:10:23 | 000,000,000 | ---D | C] -- C:\Users\Anička\AppData\Local\e-academy Inc
[2014/02/13 22:57:43 | 000,000,000 | ---D | C] -- C:\Users\Anička\synergic
[2014/02/13 16:22:20 | 000,000,000 | ---D | C] -- C:\Users\Anička\parfums
========== Files - Modified Within 30 Days ==========
[2014/03/12 23:01:46 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/03/12 23:00:00 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/03/12 22:59:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/03/12 21:49:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/03/12 19:03:40 | 000,154,024 | ---- | M] () -- C:\Users\Anička\stanko - bus.pdf
[2014/03/12 19:03:37 | 000,021,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/03/12 19:03:37 | 000,021,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/03/12 18:56:09 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\DriverToolkit Autorun.job
[2014/03/12 18:55:36 | 2409,029,632 | -HS- | M] () -- C:\hiberfil.sys
[2014/03/12 18:34:05 | 000,002,047 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/03/12 18:29:45 | 000,000,374 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2014/03/12 18:29:31 | 000,412,632 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/03/11 23:04:52 | 000,281,488 | ---- | M] () -- C:\Users\Anička\sdeckami.jpg
[2014/03/11 23:03:34 | 000,310,690 | ---- | M] () -- C:\Users\Anička\spalimavitom.jpg
[2014/03/11 23:03:23 | 000,300,192 | ---- | M] () -- C:\Users\Anička\2014-03-11 22.47.02.jpg
[2014/03/11 22:58:57 | 000,682,179 | ---- | M] () -- C:\Users\Anička\Desktop\2014-03-11 22.47.02.jpg
[2014/03/10 20:15:26 | 000,178,978 | ---- | M] () -- C:\Users\Anička\Anna_Kruljacová_CV_SK.pdf
[2014/03/10 20:14:36 | 000,130,304 | ---- | M] () -- C:\Users\Anička\Anna_Kruljacová_motivačný.pdf
[2014/03/10 19:17:00 | 000,002,511 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/03/10 13:53:57 | 000,623,144 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2014/03/10 13:53:57 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/03/10 13:53:57 | 000,121,788 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2014/03/10 13:53:57 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/03/08 23:57:57 | 000,002,024 | -H-- | M] () -- C:\Users\Anička\Documents\Default.rdp
[2014/03/08 00:01:43 | 000,002,141 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/03/07 23:36:33 | 000,207,792 | ---- | M] () -- C:\Users\Anička\1939745_10201750152021123_309158559_o12.jpg
[2014/03/07 23:36:10 | 000,001,794 | -H-- | M] () -- C:\Users\Anička\.picasa.ini
[2014/03/07 23:35:34 | 000,259,874 | ---- | M] () -- C:\Users\Anička\1939745_10201750152021123_309158559_o.jpg
[2014/03/07 22:59:45 | 000,016,631 | ---- | M] () -- C:\Users\Anička\anička12.jpg
[2014/03/02 23:45:10 | 001,677,920 | ---- | M] () -- C:\Users\Anička\20140228_211821.jpg
[2014/03/02 23:24:30 | 001,238,226 | ---- | M] () -- C:\Users\Anička\20140228_222130.jpg
[2014/03/02 23:16:09 | 000,053,446 | ---- | M] () -- C:\Users\Anička\sosassiikk.jpg
[2014/03/02 23:14:03 | 000,340,377 | ---- | M] () -- C:\Users\Anička\sassiik.jpg
[2014/03/02 23:06:38 | 001,524,203 | ---- | M] () -- C:\Users\Anička\20140228_211602.jpg
[2014/03/02 23:05:11 | 000,492,019 | ---- | M] () -- C:\Users\Anička\20140228_2211531.jpg
[2014/03/02 23:04:44 | 000,319,537 | ---- | M] () -- C:\Users\Anička\20140228_211757.jpg
[2014/03/02 23:01:27 | 000,059,076 | ---- | M] () -- C:\Users\Anička\1896808_10203413038991256_1778048025_n.jpg
[2014/03/02 22:56:35 | 000,042,101 | ---- | M] () -- C:\Users\Anička\unnamed (1).jpg
[2014/03/02 22:56:25 | 000,035,161 | ---- | M] () -- C:\Users\Anička\unnamed.jpg
[2014/03/02 14:53:38 | 000,453,811 | ---- | M] () -- C:\Users\Anička\DSC_28022014.jpg
[2014/03/01 14:09:54 | 000,858,119 | ---- | M] () -- C:\Users\Anička\sasiiik.jpg
[2014/03/01 13:47:15 | 000,365,307 | ---- | M] () -- C:\Users\Anička\zlaticka.jpg
[2014/03/01 13:45:24 | 000,361,139 | ---- | M] () -- C:\Users\Anička\20140228_211647.jpg
[2014/03/01 13:36:22 | 001,514,263 | ---- | M] () -- C:\Users\Anička\sasuliacicek.jpg
[2014/03/01 11:25:41 | 000,065,033 | ---- | M] () -- C:\Users\Anička\MjAxMy05OWUyYmY4NDlmMGE1YzQ0.png
[2014/02/28 16:25:22 | 000,001,811 | ---- | M] () -- C:\Users\Anička\Desktop\Spotify.lnk
[2014/02/28 10:47:47 | 000,109,031 | ---- | M] () -- C:\Users\Anička\anička listok.pdf
[2014/02/28 10:46:47 | 000,109,335 | ---- | M] () -- C:\Users\Anička\verča listok.pdf
[2014/02/24 23:27:26 | 000,023,460 | ---- | M] () -- C:\Users\Anička\discojpg_132742403717026.jpg
[2014/02/24 12:26:08 | 003,495,331 | ---- | M] () -- C:\Users\Anička\Documents\CMOS_Camera_D-Max_GD-5A35A_VT_071213.zip
[2014/02/24 12:25:41 | 000,632,152 | ---- | M] () -- C:\Users\Anička\Documents\DriverGuide_Driver_Download_1228356.exe
[2014/02/24 12:21:57 | 000,001,025 | ---- | M] () -- C:\Users\Public\Desktop\DriverToolkit.lnk
[2014/02/24 12:21:16 | 002,243,616 | ---- | M] (Megaify Software ) -- C:\Users\Anička\Documents\driver_setup.exe
[2014/02/24 11:06:36 | 000,202,363 | ---- | M] () -- C:\Users\Anička\potvrdenie_o_studiu13_14.pdf
[2014/02/23 09:49:53 | 000,293,769 | ---- | M] () -- C:\Users\Anička\malovanie win 7.jpg
[2014/02/21 20:34:15 | 000,775,952 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014/02/21 20:34:15 | 000,410,784 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014/02/21 20:34:15 | 000,180,248 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/02/21 20:34:15 | 000,064,168 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswStm.sys
[2014/02/21 20:34:14 | 000,079,720 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014/02/21 20:34:14 | 000,067,824 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/02/21 20:34:14 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/02/21 20:34:13 | 000,270,240 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/02/21 20:34:13 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/02/21 08:58:30 | 214,581,629 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/02/19 03:28:18 | 000,001,270 | ---- | M] () -- C:\Users\Anička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
[2014/02/18 15:45:18 | 000,119,308 | ---- | M] () -- C:\Users\Anička\Desktop\CHECK-OUT SELF-CERTIFICATION.pdf
[2014/02/18 11:37:28 | 000,061,190 | ---- | M] () -- C:\Users\Anička\Audi-4-rings-604x272.jpg
[2014/02/16 19:51:42 | 000,081,474 | ---- | M] () -- C:\Users\Anička\IMG-20140215-WA0000.jpg
[2014/02/15 12:07:26 | 000,059,699 | ---- | M] () -- C:\Users\Anička\sasiicek.jpg
[2014/02/15 12:05:03 | 000,056,938 | ---- | M] () -- C:\Users\Anička\sasicek.jpg
[2014/02/15 10:21:44 | 000,080,069 | ---- | M] () -- C:\Users\Anička\livinka.jpg
[2014/02/15 10:19:04 | 000,075,665 | ---- | M] () -- C:\Users\Anička\slivicek.jpg
[2014/02/15 10:17:21 | 000,081,148 | ---- | M] () -- C:\Users\Anička\slivik.jpg
[2014/02/15 10:12:03 | 000,149,965 | ---- | M] () -- C:\Users\Anička\sosasicek.jpg
[2014/02/14 11:10:24 | 000,003,147 | ---- | M] () -- C:\Users\Anička\Desktop\Shortcut to SecureDownloadManager.exe.lnk
[2014/02/12 12:44:29 | 000,305,994 | ---- | M] () -- C:\Users\Anička\kruljac_stanislav_potvrdenie_o_navsteve_skoly.jpg
[2014/02/11 22:02:07 | 000,046,224 | ---- | M] () -- C:\Users\Anička\bitcoin.JPG
[2014/02/11 18:41:43 | 000,065,968 | ---- | M] () -- C:\Users\Anička\ČSOB InternetBanking 24-faktura za december.pdf
[2014/02/11 11:06:20 | 000,038,922 | ---- | M] () -- C:\Users\Anička\jedalniček.JPG
========== Files Created - No Company Name ==========
[2014/03/12 19:03:40 | 000,154,024 | ---- | C] () -- C:\Users\Anička\stanko - bus.pdf
[2014/03/11 23:04:51 | 000,281,488 | ---- | C] () -- C:\Users\Anička\sdeckami.jpg
[2014/03/11 23:03:34 | 000,310,690 | ---- | C] () -- C:\Users\Anička\spalimavitom.jpg
[2014/03/11 23:03:23 | 000,300,192 | ---- | C] () -- C:\Users\Anička\2014-03-11 22.47.02.jpg
[2014/03/11 22:58:55 | 000,682,179 | ---- | C] () -- C:\Users\Anička\Desktop\2014-03-11 22.47.02.jpg
[2014/03/10 20:14:31 | 000,130,304 | ---- | C] () -- C:\Users\Anička\Anna_Kruljacová_motivačný.pdf
[2014/03/10 19:17:00 | 000,002,511 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/03/08 20:18:57 | 000,002,024 | -H-- | C] () -- C:\Users\Anička\Documents\Default.rdp
[2014/03/07 23:36:33 | 000,207,792 | ---- | C] () -- C:\Users\Anička\1939745_10201750152021123_309158559_o12.jpg
[2014/03/07 23:35:34 | 000,259,874 | ---- | C] () -- C:\Users\Anička\1939745_10201750152021123_309158559_o.jpg
[2014/03/07 22:59:45 | 000,016,631 | ---- | C] () -- C:\Users\Anička\anička12.jpg
[2014/03/07 15:38:37 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/03/02 23:45:09 | 001,677,920 | ---- | C] () -- C:\Users\Anička\20140228_211821.jpg
[2014/03/02 23:24:28 | 001,238,226 | ---- | C] () -- C:\Users\Anička\20140228_222130.jpg
[2014/03/02 23:16:09 | 000,053,446 | ---- | C] () -- C:\Users\Anička\sosassiikk.jpg
