Přišel mi podvodný email, byl otevřen, příloha otevřena nebyla. Prosím o kontrolu logu.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Ferda Mravenec at 2014-07-04 15:51:01
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 785 GB (82%) free of 954 GB
Total RAM: 2047 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:51:27, on 4.7.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16921)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Opera\opera.exe
C:\Users\Ferda Mravenec\AppData\Local\Opera\Opera\temporary_downloads\RSIT.exe
C:\Program Files\trend micro\Ferda Mravenec.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchshock.com/?cid=4225
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://www.samsungsetup.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 4666 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-06-21 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-06-21 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2011-01-20 988480]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-01-13 98304]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-02-24 5075104]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-05-07 256896]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= []
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux8"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-07-04 15:51:01 ----D---- C:\rsit
2014-07-04 15:51:01 ----D---- C:\Program Files\trend micro
2014-06-28 20:45:06 ----A---- C:\Windows\system32\unrar.dll
2014-06-28 20:45:02 ----D---- C:\Program Files\K-Lite Codec Pack
2014-06-28 19:57:31 ----D---- C:\Users\Ferda Mravenec\AppData\Roaming\PerformerSoft
2014-06-28 19:57:01 ----D---- C:\Program Files\SpeedAnalysis
2014-06-25 17:41:03 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-06-25 17:41:03 ----A---- C:\Windows\system32\drivers\netio.sys
2014-06-25 17:41:03 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-06-25 17:41:01 ----A---- C:\Windows\system32\usp10.dll
2014-06-25 17:40:56 ----A---- C:\Windows\system32\urlmon.dll
2014-06-25 17:40:56 ----A---- C:\Windows\system32\jsproxy.dll
2014-06-25 17:40:55 ----A---- C:\Windows\system32\msrating.dll
2014-06-25 17:40:55 ----A---- C:\Windows\system32\msfeeds.dll
2014-06-25 17:40:55 ----A---- C:\Windows\system32\iesetup.dll
2014-06-25 17:40:54 ----A---- C:\Windows\system32\ieframe.dll
2014-06-25 17:40:52 ----A---- C:\Windows\system32\wininet.dll
2014-06-25 17:40:52 ----A---- C:\Windows\system32\mshtmled.dll
2014-06-25 17:40:52 ----A---- C:\Windows\system32\jscript.dll
2014-06-25 17:40:51 ----A---- C:\Windows\system32\ieui.dll
2014-06-25 17:40:51 ----A---- C:\Windows\system32\dxtrans.dll
2014-06-25 17:40:48 ----A---- C:\Windows\system32\iertutil.dll
2014-06-25 17:40:46 ----A---- C:\Windows\system32\dxtmsft.dll
2014-06-25 17:40:42 ----A---- C:\Windows\system32\jscript9.dll
2014-06-25 17:40:41 ----A---- C:\Windows\system32\mshtml.dll
2014-06-25 17:40:39 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2014-06-25 17:40:39 ----A---- C:\Windows\system32\iesysprep.dll
2014-06-25 17:40:39 ----A---- C:\Windows\system32\iernonce.dll
2014-06-25 17:40:39 ----A---- C:\Windows\system32\ie4uinit.exe
2014-06-25 17:40:35 ----A---- C:\Windows\system32\msxml6.dll
2014-06-25 17:40:34 ----A---- C:\Windows\system32\msxml6r.dll
2014-06-25 17:40:34 ----A---- C:\Windows\system32\msxml3r.dll
2014-06-25 17:40:34 ----A---- C:\Windows\system32\msxml3.dll
2014-06-25 17:39:57 ----A---- C:\Windows\system32\rdpcorets.dll
2014-06-21 13:16:37 ----D---- C:\Users\Ferda Mravenec\AppData\Roaming\.minecraft
2014-06-21 13:16:33 ----D---- C:\ProgramData\Oracle
2014-06-21 13:16:30 ----D---- C:\ProgramData\Sun
2014-06-21 13:16:29 ----D---- C:\Program Files\Common Files\Java
2014-06-21 13:16:25 ----A---- C:\Windows\system32\javaws.exe
2014-06-21 13:16:17 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2014-06-21 13:16:17 ----A---- C:\Windows\system32\javaw.exe
2014-06-21 13:16:17 ----A---- C:\Windows\system32\java.exe
2014-06-21 13:16:02 ----D---- C:\Program Files\Java
2014-06-21 11:06:38 ----D---- C:\Users\Ferda Mravenec\AppData\Roaming\FLV and Media Player
2014-06-21 11:05:46 ----D---- C:\Program Files\Applian Technologies
2014-06-21 11:04:57 ----D---- C:\ProgramData\APN
2014-06-18 18:01:25 ----D---- C:\Program Files\Mozilla Thunderbird
2014-06-07 09:32:14 ----D---- C:\ProgramData\ESET
2014-06-06 16:33:00 ----AS---- C:\Windows\system32\lcpmnclyewd.exe
2014-06-06 16:33:00 ----AS---- C:\Windows\system32\dcgmnclyewd.exe
2014-06-06 16:32:59 ----AS---- C:\Windows\system32\acumnclyewd.exe
2014-06-06 16:17:59 ----D---- C:\Users\Ferda Mravenec\AppData\Roaming\AVG
2014-06-06 16:16:53 ----D---- C:\ProgramData\AVG
2014-06-06 16:16:26 ----SHD---- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-06-06 16:16:16 ----D---- C:\Users\Ferda Mravenec\AppData\Roaming\OpenCandy
======List of files/folders modified in the last 1 month======
2014-07-04 15:51:12 ----D---- C:\Windows\Prefetch
2014-07-04 15:51:02 ----D---- C:\Windows\Temp
2014-07-04 15:51:01 ----RD---- C:\Program Files
2014-07-04 15:23:11 ----D---- C:\Windows\system32\config
2014-07-04 15:17:53 ----D---- C:\Windows\System32
2014-07-04 15:17:53 ----D---- C:\Windows\inf
2014-07-04 15:17:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-03 16:36:10 ----D---- C:\Users\Ferda Mravenec\AppData\Roaming\Skype
2014-07-03 15:24:53 ----SHD---- C:\System Volume Information