[2014/03/02 23:14:03 | 000,340,377 | ---- | C] () -- C:\Users\Anička\sassiik.jpg
[2014/03/02 23:06:37 | 001,524,203 | ---- | C] () -- C:\Users\Anička\20140228_211602.jpg
[2014/03/02 23:05:11 | 000,492,019 | ---- | C] () -- C:\Users\Anička\20140228_2211531.jpg
[2014/03/02 23:04:44 | 000,319,537 | ---- | C] () -- C:\Users\Anička\20140228_211757.jpg
[2014/03/02 23:01:27 | 000,059,076 | ---- | C] () -- C:\Users\Anička\1896808_10203413038991256_1778048025_n.jpg
[2014/03/02 22:56:33 | 000,042,101 | ---- | C] () -- C:\Users\Anička\unnamed (1).jpg
[2014/03/02 22:56:25 | 000,035,161 | ---- | C] () -- C:\Users\Anička\unnamed.jpg
[2014/03/02 21:39:07 | 839,469,841 | ---- | C] () -- C:\Users\Anička\Silver.Linings.Playbook.2012.720p.x264.YIFY.mp4
[2014/03/02 14:53:38 | 000,453,811 | ---- | C] () -- C:\Users\Anička\DSC_28022014.jpg
[2014/03/01 14:09:54 | 000,858,119 | ---- | C] () -- C:\Users\Anička\sasiiik.jpg
[2014/03/01 13:47:13 | 000,365,307 | ---- | C] () -- C:\Users\Anička\zlaticka.jpg
[2014/03/01 13:45:24 | 000,361,139 | ---- | C] () -- C:\Users\Anička\20140228_211647.jpg
[2014/03/01 13:36:22 | 001,514,263 | ---- | C] () -- C:\Users\Anička\sasuliacicek.jpg
[2014/03/01 11:25:40 | 000,065,033 | ---- | C] () -- C:\Users\Anička\MjAxMy05OWUyYmY4NDlmMGE1YzQ0.png
[2014/02/28 16:25:22 | 000,001,811 | ---- | C] () -- C:\Users\Anička\Desktop\Spotify.lnk
[2014/02/28 16:25:22 | 000,001,797 | ---- | C] () -- C:\Users\Anička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2014/02/28 10:47:47 | 000,109,031 | ---- | C] () -- C:\Users\Anička\anička listok.pdf
[2014/02/28 10:46:47 | 000,109,335 | ---- | C] () -- C:\Users\Anička\verča listok.pdf
[2014/02/24 23:27:21 | 000,023,460 | ---- | C] () -- C:\Users\Anička\discojpg_132742403717026.jpg
[2014/02/24 12:26:32 | 000,000,348 | ---- | C] () -- C:\Windows\tasks\DriverToolkit Autorun.job
[2014/02/24 12:26:08 | 003,495,331 | ---- | C] () -- C:\Users\Anička\Documents\CMOS_Camera_D-Max_GD-5A35A_VT_071213.zip
[2014/02/24 12:25:31 | 000,632,152 | ---- | C] () -- C:\Users\Anička\Documents\DriverGuide_Driver_Download_1228356.exe
[2014/02/24 12:21:57 | 000,001,025 | ---- | C] () -- C:\Users\Public\Desktop\DriverToolkit.lnk
[2014/02/24 11:06:35 | 000,202,363 | ---- | C] () -- C:\Users\Anička\potvrdenie_o_studiu13_14.pdf
[2014/02/23 09:49:53 | 000,293,769 | ---- | C] () -- C:\Users\Anička\malovanie win 7.jpg
[2014/02/21 20:35:12 | 000,002,047 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/02/21 20:34:39 | 000,180,248 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/02/21 20:34:36 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/02/18 15:45:18 | 000,119,308 | ---- | C] () -- C:\Users\Anička\Desktop\CHECK-OUT SELF-CERTIFICATION.pdf
[2014/02/18 11:37:28 | 000,061,190 | ---- | C] () -- C:\Users\Anička\Audi-4-rings-604x272.jpg
[2014/02/16 19:51:42 | 000,081,474 | ---- | C] () -- C:\Users\Anička\IMG-20140215-WA0000.jpg
[2014/02/15 12:07:26 | 000,059,699 | ---- | C] () -- C:\Users\Anička\sasiicek.jpg
[2014/02/15 12:05:03 | 000,056,938 | ---- | C] () -- C:\Users\Anička\sasicek.jpg
[2014/02/15 10:21:43 | 000,080,069 | ---- | C] () -- C:\Users\Anička\livinka.jpg
[2014/02/15 10:19:03 | 000,075,665 | ---- | C] () -- C:\Users\Anička\slivicek.jpg
[2014/02/15 10:12:03 | 000,149,965 | ---- | C] () -- C:\Users\Anička\sosasicek.jpg
[2014/02/15 10:10:25 | 000,081,148 | ---- | C] () -- C:\Users\Anička\slivik.jpg
[2014/02/12 12:44:29 | 000,305,994 | ---- | C] () -- C:\Users\Anička\kruljac_stanislav_potvrdenie_o_navsteve_skoly.jpg
[2014/02/11 22:02:06 | 000,046,224 | ---- | C] () -- C:\Users\Anička\bitcoin.JPG
[2014/02/11 18:41:43 | 000,065,968 | ---- | C] () -- C:\Users\Anička\ČSOB InternetBanking 24-faktura za december.pdf
[2014/02/11 11:06:20 | 000,038,922 | ---- | C] () -- C:\Users\Anička\jedalniček.JPG
[2014/02/10 12:51:48 | 000,173,553 | ---- | C] () -- C:\Users\Anička\Anna_Kruljacová_CV_EN.pdf
[2014/02/10 12:21:17 | 000,178,978 | ---- | C] () -- C:\Users\Anička\Anna_Kruljacová_CV_SK.pdf
[2014/02/08 05:05:34 | 000,755,499 | ---- | C] () -- C:\Users\Anička\DSC_03461.jpg
[2014/02/08 05:03:11 | 001,298,440 | ---- | C] () -- C:\Users\Anička\DSC_0346.jpg
[2014/02/03 09:38:10 | 000,176,858 | ---- | C] () -- C:\Users\Anička\Anna_Kruljacová_CV.pdf
[2014/02/01 17:53:45 | 000,013,092 | ---- | C] () -- C:\Users\Anička\anicka_fotka.jpg
[2014/02/01 17:53:00 | 000,015,480 | ---- | C] () -- C:\Users\Anička\anička.jpg
[2014/02/01 12:40:16 | 000,077,143 | ---- | C] () -- C:\Users\Anička\anička_rozvrh.JPG
[2014/01/30 15:53:02 | 000,095,498 | ---- | C] () -- C:\Users\Anička\rozvrh LV.jpg
[2014/01/26 02:04:42 | 000,300,727 | ---- | C] () -- C:\Users\Anička\IMG_16032012_213327.png
[2014/01/08 16:12:36 | 000,173,744 | ---- | C] () -- C:\Users\Anička\creeta2.jpg
[2014/01/08 16:08:31 | 000,180,213 | ---- | C] () -- C:\Users\Anička\creeta.jpg
[2014/01/08 16:07:45 | 000,164,618 | ---- | C] () -- C:\Users\Anička\creta.jpg
[2013/12/15 11:54:56 | 000,001,794 | -H-- | C] () -- C:\Users\Anička\.picasa.ini
[2013/11/09 19:04:02 | 000,007,680 | ---- | C] () -- C:\Users\Anička\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/04/19 15:17:04 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2013/04/19 15:04:14 | 000,416,522 | ---- | C] () -- C:\Windows\AutoKMS.exe
========== ZeroAccess Check ==========
[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/11/20 22:29:11 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2014/02/21 21:26:56 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\AVAST Software
[2013/11/18 16:06:46 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Canon
[2013/11/10 21:09:30 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\com.prezi.PreziDesktop
[2013/04/19 14:39:50 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\DAEMON Tools Lite
[2013/11/10 01:29:02 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Dextronet
[2013/04/28 10:36:23 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Downloaded Installations
[2013/05/10 14:31:35 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\e-academy Inc
[2013/04/28 10:53:58 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\FileOpen
[2013/09/21 18:30:07 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\FUJIFILM
[2014/01/08 15:31:32 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\IsolatedStorage
[2014/01/13 00:29:57 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Nitro
[2014/03/08 20:19:54 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Nitro PDF
[2014/01/08 22:33:47 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Solvusoft
[2014/03/12 18:59:33 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Spotify
[2013/11/07 22:10:30 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Ulead Systems
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009/07/14 05:53:46 | 000,032,252 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU(32).TXT
[2009/07/14 05:53:46 | 000,032,588 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/07/14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2013/04/19 14:10:41 | 000,000,920 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013/04/19 14:10:42 | 000,000,924 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2014/02/24 12:26:32 | 000,000,348 | ---- | C] () -- C:\Windows\Tasks\DriverToolkit Autorun.job
< >
< MD5 for: ATAPI.SYS >
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010/11/20 22:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010/11/20 22:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010/11/20 22:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010/11/20 22:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010/11/20 22:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2010/11/20 22:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\explorer.exe
[2010/11/20 22:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
< MD5 for: HAL.DLL >
[2010/11/20 22:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010/11/20 22:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
< MD5 for: SCECLI.DLL >
[2010/11/20 22:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010/11/20 22:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: SERVICES.EXE >
[2009/07/14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009/07/14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
< MD5 for: TCPIP.SYS >
[2011/04/25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\SoftwareDistribution\Download\919003e3012e674674fc2a83c2329826\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2010/11/20 22:29:20 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\System32\drivers\tcpip.sys
[2010/11/20 22:29:20 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2013/01/04 05:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\SoftwareDistribution\Download\23d7661dc2a73222aa66aa721bf7026c\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2011/04/25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\SoftwareDistribution\Download\919003e3012e674674fc2a83c2329826\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013/01/03 06:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\SoftwareDistribution\Download\23d7661dc2a73222aa66aa721bf7026c\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010/11/20 22:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 22:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010/11/20 22:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 22:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
< >
< %systemroot%*.* /U /s >
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[61 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\02fe105b022dcdca24c3ad324b184e62\*.tmp files -> C:\Windows\SoftwareDistribution\Download\02fe105b022dcdca24c3ad324b184e62\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\2b1c4a4bebe8035f633e69533afa1ff3\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2b1c4a4bebe8035f633e69533afa1ff3\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\2bc60671863c6bf061e8a3312abe5b33\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2bc60671863c6bf061e8a3312abe5b33\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\36f271032037145dc366a57ee27ed070\*.tmp files -> C:\Windows\SoftwareDistribution\Download\36f271032037145dc366a57ee27ed070\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\622e294d53dbab40e6a37cda97b199d7\*.tmp files -> C:\Windows\SoftwareDistribution\Download\622e294d53dbab40e6a37cda97b199d7\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\789964dc09c1e02ed5d01e6a0a200879\*.tmp files -> C:\Windows\SoftwareDistribution\Download\789964dc09c1e02ed5d01e6a0a200879\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\79503a7502d1ed9c9a2120e88c7c6964\*.tmp files -> C:\Windows\SoftwareDistribution\Download\79503a7502d1ed9c9a2120e88c7c6964\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\7e447a3f1c4c7a5679cd9cc1c4d6b4b7\*.tmp files -> C:\Windows\SoftwareDistribution\Download\7e447a3f1c4c7a5679cd9cc1c4d6b4b7\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\80a01a9b4f7e328462d22e9cbd9a9210\*.tmp files -> C:\Windows\SoftwareDistribution\Download\80a01a9b4f7e328462d22e9cbd9a9210\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\8a45649f9a29a8940a3f73f1d11a3ec2\*.tmp files -> C:\Windows\SoftwareDistribution\Download\8a45649f9a29a8940a3f73f1d11a3ec2\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\9b7d1c92e3e02e6697f0b60618ca2eb2\*.tmp files -> C:\Windows\SoftwareDistribution\Download\9b7d1c92e3e02e6697f0b60618ca2eb2\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\ac7f3d35f0010fadf6b42bf6b3bedade\*.tmp files -> C:\Windows\SoftwareDistribution\Download\ac7f3d35f0010fadf6b42bf6b3bedade\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\aef66cef979109455449e967a6d1fa1d\*.tmp files -> C:\Windows\SoftwareDistribution\Download\aef66cef979109455449e967a6d1fa1d\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\af08f22acbdb110f5731890c49a1efe0\*.tmp files -> C:\Windows\SoftwareDistribution\Download\af08f22acbdb110f5731890c49a1efe0\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\f17d03c25482724b4c57d8ee350f642e\*.tmp files -> C:\Windows\SoftwareDistribution\Download\f17d03c25482724b4c57d8ee350f642e\*.tmp -> ]
[21 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2013/11/23 13:12:38 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Adobe
[2014/02/21 21:26:56 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\AVAST Software
[2013/11/18 16:06:46 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Canon
[2013/11/10 21:09:30 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\com.prezi.PreziDesktop
[2013/05/29 09:14:59 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Corel
[2013/04/19 14:39:50 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\DAEMON Tools Lite
[2013/11/10 01:29:02 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Dextronet
[2013/04/28 10:36:23 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Downloaded Installations
[2013/05/10 14:31:35 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\e-academy Inc
[2013/04/28 10:53:58 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\FileOpen
[2013/09/21 18:30:07 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\FUJIFILM
[2013/04/19 14:05:39 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Identities
[2014/01/08 15:31:32 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\IsolatedStorage
[2013/11/09 23:38:43 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Macromedia
[2010/11/21 02:24:45 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Media Center Programs
[2014/03/08 18:46:38 | 000,000,000 | --SD | M] -- C:\Users\Anička\AppData\Roaming\Microsoft
[2013/04/28 19:27:11 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Mozilla
[2014/01/13 00:29:57 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Nitro
[2014/03/08 20:19:54 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Nitro PDF
[2014/03/12 18:54:11 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Skype
[2014/01/08 22:33:47 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Solvusoft
[2014/03/12 18:59:33 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Spotify
[2013/11/07 22:10:30 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\Ulead Systems
[2014/03/12 18:54:11 | 000,000,000 | ---D | M] -- C:\Users\Anička\AppData\Roaming\vlc
< %APPDATA%\*.exe /s >
[2013/05/10 14:31:36 | 000,009,662 | R--- | M] () -- C:\Users\Anička\AppData\Roaming\Microsoft\Installer\{4A5667B2-5D13-46C2-85B5-9D46A6096F61}\_853F67D554F05449430E7E.exe
[2014/01/08 15:48:04 | 000,071,894 | R--- | M] () -- C:\Users\Anička\AppData\Roaming\Microsoft\Installer\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}\GPUploader.exe
[2014/02/14 11:10:24 | 000,009,662 | R--- | M] () -- C:\Users\Anička\AppData\Roaming\Microsoft\Installer\{E040B65B-8683-4228-8C33-D44A141E40EA}\_112D608FD02CD87FDC7735.exe
[2014/02/14 11:10:24 | 000,009,662 | R--- | M] () -- C:\Users\Anička\AppData\Roaming\Microsoft\Installer\{E040B65B-8683-4228-8C33-D44A141E40EA}\_80D807FC3A72E5B428F1ED.exe
[2014/02/14 11:10:24 | 000,009,662 | R--- | M] () -- C:\Users\Anička\AppData\Roaming\Microsoft\Installer\{E040B65B-8683-4228-8C33-D44A141E40EA}\_853F67D554F05449430E7E.exe
[2014/02/28 16:25:22 | 006,118,400 | ---- | M] (Spotify Ltd) -- C:\Users\Anička\AppData\Roaming\Spotify\spotify.exe
[2014/02/28 16:25:08 | 000,062,464 | ---- | M] (Spotify Ltd) -- C:\Users\Anička\AppData\Roaming\Spotify\SpotifyLauncher.exe
[2014/02/28 16:25:05 | 000,603,648 | ---- | M] () -- C:\Users\Anička\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
[2014/02/28 16:25:06 | 001,171,968 | ---- | M] (Spotify Ltd) -- C:\Users\Anička\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2014/03/12 18:56:09 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\DriverToolkit Autorun.job
[2014/03/12 22:59:00 | 000,000,920 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014/03/12 23:00:00 | 000,000,924 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2014/03/12 19:03:37 | 000,021,072 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/03/12 19:03:37 | 000,021,072 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/03/12 18:29:31 | 000,412,632 | ---- | M] () -- C:\Windows\system32\FNTCACHE.DAT
[2014/03/10 13:53:57 | 000,121,788 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2014/03/10 13:53:57 | 000,106,388 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2014/03/10 13:53:57 | 000,623,144 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2014/03/10 13:53:57 | 000,616,008 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2014/03/10 13:53:57 | 001,470,062 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2013/03/14 09:23:30 | 003,672,640 | ---- | M] (Disc Soft Ltd)
"Spotify" = "C:\Users\Anička\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart -- [2014/02/28 16:25:22 | 006,118,400 | ---- | M] (Spotify Ltd)
"Spotify Web Helper" = "C:\Users\Anička\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" -- [2014/02/28 16:25:06 | 001,171,968 | ---- | M] (Spotify Ltd)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2014/02/15 10:28:16 | 000,275,568 | ---- | M] (Mozilla Corporation) MD5=D9184C5FF3FD526761D518A95ABA74A3 -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2010/11/20 22:29:33 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2014/03/02 03:35:27 | 000,859,464 | ---- | M] (Google Inc.) MD5=026C4CA19FAE1F84894A99735B15AACA -- C:\Program Files\Google\Chrome\Application\chrome.exe