2014-06-30 21:10:54 ----D---- C:\Windows
2014-06-29 19:47:19 ----D---- C:\The KMPlayer
2014-06-29 07:47:32 ----D---- C:\Program Files\ESET
2014-06-28 20:54:40 ----D---- C:\Windows\system32\Tasks
2014-06-28 20:54:38 ----D---- C:\Windows\Tasks
2014-06-28 19:58:07 ----SD---- C:\Users\Ferda Mravenec\AppData\Roaming\Microsoft
2014-06-27 18:19:02 ----D---- C:\Windows\Panther
2014-06-27 18:19:02 ----D---- C:\Windows\debug
2014-06-25 19:53:57 ----D---- C:\Windows\winsxs
2014-06-25 19:52:16 ----D---- C:\Program Files\Internet Explorer
2014-06-25 19:52:14 ----D---- C:\Windows\system32\drivers
2014-06-25 17:45:28 ----D---- C:\Windows\system32\MRT
2014-06-25 17:42:39 ----A---- C:\Windows\system32\MRT.exe
2014-06-25 17:40:30 ----D---- C:\Windows\system32\catroot
2014-06-25 17:40:20 ----D---- C:\Windows\system32\catroot2
2014-06-25 17:38:20 ----HD---- C:\ProgramData
2014-06-23 20:46:40 ----D---- C:\Windows\system32\LogFiles
2014-06-22 10:02:24 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-06-21 13:16:30 ----SHD---- C:\Windows\Installer
2014-06-21 13:16:29 ----D---- C:\Program Files\Common Files
2014-06-21 11:28:10 ----D---- C:\Users\Ferda Mravenec\AppData\Roaming\vlc
2014-06-19 18:26:54 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-06-14 10:07:44 ----D---- C:\Windows\system32\NDF
2014-06-08 10:30:54 ----D---- C:\Program Files\Opera
2014-06-07 09:32:44 ----D---- C:\Windows\system32\DriverStore
2014-06-07 09:29:56 ----D---- C:\Windows\SoftwareDistribution
2014-06-07 09:22:33 ----RD---- C:\Users
2014-06-06 16:32:59 ----D---- C:\Windows\system32\bitstreams
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 188808]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 134248]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2014-03-26 204064]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2014-03-26 104736]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2013-09-17 122376]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-03-02 218688]
R3 es1371;Creative AudioPCI (ES1371,ES1373) (WDM); C:\Windows\system32\drivers\es1371mp.sys [2002-06-03 40832]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-14 139776]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2014-03-26 126752]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 PcaSp60;Rawether NDIS 6.X SPR Protocol Driver; C:\Windows\system32\DRIVERS\PcaSp60.sys [2010-09-07 28672]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-20 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-20 25600]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-03-26 116512]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUSB;Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2014-02-24 1343408]
S2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-22 262320]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-18 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Podvodný email
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Podvodný email
Zdravim 
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll services.exe svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 %PROGRAMFILES%\Opera\opera.exe /md5 %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
- Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re:log OTL
OTL logfile created on: 5.7.2014 6:22:23 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ferda Mravenec\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16921)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,45 Gb Available Physical Memory | 72,77% Memory free
4,00 Gb Paging File | 3,07 Gb Available in Paging File | 76,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931,41 Gb Total Space | 766,33 Gb Free Space | 82,28% Space Free | Partition Type: NTFS
Drive F: | 298,09 Gb Total Space | 255,01 Gb Free Space | 85,55% Space Free | Partition Type: NTFS
Computer Name: FERDAMRAVENEC | User Name: Ferda Mravenec | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2014.07.05 06:19:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ferda Mravenec\Desktop\OTL.exe
PRC - [2014.04.26 08:30:45 | 000,879,456 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2014.02.24 16:27:06 | 001,343,408 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2014.02.24 16:26:50 | 005,075,104 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2014.02.01 22:32:27 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010.11.20 23:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.08.18 03:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009.08.18 03:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
========== Modules (No Company Name) ==========
MOD - [2014.05.17 16:02:59 | 011,922,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\70dbdd46969daf2bea2443c75b7629d4\System.Web.ni.dll
MOD - [2014.05.17 16:02:48 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\98c91b8d3f1d54c41ada5f37e0935303\System.Runtime.Remoting.ni.dll