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014/03/12 23:01:46 | 000,000,512 | ---- | M] () MD5=68BDE62B4264310D0E7EA76409D5A866 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2010/08/18 10:56:05 | 000,000,000 | ---- | M] () -- \Záloha\Application Data\Mozilla\Firefox\Profiles\b3ipyiin.default\CT2405280\feed\http___crackle_com_rss_media_sxsw_featured_rss_history.xml
[2010/08/18 10:56:05 | 000,000,000 | ---- | M] () -- \Záloha\Application Data\Mozilla\Firefox\Profiles\b3ipyiin.default\CT2405280\feed\http___crackle_com_rss_media_sxsw_featured_rss_structured.xml
< *keygen* /s >
[2012/09/23 09:19:18 | 000,636,928 | ---- | M] () -- \Users\Anička\AppData\Local\Temp\7zOBC30.tmp\keygen_np8.exe
[2014/03/12 18:57:43 | 000,071,812 | ---- | M] () -- \Windows\Prefetch\KEYGEN.EXE-8569740F.pf
[2011/05/07 13:46:19 | 000,000,030 | ---- | M] () -- \Záloha\Desktop\Keygen.txt
[2010/10/24 17:49:51 | 000,000,030 | ---- | M] () -- \Záloha\Desktop\škola VUT\ZPC-projekt\Keygen.txt
< *loader* /s >
[2010/03/24 19:12:34 | 000,249,680 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010/03/24 19:12:34 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012/07/19 15:50:50 | 000,001,626 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Loader.elf
[2012/07/19 15:49:36 | 000,658,592 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Loader.exe
[2010/01/15 08:15:30 | 000,000,824 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\FBUploader\FBUploader.bmp
[2010/01/15 08:14:44 | 000,003,824 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\FBUploader\FBUploader.png
[2011/09/15 10:15:32 | 000,848,896 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\FBUploader\fpv7uploader_facebook.exe
[2011/09/15 10:15:32 | 000,610,304 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\FBUploader\de\fpv7uploader_facebook.resources.dll
[2011/09/15 10:15:32 | 000,606,208 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\FBUploader\es\fpv7uploader_facebook.resources.dll
[2011/09/15 10:15:32 | 000,610,304 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\FBUploader\fr\fpv7uploader_facebook.resources.dll
[2011/09/15 10:15:32 | 000,610,304 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\FBUploader\ja\fpv7uploader_facebook.resources.dll
[2011/09/15 10:15:32 | 000,606,208 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\FBUploader\ko\fpv7uploader_facebook.resources.dll
[2011/09/15 10:15:32 | 000,606,208 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\FBUploader\zh-CHS\fpv7uploader_facebook.resources.dll
[2010/03/04 19:41:14 | 000,588,800 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\HNUploader\fpv7uploader_hnpc.exe
[2010/03/05 10:04:12 | 000,000,824 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\HNUploader\HNUploader.bmp
[2010/03/05 10:03:12 | 000,005,699 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\HNUploader\HNUploader.png
[2012/06/18 18:18:04 | 000,445,952 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\MFPUploader\mfpuploader.exe
[2012/06/14 14:33:18 | 000,002,012 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\MFPUploader\System\MFPUploader.frs
[2011/03/02 11:53:12 | 000,745,472 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\MixiUploader\mfs_mixi_uploader.exe
[2011/03/02 14:07:40 | 000,000,824 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\WMUploader\WMUploader.bmp
[2011/03/10 11:17:06 | 000,577,024 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\WMUploader\wmuploader.exe
[2011/03/02 14:08:26 | 000,004,521 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\WMUploader\WMUploader.png
[2011/03/01 09:48:32 | 000,002,054 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\WMUploader\System\WMUploader.frs
[2011/01/31 17:10:10 | 000,274,432 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\YTUploader\LDR_YTUploader.exe
[2009/11/12 09:54:26 | 000,000,824 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\YTUploader\YTUploader.bmp
[2011/09/08 10:49:42 | 000,031,232 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\YTUploader\YTUploader.dll
[2011/09/08 10:49:52 | 000,544,768 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\YTUploader\YTUploader.exe
[2011/03/02 06:42:24 | 000,000,031 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\YTUploader\YTUploader.ini
[2009/11/24 10:49:56 | 000,004,618 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\YTUploader\YTUploader.png
[2011/09/08 10:49:36 | 000,036,864 | ---- | M] () -- \Program Files\FUJIFILM\MyFinePix Studio\Plugins\YTUploader\YTUploaderLib.dll
[2014/01/06 19:47:02 | 000,000,702 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_advoptions.fen
[2014/01/06 19:47:02 | 000,000,790 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_debug.fen
[2014/01/06 19:47:02 | 000,000,723 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_download.fen
[2014/01/06 19:47:02 | 000,000,694 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_file_errors.fen
[2013/02/09 02:39:28 | 000,000,934 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_main.fen
[2014/01/06 19:47:04 | 000,000,634 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_manage_devices.fen
[2014/01/06 19:47:04 | 000,002,283 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_onboard.fen
[2014/01/06 19:47:04 | 000,001,417 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_options.fen
[2014/01/06 19:47:04 | 000,001,330 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_pinwheel_72.png
[2014/01/06 19:47:04 | 000,002,541 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_pinwheel_72x2.png
[2014/01/06 19:47:04 | 000,002,109 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_prefs.fen
[2014/01/06 19:47:04 | 000,000,956 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_quota_error1.fen
[2014/01/06 19:47:04 | 000,001,080 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_quota_error2.fen
[2014/01/06 19:47:04 | 000,001,139 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_quota_error_estimate.fen
[2014/01/06 19:47:04 | 000,002,181 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_welcome.fen
[2013/10/11 13:41:40 | 000,053,602 | ---- | M] () -- \Program Files\Prezi Desktop 4\assets\export\content\loader-air-local.swf
[2013/06/19 15:59:00 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013/06/19 15:59:00 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013/06/19 15:59:00 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013/06/19 15:59:00 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013/06/19 15:59:00 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013/06/19 15:59:00 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2014/01/29 20:37:31 | 000,003,208 | ---- | M] () -- \Users\Anička\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.4_0\skin\ajax-loader.gif
[2013/06/22 19:36:18 | 000,109,448 | ---- | M] () -- \Users\Anička\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\09ZQ9YDZ\AdLoader-b3e321cab5fbc3c4ed10b513bb467bae.min[1].js
[2013/07/16 19:27:16 | 000,109,448 | ---- | M] () -- \Users\Anička\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\09ZQ9YDZ\AdLoader-b3e321cab5fbc3c4ed10b513bb467bae.min[2].js
[2013/06/22 19:36:18 | 000,001,511 | ---- | M] () -- \Users\Anička\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\09ZQ9YDZ\AdLoader[2].htm
[2014/03/10 19:17:55 | 000,001,870 | ---- | M] () -- \Users\Anička\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2RBG4A8P\AdLoader[1].htm
[2014/03/05 08:56:36 | 000,001,870 | ---- | M] () -- \Users\Anička\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7B45E77Y\AdLoader[1].htm
[2014/02/23 12:24:36 | 000,111,819 | ---- | M] () -- \Users\Anička\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CT38EJ6X\AdLoader-725aebe4743338ea770018ce780c157b.min[1].js
[2014/03/08 11:56:04 | 000,112,122 | ---- | M] () -- \Users\Anička\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QNZ8ZWS0\AdLoader-7b473315d0084c71df83cdee72aab144.min[1].js
[2013/04/19 14:10:10 | 000,002,895 | ---- | M] () -- \Users\Anička\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X8K5L5JX\rmsloaderdelayed[1].js
[2014/01/06 10:52:30 | 003,244,032 | ---- | M] () -- \Users\Anička\AppData\Local\Programs\Google\Google+ Auto Backup\gpuploader_i18n.dll
[2014/01/06 10:47:04 | 000,000,702 | ---- | M] () -- \Users\Anička\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_advoptions.fen
[2014/01/06 10:47:04 | 000,000,790 | ---- | M] () -- \Users\Anička\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_debug.fen
[2014/01/06 10:47:04 | 000,000,723 | ---- | M] () -- \Users\Anička\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_download.fen
[2014/01/06 10:47:04 | 000,000,694 | ---- | M] () -- \Users\Anička\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_file_errors.fen