MOD - [2014.02.15 13:45:43 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014.02.15 13:45:34 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014.02.15 13:45:12 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014.02.15 13:45:08 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014.02.15 13:45:06 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014.02.15 13:44:58 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2014.02.08 22:04:00 | 000,380,928 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3665.39640__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2014.02.08 22:04:00 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3665.39671__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2014.02.08 22:04:00 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3665.39663__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2014.02.08 22:04:00 | 000,011,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3665.39793__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MOD - [2014.02.08 22:04:00 | 000,008,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3665.39793__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MOD - [2014.02.08 22:04:00 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3665.39798__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
MOD - [2014.02.08 22:04:00 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3665.39794__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2014.02.08 22:03:59 | 001,708,032 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3665.39821__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.dll
MOD - [2014.02.08 22:03:59 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3665.39776__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2014.02.08 22:03:59 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3665.39748__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2014.02.08 22:03:59 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3665.39652__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2014.02.08 22:03:59 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3665.39777__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2014.02.08 22:03:59 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3665.39717__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2014.02.08 22:03:59 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3665.39654__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2014.02.08 22:03:59 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Runtime\2.0.3665.39822__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Runtime.dll
MOD - [2014.02.08 22:03:58 | 000,827,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3665.39706__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2014.02.08 22:03:58 | 000,651,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3665.39792__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll
MOD - [2014.02.08 22:03:58 | 000,409,600 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3665.39739__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2014.02.08 22:03:58 | 000,356,352 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3665.39725__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2014.02.08 22:03:58 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3665.39671__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2014.02.08 22:03:58 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3665.39705__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2014.02.08 22:03:58 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3665.39726__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2014.02.08 22:03:58 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3665.39713__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2014.02.08 22:03:58 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3665.39791__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll
MOD - [2014.02.08 22:03:58 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3665.39725__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2014.02.08 22:03:58 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3665.39774__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2014.02.08 22:03:58 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3665.39712__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2014.02.08 22:03:57 | 001,302,528 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3665.39817__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll
MOD - [2014.02.08 22:03:57 | 000,573,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3665.39673__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2014.02.08 22:03:57 | 000,270,336 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2014.02.08 22:03:57 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3665.39704__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2014.02.08 22:03:57 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3665.39705__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2014.02.08 22:03:57 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3665.39677__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2014.02.08 22:03:57 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3665.39715__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2014.02.08 22:03:57 | 000,008,192 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3665.39632__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2014.02.08 22:03:57 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3665.39626__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2014.02.08 22:03:57 | 000,006,144 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3665.39635__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2014.02.08 22:03:57 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3665.39784__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2014.02.08 22:03:57 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3665.39639__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2014.02.08 22:03:57 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3665.39635__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2014.02.08 22:03:56 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2014.02.08 22:03:56 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3665.39625__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2014.02.08 22:03:56 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3665.39768__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2014.02.08 22:03:56 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll
MOD - [2014.02.08 22:03:56 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2014.02.08 22:03:56 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2014.02.08 22:03:56 | 000,015,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3665.39626__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2014.02.08 22:03:56 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2014.02.08 22:03:56 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3665.39639__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2014.02.08 22:03:56 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3665.39774__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2014.02.08 22:03:56 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3665.39630__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2014.02.08 22:03:55 | 000,151,552 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3665.39630__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2014.02.08 22:03:55 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3665.39627__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2014.02.08 22:03:55 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3665.39791__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll
MOD - [2014.02.08 22:03:55 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3665.39693__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2014.02.08 22:03:55 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3665.39724__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2014.02.08 22:03:55 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3665.39775__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2014.02.08 22:03:55 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3665.39739__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2014.02.08 22:03:55 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3665.39629__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2014.02.08 22:03:55 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3665.39629__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2014.02.08 22:03:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3665.39662__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2014.02.08 22:03:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3665.39652__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2014.02.08 22:03:55 | 000,009,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Shared\2.0.3665.39776__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Shared.dll
MOD - [2014.02.08 22:03:55 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3665.39628__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2014.02.08 22:03:55 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3665.39634__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2014.02.08 22:03:54 | 000,741,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3665.39814__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2014.02.08 22:03:54 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3665.39748__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2014.02.08 22:03:54 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3665.39668__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2014.02.08 22:03:54 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3665.39704__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2014.02.08 22:03:54 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3665.39653__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2014.02.08 22:03:54 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3665.39784__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2014.02.08 22:03:54 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3665.39717__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2014.02.08 22:03:54 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3665.39654__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2014.02.08 22:03:54 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3665.39653__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2014.02.08 22:03:54 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3665.39667__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2014.02.08 22:03:54 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3665.39712__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2014.02.08 22:03:54 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3665.39639__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2014.02.08 22:03:54 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3665.39628__90ba9c70f846762e\APM.Foundation.dll