[2014/01/06 10:47:06 | 000,171,541 | ---- | M] () -- \Users\Anička\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_icons.psd
[2014/01/06 10:47:06 | 000,000,634 | ---- | M] () -- \Users\Anička\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_manage_devices.fen
[2014/01/06 10:47:06 | 000,002,283 | ---- | M] () -- \Users\Anička\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_onboard.fen
[2014/01/06 10:47:06 | 000,001,417 | ---- | M] () -- \Users\Anička\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_options.fen
[2014/01/06 10:47:06 | 000,002,109 | ---- | M] () -- \Users\Anička\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_prefs.fen
[2014/01/06 10:47:06 | 000,000,956 | ---- | M] () -- \Users\Anička\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_quota_error1.fen
[2014/01/06 10:47:06 | 000,001,080 | ---- | M] () -- \Users\Anička\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_quota_error2.fen
[2014/01/06 10:47:06 | 000,001,139 | ---- | M] () -- \Users\Anička\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_quota_error_estimate.fen
[2014/01/06 10:47:06 | 000,002,181 | ---- | M] () -- \Users\Anička\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_welcome.fen
[2014/01/28 19:35:56 | 000,072,638 | ---- | M] () -- \Users\Anička\AppData\Local\Skype\Apps\login\images\loader.gif
[2014/01/28 19:35:56 | 000,003,032 | ---- | M] () -- \Users\Anička\AppData\Local\Skype\Apps\login\images\loader.png
[2014/01/28 19:35:56 | 000,006,012 | ---- | M] () -- \Users\Anička\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014/01/28 19:35:56 | 000,021,956 | ---- | M] () -- \Users\Anička\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014/01/28 19:35:56 | 000,009,772 | ---- | M] () -- \Users\Anička\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2013/05/02 20:43:56 | 000,000,753 | ---- | M] () -- \Users\Anička\AppData\Local\Temp\Temporary Internet Files\Content.IE5\C92ZDYS6\AdLoader[1].htm
[2013/04/28 19:20:05 | 000,105,903 | ---- | M] () -- \Users\Anička\AppData\Local\Temp\Temporary Internet Files\Content.IE5\K7PGX2S4\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2014/01/08 15:48:04 | 000,071,894 | R--- | M] () -- \Users\Anička\AppData\Roaming\Microsoft\Installer\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}\GPUploader.exe
[2013/11/22 14:54:49 | 000,656,443 | ---- | M] () -- \Users\Anička\Downloads\Google.Books.Downloader.v2.3.exe
[2009/07/14 13:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2012/10/04 17:40:37 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\ad7b8cfdb711865249ce6247b8e8e8d1\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\ad7b8cfdb711865249ce6247b8e8e8d1\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009/07/14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2010/11/21 02:16:08 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2010/11/21 02:16:08 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2010/11/21 02:16:08 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2010/11/20 22:31:02 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2010/11/20 22:31:02 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2010/11/20 22:31:02 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009/07/14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2010/11/21 02:15:24 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2010/11/20 22:23:54 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009/07/14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/12/04 17:00:50 | 000,072,638 | ---- | M] () -- \Záloha\All Users\Application Data\Skype\Apps\login\images\loader.gif
[2012/12/04 17:00:50 | 000,003,032 | ---- | M] () -- \Záloha\All Users\Application Data\Skype\Apps\login\images\loader.png
[2012/12/04 17:00:50 | 000,009,772 | ---- | M] () -- \Záloha\All Users\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2013/02/10 23:12:38 | 000,010,145 | ---- | M] () -- \Záloha\Application Data\Mozilla\Firefox\Profiles\b3ipyiin.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\modules\ExternalLibraryLoader.jsm
[2013/02/10 15:15:06 | 000,010,145 | ---- | M] () -- \Záloha\Application Data\Mozilla\Firefox\Profiles\b3ipyiin.default\extensions\{930f1200-f5f1-4870-bac6-e233ec8e7023}\modules\ExternalLibraryLoader.jsm
[2013/02/11 00:03:44 | 000,010,145 | ---- | M] () -- \Záloha\Application Data\Mozilla\Firefox\Profiles\b3ipyiin.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\modules\ExternalLibraryLoader.jsm
[2011/04/09 22:20:24 | 000,434,176 | ---- | M] () -- \Záloha\My Documents\Downloads\Downloader_for_SQL_Srv_2008_EE_EN.exe
[2010/12/14 12:36:18 | 000,421,888 | ---- | M] () -- \Záloha\My Documents\Downloads\Downloader_for_Visio_Professional_2007.exe
[1 \Záloha\My Documents\Downloads\*.tmp files -> \Záloha\My Documents\Downloads\*.tmp -> ]
< End of report >
Re: DNS server sa sam meni na 127.0.0.1
Extras:
OTL Extras logfile created on: 12. 3. 2014 22:58:57 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Anička\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
2,99 Gb Total Physical Memory | 1,25 Gb Available Physical Memory | 41,91% Memory free
5,98 Gb Paging File | 3,88 Gb Available in Paging File | 64,93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 156,25 Gb Total Space | 20,03 Gb Free Space | 12,82% Space Free | Partition Type: NTFS
Drive D: | 141,83 Gb Total Space | 116,49 Gb Free Space | 82,13% Space Free | Partition Type: NTFS
Drive G: | 667,62 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: ANICKA-PC | User Name: Anička | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-773910472-3044729245-3086565107-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Anička\AppData\Roaming\File Scout\filescout.exe" /open "%1"
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with Corel PaintShop Pro X5] -- "c:\Program Files\Corel\Corel PaintShop Pro X5\Corel PaintShop Pro.exe" "%L" (Corel, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{000D487A-9267-4977-B3E0-45CB79C9243F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{143592D1-E6CA-45B7-8199-FDD1287D0DB7}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{193BC4A4-1C9F-485E-ACA8-57001E824E7C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{308E6BF2-08A4-4764-B24F-60815782C82F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{36F3CA40-503D-41E4-914E-45A1222444D7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3927FDCC-F952-4555-91CF-390CF19B8952}" = rport=139 | protocol=6 | dir=out | app=system |
"{404A8382-3EBD-4664-B218-7EF8B3F25AD2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{42F4B804-B325-460C-B1AF-39A16F606F54}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4383C7D2-A1BB-411E-9D5A-07D833D690E0}" = lport=137 | protocol=17 | dir=in | app=system |
"{5EF72139-B044-42BE-A92E-DAEFE949F758}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{60002BDB-3963-40A8-8D78-0CC5E1C1947E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6089D8BC-4049-42EE-91D2-67AC6275DEA9}" = rport=137 | protocol=17 | dir=out | app=system |
"{671BE064-FC28-4F7F-ACBE-A260AAD3B5CF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6DBC27DE-3095-4F77-B984-6106F8DE6032}" = rport=10243 | protocol=6 | dir=out | app=system |
"{71011F69-86AA-4F30-9BC0-1A2C506728D3}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{787B4BD0-6953-4508-98A3-0823967E4CA1}" = lport=138 | protocol=17 | dir=in | app=system |
"{7D86F68A-05D1-48F5-821D-0106BE6DC4AC}" = lport=139 | protocol=6 | dir=in | app=system |
"{7FBD6626-2627-40D0-AAFE-3945EB89625A}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{95B94B0A-B98B-43E2-AC0F-3753AF31BA76}" = rport=2869 | protocol=6 | dir=out | app=system |
"{A1B5AD2A-97C8-4231-8728-02CAA77F4E00}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{A44C7F57-6771-411F-9B73-5245380B91A0}" = lport=445 | protocol=6 | dir=in | app=system |
"{A58A5BD1-5F9A-47D0-8389-66263DD168F8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B5F98987-E169-49DE-AA6C-D0680E566B4D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BBA59DB8-917C-40A7-996D-AE01D106C19D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{BEC3ED55-4280-42A4-AB94-D311C745C656}" = rport=445 | protocol=6 | dir=out | app=system |
"{C6050792-C603-41C0-A344-F9D5EC992F22}" = rport=138 | protocol=17 | dir=out | app=system |
"{CF903316-E696-4325-A0DE-AD331166A276}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D440F7F2-A1BC-4289-889D-FBBB98386198}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E5EDBAD6-4ED3-429A-8EA4-BF3A658FDB5D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F7D5F798-5115-474C-99F6-397CF896BEBD}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02637D29-269D-4CEE-97D8-7E56FC5E9512}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{030241F2-BF6F-44F7-B2D4-BE65E77481B4}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{1B257033-33ED-4AD6-90E0-2590E79E534F}" = dir=out | app=c:\program files\penwes\penwes.exe |
"{3F64E3F1-400E-4B99-B811-0C968439EBCA}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{47096A1C-9B7C-45FD-8D23-528EF41F0403}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{49D1B1F8-3B96-4069-87D5-1C6872248429}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4DADC6BE-5A0E-4ECB-BD82-31C937B2DF8C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{655B9060-19BA-4CED-B3E7-A908EA3FD979}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{691D0F97-A45E-41AD-A4B4-C37077A3F8FF}" = protocol=6 | dir=out | app=c:\program files\rosettastoneltdservices\rosettastoneltdservices.exe |
"{7A9770E6-24AD-4DDA-A1F2-942E5ED0873B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{7AA98A1D-22C3-4AB7-9F4A-BCD20A4D440C}" = dir=in | app=c:\program files\penwes\setuppenwes.exe |
"{7C28F050-97D6-4246-9A3A-4628247C5885}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8104D25E-CBC9-4421-9DF4-789CFC7F8070}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{81F304F6-922B-4DFC-AD49-CF382E25D0F4}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{82C34AAB-C13E-4C06-86C1-9D3414221176}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8BBA9911-BAF1-4263-A8C1-D77F52613E27}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{92AEAAC2-40DC-4D77-B900-BD2BCE442DF5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{94F98CCF-B6BF-458B-8ADE-1964666D26D9}" = protocol=6 | dir=out | app=c:\program files\rosettastoneltdservices\rosettastonedaemon.exe |
"{967DE581-15D8-4A58-8954-9E6D9F2A56A9}" = dir=in | app=c:\program files\rosettastoneltdservices\rosettastonedaemon.exe |
"{978CC027-4B8D-4A27-88B9-E2B7EB102564}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9A50F847-2FC4-4B8C-B480-C8BBBDE69CF9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A5EB2290-2F1F-4218-AC57-8629C1E81F3D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{AADD1BFA-B3DD-47CD-9377-587E84534FF2}" = dir=out | app=c:\program files\penwes\setuppenwes.exe |
"{B0D0F936-417B-4A23-B7CD-66ACA02A8122}" = protocol=6 | dir=out | app=system |
"{B5D7E5BF-BF68-48C8-B5FD-9B49009540C9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B7060796-2979-468A-879C-ECEA8DFC1E41}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C013ECC9-9692-4F40-A7A6-7735295D6896}" = dir=in | app=c:\program files\penwes\penwes.exe |
"{C16DCF47-31E2-46F6-8D3B-67835B2CCF53}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CD8C40F7-6020-49EE-A2EE-3F35EE48AEEE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D607889A-08C4-4446-B96B-658E56236EBA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{D7F82DA4-1463-453C-A9A5-9150EA568117}" = dir=in | app=c:\program files\penwes\penwesservice.exe |
"{D8523E8C-74A3-4ABB-B4D7-A1EB063861B9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E9F3C828-E8B8-4A44-98F0-F862D2019B70}" = dir=out | app=c:\program files\penwes\penwesservice.exe |
"{ED493D92-BF82-4AC4-81C6-EC69FABA6BCD}" = dir=in | app=c:\program files\rosettastoneltdservices\rosettastoneltdservices.exe |
"TCP Query User{0DEC4EEA-BDD7-46C3-A6D1-BFB449DAC5DE}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"TCP Query User{7114167E-4A86-4605-9700-1DFABB560057}C:\users\anička\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\anička\appdata\roaming\spotify\spotify.exe |
"TCP Query User{7301FD92-AD90-4917-9AE0-34D38373571C}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"TCP Query User{A644965E-F020-4010-98F0-E46AD8DCAD1C}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{2B88D39A-5A4F-4CA9-B986-183188200C8D}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{322D8598-907D-464D-BD84-1537A03B1F25}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{7907929D-9003-4015-B6E3-5D776161CD99}C:\users\anička\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\anička\appdata\roaming\spotify\spotify.exe |
"UDP Query User{802D09F7-AC32-4CBE-8ACF-DA517B4A7AAD}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{1563C6F2-E9B5-42DE-9EA6-207C9A8C2DFB}" = Corel PaintShop Pro X5
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP230_series" = Canon MP230 series MP Drivers
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{15002A1B-C1E7-4E91-A3EC-5502BF924A32}" = Setup
"{15180A90-1FC0-47E4-A150-3AECEF07B3B6}" = Corel PaintShop Pro X5
"{1522E36C-3739-41E4-8CD3-A4AFEA70086A}" = PSPPContent
"{153DD765-C8C6-4893-8CEF-D965351D82EC}" = PSPPHelp
"{154B0B16-ABCD-4A06-B0B7-8146B7A89B25}" = IPM_PSP_COM
"{1563C6F2-E9B5-42DE-9EA6-207C9A8C2DFB}" = ICA
"{390DD8BB-BB57-4942-A029-2D913E4E9D74}" = Microsoft Security Client
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.7
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7BB2EF8A-5376-4BAE-96D0-38BE49501F40}" = Rosetta Stone Ltd Services
"{7FAE73A4-F0BC-4B65-81CF-52C417383407}" = Prezi Desktop
"{81D97870-423D-452B-BE38-8B65D0613105}" = Nitro Pro 8
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-0054-0405-0000-0000000FF1CE}" = Microsoft Office Visio MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00B4-0405-0000-0000000FF1CE}" = Microsoft Office Project MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{91140000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2010
"{91140000-0057-0000-0000-0000000FF1CE}" = Microsoft Office Visio 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A50DE037-B5C0-4C8A-8049-B0C576B313D1}" = Google+ Auto Backup
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI - Czech
"{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1" = DriverToolkit version 8.2.0.0
"{E040B65B-8683-4228-8C33-D44A141E40EA}" = Secure Download Manager
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Avast" = avast! Free Antivirus
"Canon MP230 series On-screen Manual" = Canon MP230 series On-screen Manual
"Canon My Image Garden" = Canon My Image Garden
"Canon My Image Garden Design Files" = Canon My Image Garden Design Files
"Canon_IJ_Scan_Utility" = Canon IJ Scan Utility
"CanonMyPrinter" = Canon My Printer
"CanonQuickMenu" = Canon Quick Menu
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 27.0.1 (x86 sk)" = Mozilla Firefox 27.0.1 (x86 sk)
"MyFinePix Studio_is1" = FUJIFILM MyFinePix Studio 4.1
"Office14.PRJPROR" = Microsoft Project Professional 2010
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Office14.VISIOR" = Microsoft Visio Professional 2010
"Penwes" = PenWes [10775]
"Picasa 3" = Picasa 3
"Registrace uživatele zařízení Canon MP230 series" = Registrace uživatele zařízení Canon MP230 series
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TVWiz" = Intel(R) TV Wizard
"VLC media player" = VLC media player 2.0.6
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-773910472-3044729245-3086565107-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 12. 3. 2014 13:30:12 | Computer Name = Anicka-PC | Source = Office Software Protection Platform Service | ID = 1014
Description = Acquisition of End User License failed. hr=0xC004C008 Sku Id=0993043d-664f-4b2e-a7f1-fd92091fa81f
Error - 12. 3. 2014 13:30:34 | Computer Name = Anicka-PC | Source = Office Software Protection Platform Service | ID = 8200
Description = License acquisition failure details. hr=0xC004C003
Error - 12. 3. 2014 13:30:34 | Computer Name = Anicka-PC | Source = Office Software Protection Platform Service | ID = 1012
Description = Acquisition of Product Certificate failed. hr=0xC004C003 Sku Id=aa188b61-d3d3-443c-9dec-5b42393ee5cb
Error - 12. 3. 2014 13:30:40 | Computer Name = Anicka-PC | Source = WinMgmt | ID = 10
Description =
Error - 12. 3. 2014 13:57:12 | Computer Name = Anicka-PC | Source = System Restore | ID = 8210
Description =
Error - 12. 3. 2014 13:57:30 | Computer Name = Anicka-PC | Source = WinMgmt | ID = 10
Description =
Error - 12. 3. 2014 13:57:51 | Computer Name = Anicka-PC | Source = Office Software Protection Platform Service | ID = 8200
Description = License acquisition failure details. hr=0x80072EE7
Error - 12. 3. 2014 13:57:51 | Computer Name = Anicka-PC | Source = Office Software Protection Platform Service | ID = 1010
Description = Acquisition of Rights Account Certificate failed. hr=0x80072EE7
Error - 12. 3. 2014 13:58:25 | Computer Name = Anicka-PC | Source = Office Software Protection Platform Service | ID = 8200
Description = License acquisition failure details. hr=0x80072EE7
Error - 12. 3. 2014 13:58:25 | Computer Name = Anicka-PC | Source = Office Software Protection Platform Service | ID = 1010
Description = Acquisition of Rights Account Certificate failed. hr=0x80072EE7
[ System Events ]
Error - 17. 12. 2013 2:59:41 | Computer Name = Anicka-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR13.