MOD - [2014.02.08 22:03:54 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3665.39636__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2014.02.08 22:03:54 | 000,006,144 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3665.39634__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2014.02.08 22:03:53 | 001,220,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3665.39647__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2014.02.08 22:03:53 | 000,577,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3665.39760__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2014.02.08 22:03:53 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3665.39662__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2014.02.08 22:03:53 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3665.39768__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2014.02.08 22:03:53 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3665.39765__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2014.02.08 22:03:53 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3665.39637__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2014.02.08 22:03:53 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3665.39638__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2014.02.08 22:03:53 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3665.39636__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2014.02.08 22:03:53 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3665.39632__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2014.02.08 22:03:53 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3665.39629__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2014.02.08 22:03:53 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3665.39631__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2014.02.08 22:03:53 | 000,011,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3665.39661__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2014.02.08 22:03:53 | 000,010,240 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3665.39646__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2014.02.08 22:03:53 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3665.39637__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2014.02.08 22:03:52 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3665.39632__90ba9c70f846762e\APM.Server.dll
MOD - [2014.02.08 22:03:52 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3665.39635__90ba9c70f846762e\AEM.Server.dll
MOD - [2014.02.08 22:03:52 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3665.39645__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2014.02.08 22:03:52 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2014.02.08 22:03:52 | 000,019,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3665.39767__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2014.02.08 22:03:52 | 000,008,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3665.39669__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2010.11.13 03:54:29 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_cs_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2010.11.13 03:54:19 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.11.24 14:36:36 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Users\Ferda Mravenec\AppData\Local\Temp\7zS2E99\hpslpsvc32.dll -- (HPSLPSVC)
SRV - [2014.06.22 10:02:24 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.06.18 18:01:33 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.02.24 16:27:06 | 001,343,408 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.10.23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.05.27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.08.18 03:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - [2014.03.26 20:24:40 | 000,204,064 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxDrv.sys -- (VBoxDrv)
DRV - [2014.03.26 20:23:06 | 000,116,512 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2014.03.26 20:23:04 | 000,126,752 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - [2014.03.26 20:23:04 | 000,104,736 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon)
DRV - [2014.03.02 10:03:49 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2013.09.17 14:17:38 | 000,188,808 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2013.09.17 14:17:38 | 000,134,248 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2013.09.17 14:17:38 | 000,122,376 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2010.11.20 23:29:34 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 23:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 23:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 23:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - [2010.11.20 23:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2010.11.20 23:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010.11.20 23:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 23:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2010.11.20 23:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 23:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010.11.20 23:29:03 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV - [2010.11.20 23:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 23:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.09.07 08:27:22 | 000,028,672 | R--- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PcaSp60.sys -- (PcaSp60)