Error - 17. 12. 2013 3:11:00 | Computer Name = Anicka-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR14.
Error - 6. 1. 2014 3:30:17 | Computer Name = Anicka-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby ShellHWDetection bylo dosaženo
časového limitu (30000 ms).
Error - 6. 1. 2014 9:22:02 | Computer Name = Anicka-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.165.1216.0 Update Source: %%859 Update Stage:
%%852 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803
User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10201.0
Error
code: 0x80072f76 Error description: Požadované záhlaví nebylo nalezeno.
Error - 6. 1. 2014 11:51:36 | Computer Name = Anicka-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.165.1216.0 Update Source: %%859 Update Stage:
%%852 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803
User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10201.0
Error
code: 0x80072f76 Error description: Požadované záhlaví nebylo nalezeno.
Error - 6. 1. 2014 12:01:19 | Computer Name = Anicka-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.165.1216.0 Update Source: %%859 Update Stage:
%%852 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803
User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10201.0
Error
code: 0x80072f76 Error description: Požadované záhlaví nebylo nalezeno.
Error - 9. 1. 2014 2:42:26 | Computer Name = Anicka-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby Netman bylo dosaženo časového
limitu (30000 ms).
Error - 9. 1. 2014 7:54:26 | Computer Name = Anicka-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.165.1489.0 Update Source: %%859 Update Stage:
%%852 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803
User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10201.0
Error
code: 0x80072f76 Error description: Požadované záhlaví nebylo nalezeno.
Error - 13. 1. 2014 8:24:28 | Computer Name = Anicka-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby ShellHWDetection bylo dosaženo
časového limitu (30000 ms).
Error - 24. 1. 2014 14:55:14 | Computer Name = Anicka-PC | Source = DCOM | ID = 10010
Description =
< End of report >
OTL Extras logfile created on: 12. 3. 2014 22:58:57 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Anička\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
2,99 Gb Total Physical Memory | 1,25 Gb Available Physical Memory | 41,91% Memory free
5,98 Gb Paging File | 3,88 Gb Available in Paging File | 64,93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 156,25 Gb Total Space | 20,03 Gb Free Space | 12,82% Space Free | Partition Type: NTFS
Drive D: | 141,83 Gb Total Space | 116,49 Gb Free Space | 82,13% Space Free | Partition Type: NTFS
Drive G: | 667,62 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: ANICKA-PC | User Name: Anička | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-773910472-3044729245-3086565107-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Anička\AppData\Roaming\File Scout\filescout.exe" /open "%1"
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with Corel PaintShop Pro X5] -- "c:\Program Files\Corel\Corel PaintShop Pro X5\Corel PaintShop Pro.exe" "%L" (Corel, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{000D487A-9267-4977-B3E0-45CB79C9243F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{143592D1-E6CA-45B7-8199-FDD1287D0DB7}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{193BC4A4-1C9F-485E-ACA8-57001E824E7C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{308E6BF2-08A4-4764-B24F-60815782C82F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{36F3CA40-503D-41E4-914E-45A1222444D7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3927FDCC-F952-4555-91CF-390CF19B8952}" = rport=139 | protocol=6 | dir=out | app=system |
"{404A8382-3EBD-4664-B218-7EF8B3F25AD2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{42F4B804-B325-460C-B1AF-39A16F606F54}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4383C7D2-A1BB-411E-9D5A-07D833D690E0}" = lport=137 | protocol=17 | dir=in | app=system |
"{5EF72139-B044-42BE-A92E-DAEFE949F758}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{60002BDB-3963-40A8-8D78-0CC5E1C1947E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6089D8BC-4049-42EE-91D2-67AC6275DEA9}" = rport=137 | protocol=17 | dir=out | app=system |
"{671BE064-FC28-4F7F-ACBE-A260AAD3B5CF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6DBC27DE-3095-4F77-B984-6106F8DE6032}" = rport=10243 | protocol=6 | dir=out | app=system |
"{71011F69-86AA-4F30-9BC0-1A2C506728D3}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{787B4BD0-6953-4508-98A3-0823967E4CA1}" = lport=138 | protocol=17 | dir=in | app=system |
"{7D86F68A-05D1-48F5-821D-0106BE6DC4AC}" = lport=139 | protocol=6 | dir=in | app=system |
"{7FBD6626-2627-40D0-AAFE-3945EB89625A}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{95B94B0A-B98B-43E2-AC0F-3753AF31BA76}" = rport=2869 | protocol=6 | dir=out | app=system |
"{A1B5AD2A-97C8-4231-8728-02CAA77F4E00}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{A44C7F57-6771-411F-9B73-5245380B91A0}" = lport=445 | protocol=6 | dir=in | app=system |
"{A58A5BD1-5F9A-47D0-8389-66263DD168F8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B5F98987-E169-49DE-AA6C-D0680E566B4D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BBA59DB8-917C-40A7-996D-AE01D106C19D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{BEC3ED55-4280-42A4-AB94-D311C745C656}" = rport=445 | protocol=6 | dir=out | app=system |
"{C6050792-C603-41C0-A344-F9D5EC992F22}" = rport=138 | protocol=17 | dir=out | app=system |
"{CF903316-E696-4325-A0DE-AD331166A276}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D440F7F2-A1BC-4289-889D-FBBB98386198}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E5EDBAD6-4ED3-429A-8EA4-BF3A658FDB5D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F7D5F798-5115-474C-99F6-397CF896BEBD}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02637D29-269D-4CEE-97D8-7E56FC5E9512}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{030241F2-BF6F-44F7-B2D4-BE65E77481B4}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{1B257033-33ED-4AD6-90E0-2590E79E534F}" = dir=out | app=c:\program files\penwes\penwes.exe |
"{3F64E3F1-400E-4B99-B811-0C968439EBCA}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{47096A1C-9B7C-45FD-8D23-528EF41F0403}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{49D1B1F8-3B96-4069-87D5-1C6872248429}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4DADC6BE-5A0E-4ECB-BD82-31C937B2DF8C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{655B9060-19BA-4CED-B3E7-A908EA3FD979}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{691D0F97-A45E-41AD-A4B4-C37077A3F8FF}" = protocol=6 | dir=out | app=c:\program files\rosettastoneltdservices\rosettastoneltdservices.exe |
"{7A9770E6-24AD-4DDA-A1F2-942E5ED0873B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{7AA98A1D-22C3-4AB7-9F4A-BCD20A4D440C}" = dir=in | app=c:\program files\penwes\setuppenwes.exe |
"{7C28F050-97D6-4246-9A3A-4628247C5885}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8104D25E-CBC9-4421-9DF4-789CFC7F8070}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{81F304F6-922B-4DFC-AD49-CF382E25D0F4}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{82C34AAB-C13E-4C06-86C1-9D3414221176}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8BBA9911-BAF1-4263-A8C1-D77F52613E27}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{92AEAAC2-40DC-4D77-B900-BD2BCE442DF5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{94F98CCF-B6BF-458B-8ADE-1964666D26D9}" = protocol=6 | dir=out | app=c:\program files\rosettastoneltdservices\rosettastonedaemon.exe |
"{967DE581-15D8-4A58-8954-9E6D9F2A56A9}" = dir=in | app=c:\program files\rosettastoneltdservices\rosettastonedaemon.exe |
"{978CC027-4B8D-4A27-88B9-E2B7EB102564}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9A50F847-2FC4-4B8C-B480-C8BBBDE69CF9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A5EB2290-2F1F-4218-AC57-8629C1E81F3D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{AADD1BFA-B3DD-47CD-9377-587E84534FF2}" = dir=out | app=c:\program files\penwes\setuppenwes.exe |
"{B0D0F936-417B-4A23-B7CD-66ACA02A8122}" = protocol=6 | dir=out | app=system |
"{B5D7E5BF-BF68-48C8-B5FD-9B49009540C9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B7060796-2979-468A-879C-ECEA8DFC1E41}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C013ECC9-9692-4F40-A7A6-7735295D6896}" = dir=in | app=c:\program files\penwes\penwes.exe |
"{C16DCF47-31E2-46F6-8D3B-67835B2CCF53}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CD8C40F7-6020-49EE-A2EE-3F35EE48AEEE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D607889A-08C4-4446-B96B-658E56236EBA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{D7F82DA4-1463-453C-A9A5-9150EA568117}" = dir=in | app=c:\program files\penwes\penwesservice.exe |
"{D8523E8C-74A3-4ABB-B4D7-A1EB063861B9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E9F3C828-E8B8-4A44-98F0-F862D2019B70}" = dir=out | app=c:\program files\penwes\penwesservice.exe |
"{ED493D92-BF82-4AC4-81C6-EC69FABA6BCD}" = dir=in | app=c:\program files\rosettastoneltdservices\rosettastoneltdservices.exe |
"TCP Query User{0DEC4EEA-BDD7-46C3-A6D1-BFB449DAC5DE}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"TCP Query User{7114167E-4A86-4605-9700-1DFABB560057}C:\users\anička\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\anička\appdata\roaming\spotify\spotify.exe |
"TCP Query User{7301FD92-AD90-4917-9AE0-34D38373571C}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"TCP Query User{A644965E-F020-4010-98F0-E46AD8DCAD1C}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{2B88D39A-5A4F-4CA9-B986-183188200C8D}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{322D8598-907D-464D-BD84-1537A03B1F25}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{7907929D-9003-4015-B6E3-5D776161CD99}C:\users\anička\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\anička\appdata\roaming\spotify\spotify.exe |
"UDP Query User{802D09F7-AC32-4CBE-8ACF-DA517B4A7AAD}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{1563C6F2-E9B5-42DE-9EA6-207C9A8C2DFB}" = Corel PaintShop Pro X5
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP230_series" = Canon MP230 series MP Drivers
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{15002A1B-C1E7-4E91-A3EC-5502BF924A32}" = Setup
"{15180A90-1FC0-47E4-A150-3AECEF07B3B6}" = Corel PaintShop Pro X5
"{1522E36C-3739-41E4-8CD3-A4AFEA70086A}" = PSPPContent
"{153DD765-C8C6-4893-8CEF-D965351D82EC}" = PSPPHelp
"{154B0B16-ABCD-4A06-B0B7-8146B7A89B25}" = IPM_PSP_COM
"{1563C6F2-E9B5-42DE-9EA6-207C9A8C2DFB}" = ICA
"{390DD8BB-BB57-4942-A029-2D913E4E9D74}" = Microsoft Security Client
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.7
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7BB2EF8A-5376-4BAE-96D0-38BE49501F40}" = Rosetta Stone Ltd Services
"{7FAE73A4-F0BC-4B65-81CF-52C417383407}" = Prezi Desktop
"{81D97870-423D-452B-BE38-8B65D0613105}" = Nitro Pro 8
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-0054-0405-0000-0000000FF1CE}" = Microsoft Office Visio MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00B4-0405-0000-0000000FF1CE}" = Microsoft Office Project MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{91140000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2010
"{91140000-0057-0000-0000-0000000FF1CE}" = Microsoft Office Visio 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A50DE037-B5C0-4C8A-8049-B0C576B313D1}" = Google+ Auto Backup
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI - Czech
"{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1" = DriverToolkit version 8.2.0.0
"{E040B65B-8683-4228-8C33-D44A141E40EA}" = Secure Download Manager
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Avast" = avast! Free Antivirus
"Canon MP230 series On-screen Manual" = Canon MP230 series On-screen Manual
"Canon My Image Garden" = Canon My Image Garden
"Canon My Image Garden Design Files" = Canon My Image Garden Design Files
"Canon_IJ_Scan_Utility" = Canon IJ Scan Utility
"CanonMyPrinter" = Canon My Printer
"CanonQuickMenu" = Canon Quick Menu
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 27.0.1 (x86 sk)" = Mozilla Firefox 27.0.1 (x86 sk)
"MyFinePix Studio_is1" = FUJIFILM MyFinePix Studio 4.1
"Office14.PRJPROR" = Microsoft Project Professional 2010
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Office14.VISIOR" = Microsoft Visio Professional 2010
"Penwes" = PenWes [10775]
"Picasa 3" = Picasa 3
"Registrace uživatele zařízení Canon MP230 series" = Registrace uživatele zařízení Canon MP230 series
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TVWiz" = Intel(R) TV Wizard
"VLC media player" = VLC media player 2.0.6
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-773910472-3044729245-3086565107-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 12. 3. 2014 13:30:12 | Computer Name = Anicka-PC | Source = Office Software Protection Platform Service | ID = 1014
Description = Acquisition of End User License failed. hr=0xC004C008 Sku Id=0993043d-664f-4b2e-a7f1-fd92091fa81f
Error - 12. 3. 2014 13:30:34 | Computer Name = Anicka-PC | Source = Office Software Protection Platform Service | ID = 8200
Description = License acquisition failure details. hr=0xC004C003
Error - 12. 3. 2014 13:30:34 | Computer Name = Anicka-PC | Source = Office Software Protection Platform Service | ID = 1012
Description = Acquisition of Product Certificate failed. hr=0xC004C003 Sku Id=aa188b61-d3d3-443c-9dec-5b42393ee5cb
Error - 12. 3. 2014 13:30:40 | Computer Name = Anicka-PC | Source = WinMgmt | ID = 10
Description =
Error - 12. 3. 2014 13:57:12 | Computer Name = Anicka-PC | Source = System Restore | ID = 8210
Description =
Error - 12. 3. 2014 13:57:30 | Computer Name = Anicka-PC | Source = WinMgmt | ID = 10
Description =
Error - 12. 3. 2014 13:57:51 | Computer Name = Anicka-PC | Source = Office Software Protection Platform Service | ID = 8200
Description = License acquisition failure details. hr=0x80072EE7
Error - 12. 3. 2014 13:57:51 | Computer Name = Anicka-PC | Source = Office Software Protection Platform Service | ID = 1010
Description = Acquisition of Rights Account Certificate failed. hr=0x80072EE7
Error - 12. 3. 2014 13:58:25 | Computer Name = Anicka-PC | Source = Office Software Protection Platform Service | ID = 8200
Description = License acquisition failure details. hr=0x80072EE7
Error - 12. 3. 2014 13:58:25 | Computer Name = Anicka-PC | Source = Office Software Protection Platform Service | ID = 1010
Description = Acquisition of Rights Account Certificate failed. hr=0x80072EE7
[ System Events ]
Error - 17. 12. 2013 2:59:41 | Computer Name = Anicka-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR13.
Error - 17. 12. 2013 3:11:00 | Computer Name = Anicka-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR14.
Error - 6. 1. 2014 3:30:17 | Computer Name = Anicka-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby ShellHWDetection bylo dosaženo
časového limitu (30000 ms).
Error - 6. 1. 2014 9:22:02 | Computer Name = Anicka-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.165.1216.0 Update Source: %%859 Update Stage:
%%852 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803
User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10201.0
Error
code: 0x80072f76 Error description: Požadované záhlaví nebylo nalezeno.
Error - 6. 1. 2014 11:51:36 | Computer Name = Anicka-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.165.1216.0 Update Source: %%859 Update Stage:
%%852 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803
User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10201.0
Error
code: 0x80072f76 Error description: Požadované záhlaví nebylo nalezeno.
Error - 6. 1. 2014 12:01:19 | Computer Name = Anicka-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.165.1216.0 Update Source: %%859 Update Stage:
%%852 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803
User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10201.0
Error
code: 0x80072f76 Error description: Požadované záhlaví nebylo nalezeno.
Error - 9. 1. 2014 2:42:26 | Computer Name = Anicka-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby Netman bylo dosaženo časového
limitu (30000 ms).
Error - 9. 1. 2014 7:54:26 | Computer Name = Anicka-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.165.1489.0 Update Source: %%859 Update Stage:
%%852 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803
User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10201.0
Error
code: 0x80072f76 Error description: Požadované záhlaví nebylo nalezeno.
Error - 13. 1. 2014 8:24:28 | Computer Name = Anicka-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby ShellHWDetection bylo dosaženo
časového limitu (30000 ms).
Error - 24. 1. 2014 14:55:14 | Computer Name = Anicka-PC | Source = DCOM | ID = 10010
Description =
< End of report >
-
Rudy
- Site Admin
- Příspěvky: 119534
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: DNS server sa sam meni na 127.0.0.1
Tak vás musim ujistit, že není. Podle pravidel fóra takové operační systémy neřešíme: http://forum.viry.cz/viewtopic.php?f=12&t=115512 .orli píše:mal by byt originalny, ale niesom si isty....
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: DNS server sa sam meni na 127.0.0.1
tak toto je omyl, pretoze momentalne som uisteny ze to pravy windows je. bol kupovany minuly rok.
Re: DNS server sa sam meni na 127.0.0.1
pozriem sa na to osobne, lebo prechadzam log a vidim tiez ze autentifikacia zlyhala
Přispějete na provoz fóra?