DRV - [2009.08.18 04:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2004.08.13 10:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2002.06.03 11:18:32 | 000,040,832 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\es1371mp.sys -- (es1371)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-344962686-1799321519-2938304592-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.seznam.cz/ [binary data]
IE - HKU\S-1-5-21-344962686-1799321519-2938304592-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchshock.com/?cid=4225
IE - HKU\S-1-5-21-344962686-1799321519-2938304592-1000\..\SearchScopes,DefaultScope = {6eae37ef-354e-4e40-a054-18406fbdd365}
IE - HKU\S-1-5-21-344962686-1799321519-2938304592-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-344962686-1799321519-2938304592-1000\..\SearchScopes\{1E4C1C84-DC97-4516-A83A-6CEE23A9954C}: "URL" = http://www.google.com/search?q={searchT ... utEncoding?}
IE - HKU\S-1-5-21-344962686-1799321519-2938304592-1000\..\SearchScopes\{6eae37ef-354e-4e40-a054-18406fbdd365}: "URL" = http://www.searchshock.com/search.html? ... }&cid=4225
IE - HKU\S-1-5-21-344962686-1799321519-2938304592-1000\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search?q={searchTerms}
IE - HKU\S-1-5-21-344962686-1799321519-2938304592-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.6.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.6.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014.06.07 09:32:14 | 000,000,000 | ---D | M]
[2014.04.21 12:08:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ferda Mravenec\AppData\Roaming\Mozilla\Extensions
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-344962686-1799321519-2938304592-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-344962686-1799321519-2938304592-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-344962686-1799321519-2938304592-1000\..Trusted Domains: samsungsetup.com ([www] http in Důvěryhodné weby)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{94432745-C9EB-4E77-BBCB-A9D83EBF7886}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2014.02.08 16:41:19 | 000,000,000 | ---- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2014.07.05 06:19:36 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Ferda Mravenec\Desktop\OTL.exe
[2014.07.04 15:51:01 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.07.04 15:51:01 | 000,000,000 | ---D | C] -- C:\rsit
[2014.06.29 16:54:06 | 000,000,000 | ---D | C] -- C:\Users\Ferda Mravenec\AppData\Local\Adobe
[2014.06.28 20:45:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2014.06.28 20:45:02 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2014.06.28 19:57:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
[2014.06.28 19:57:31 | 000,000,000 | ---D | C] -- C:\Users\Ferda Mravenec\AppData\Roaming\PerformerSoft
[2014.06.28 19:57:14 | 000,000,000 | ---D | C] -- C:\Users\Ferda Mravenec\AppData\Local\PCPerformer
[2014.06.28 19:57:01 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedAnalysis
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2014.07.05 06:24:03 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.07.05 06:19:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ferda Mravenec\Desktop\OTL.exe
[2014.07.05 06:15:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.07.04 15:19:00 | 000,021,248 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.07.04 15:19:00 | 000,021,248 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.07.04 15:17:53 | 000,622,422 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2014.07.04 15:17:53 | 000,606,992 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014.07.04 15:17:53 | 000,118,604 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2014.07.04 15:17:53 | 000,103,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014.07.04 15:11:34 | 1609,916,416 | -HS- | M] () -- C:\hiberfil.sys
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014.07.05 06:24:03 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.06.28 20:45:06 | 000,218,200 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2014.06.07 09:23:04 | 000,000,003 | ---- | C] () -- C:\Users\Ferda Mravenec\stut
[2014.06.06 16:33:00 | 000,972,814 | --S- | C] () -- C:\Windows\System32\dcgmnclyewd.exe
[2014.06.06 16:33:00 | 000,187,904 | --S- | C] () -- C:\Windows\System32\lcpmnclyewd.exe
[2014.06.06 16:32:59 | 010,236,928 | --S- | C] () -- C:\Windows\System32\acumnclyewd.exe
[2014.05.10 14:56:08 | 000,001,736 | ---- | C] () -- C:\Windows\hpdj3740.ini
[2014.05.10 14:33:44 | 000,007,045 | ---- | C] () -- C:\Windows\hpdj3600.ini
[2014.03.29 18:49:13 | 000,187,904 | --S- | C] () -- C:\Windows\System32\lcpmncqkjufn.exe
[2014.03.29 18:49:12 | 000,972,814 | --S- | C] () -- C:\Windows\System32\dcgmncqkjufn.exe
[2014.03.29 18:49:11 | 010,236,928 | --S- | C] () -- C:\Windows\System32\acumncqkjufn.exe
[2014.03.29 18:49:11 | 000,133,632 | --S- | C] () -- C:\Windows\System32\librtmp.dll
[2014.03.29 18:49:11 | 000,100,864 | --S- | C] () -- C:\Windows\System32\zlib1.dll
[2014.03.29 18:49:10 | 000,538,126 | --S- | C] () -- C:\Windows\System32\libcurl-4.dll
[2014.03.29 18:49:10 | 000,192,512 | --S- | C] () -- C:\Windows\System32\libidn-11.dll
[2014.02.08 21:58:33 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2014.01.20 17:47:28 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
========== ZeroAccess Check ==========
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.03.25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 23:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2014.06.24 14:47:05 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\.minecraft
[2014.06.06 16:17:59 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\AVG
[2014.04.12 20:54:19 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\calibre
[2014.03.29 08:41:08 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\DAEMON Tools Lite
[2014.06.28 20:52:09 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\FLV and Media Player
[2014.03.15 20:45:22 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Leadertech
[2014.04.18 09:11:24 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\LolClient
[2014.06.06 16:16:16 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\OpenCandy
[2014.01.20 20:43:12 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Opera
[2014.05.24 11:12:25 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Opera Software
[2014.06.28 20:54:36 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\PerformerSoft
[2014.02.09 11:57:00 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Riot Games
[2014.04.21 12:08:48 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Thunderbird
[2014.02.09 17:24:27 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Wargaming.net
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 06:53:46 | 000,032,554 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2014.02.07 18:13:27 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 23:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 23:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010.11.20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2010.11.20 23:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\explorer.exe
[2010.11.20 23:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.20 23:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 23:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
< MD5 for: SCECLI.DLL >
[2010.11.20 23:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 23:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2010.11.20 23:29:20 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2013.07.06 07:05:35 | 001,293,760 | ---- | M] (Microsoft Corporation) MD5=4E8B9BE71B807B3BAEDB7F4243F85E3C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_b52f2f65c4a146e5\tcpip.sys
[2013.07.06 06:57:37 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=528F7CC60391DD0FAB0344F32F051FDF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_b5721e2eddf328f9\tcpip.sys
[2014.04.05 04:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\System32\drivers\tcpip.sys
[2014.04.05 04:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_b513c4dfc4b513b9\tcpip.sys
[2014.04.26 08:29:49 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=6C4F3D92764FFA22D28061A4D9235446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys
[2011.04.25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2014.04.26 08:29:49 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2014.04.05 04:16:21 | 001,310,144 | ---- | M] (Microsoft Corporation) MD5=EA47AB18E289333AB94397D77CA6E3A1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_b59293a4dddacc9b\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 23:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 23:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 23:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2014.03.04 11:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\System32\winlogon.exe
[2014.03.04 11:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_71da23b23327143c\winlogon.exe
[2014.03.04 12:39:02 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=D53972F87D850CD2EB4B29B60CAFDD77 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_7255f1994c4f8119\winlogon.exe
< >
< %systemroot%*.* /U /s >
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2014.06.24 14:47:05 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\.minecraft
[2014.01.25 21:59:20 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Adobe
[2014.02.08 22:04:06 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\ATI
[2014.05.10 15:47:45 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\atitray
[2014.06.06 16:17:59 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\AVG
[2014.04.12 20:54:19 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\calibre
[2014.03.29 08:41:08 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\DAEMON Tools Lite
[2014.06.28 20:52:09 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\FLV and Media Player
[2014.01.20 19:48:57 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Identities
[2014.02.14 22:24:22 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\InstallShield
[2014.03.15 20:45:22 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Leadertech
[2014.04.18 09:11:24 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\LolClient
[2014.02.07 20:19:38 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Macromedia
[2010.11.21 03:24:45 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Media Center Programs
[2014.06.28 19:58:07 | 000,000,000 | --SD | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Microsoft
[2014.04.21 12:08:49 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Mozilla
[2014.06.06 16:16:16 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\OpenCandy
[2014.01.20 20:43:12 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Opera
[2014.05.24 11:12:25 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Opera Software
[2014.06.28 20:54:36 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\PerformerSoft
[2014.02.09 11:57:00 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Riot Games
[2014.07.03 16:36:10 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Skype
[2014.04.21 12:08:48 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Thunderbird
[2014.06.21 11:28:10 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\vlc
[2014.02.09 17:24:27 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Wargaming.net
[2014.01.20 20:30:17 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2014.02.08 22:02:59 | 000,010,134 | R--- | M] () -- C:\Users\Ferda Mravenec\AppData\Roaming\Microsoft\Installer\{976CD7D9-36FD-68A6-36EE-4F6DE5BF6B42}\ARPPRODUCTICON.exe
[2014.04.10 00:33:06 | 027,826,600 | ---- | M] (AVG) -- C:\Users\Ferda Mravenec\AppData\Roaming\OpenCandy\95C134D6FBA549B8850BC41627BE42C7\AVG-PC-TuneUp2014.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2014.06.23 16:52:41 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2014.07.04 15:19:00 | 000,021,248 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.07.04 15:19:00 | 000,021,248 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.07.04 15:17:53 | 000,118,604 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2014.07.04 15:17:53 | 000,103,370 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2014.07.04 15:17:53 | 000,622,422 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2014.07.04 15:17:53 | 000,606,992 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2014.07.04 15:17:53 | 001,445,734 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 23:29:41 | 001,174,016 | ---- | M] (Microsoft Corporation)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2014.05.24 04:10:04 | 000,770,736 | ---- | M] (Microsoft Corporation) MD5=BB6ECFA1410FAF93A9DC762E8214D115 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2014.04.26 08:30:45 | 000,879,456 | ---- | M] (Opera Software) MD5=64E8DB17AA4D027C24F302AC0E769EFF -- C:\Program Files\Opera\opera.exe
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.07.05 06:24:03 | 000,000,512 | ---- | M] () MD5=A64A22D50047414E2BC8E6668DB75015 -- C:\PhysicalMBR.bin
[1 C:\*.tmp files -> C:\*.tmp -> ]
< >
< *crack* /s >
[2014.04.09 18:57:05 | 000,213,184 | ---- | M] () -- \Games\World_of_Tanks\res\audio\objects_ice_crack.fsb
[2013.03.01 23:19:15 | 1382,060,540 | ---- | M] () -- \Users\Ferda Mravenec\Documents\A DATA\Sims 3\12.-The-Sims-3---Showtime-CZ-+-crack-+-key.rar
[2013.02.03 12:05:56 | 006,210,223 | ---- | M] () -- \Users\Ferda Mravenec\Documents\A DATA\Sims 3\The-Sims-3-Cestovní-Horečka-crack-na-nejnovější-verzi.rar
[2012.10.28 23:37:14 | 1716,912,127 | ---- | M] () -- \Users\Ferda Mravenec\Documents\A DATA\Sims 3\The-Sims-3-CZ-Crack.iso
< *keygen* /s >
< *loader* /s >
[2011.09.01 04:59:42 | 000,021,504 | R--- | M] () -- \$WINDOWS.~BT\Sources\en-us\upgloader.dll.mui
[2014.04.09 18:57:05 | 000,071,208 | ---- | M] () -- \Games\World_of_Tanks\PhysXLoader.dll
[2014.06.04 11:31:51 | 000,001,508 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\eulaversionloader.pyc
[2014.04.09 18:57:05 | 000,002,209 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\graphicspresetsloader.pyc
[2014.04.09 18:57:05 | 000,007,130 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\guicolorsloader.pyc
[2014.04.09 18:57:05 | 000,003,955 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\guisoundsloader.pyc
[2014.04.09 18:57:05 | 000,006,579 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\logindataloader.pyc
[2014.04.09 18:57:05 | 000,002,753 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\windowsstoreddataloader.pyc
[2014.04.09 18:57:05 | 000,001,502 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\scaleform\framework\entities\abstract\loadermanagermeta.pyc
[2014.04.09 18:57:05 | 000,006,582 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\scaleform\framework\managers\loaders.pyc
[2014.04.09 18:57:05 | 000,003,649 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\helpers\rssdownloader.pyc
[2014.04.09 18:57:05 | 000,006,995 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\tutorial\loader.pyc
[2014.04.09 18:57:05 | 000,011,286 | ---- | M] () -- \Games\World_of_Tanks\res_bw\scripts\common\lib\unittest\loader.pyc
[2014.04.17 22:03:32 | 000,044,032 | R--- | M] () -- \Program Files\Calibre2\DLLs\PyISAPI_loader.dll
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2014.02.09 12:05:11 | 000,000,404 | ---- | M] () -- \Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.98\deploy\assets\storeImages\layout\small_loader.gif
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \The KMPlayer\ImLoader.dll
[2014.01.28 20:35:56 | 000,072,638 | ---- | M] () -- \Users\Ferda Mravenec\AppData\Local\Skype\Apps\login\images\loader.gif
[2014.01.28 20:35:56 | 000,003,032 | ---- | M] () -- \Users\Ferda Mravenec\AppData\Local\Skype\Apps\login\images\loader.png
[2014.01.28 20:35:56 | 000,006,012 | ---- | M] () -- \Users\Ferda Mravenec\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014.01.28 20:35:56 | 000,021,956 | ---- | M] () -- \Users\Ferda Mravenec\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014.01.28 20:35:56 | 000,009,772 | ---- | M] () -- \Users\Ferda Mravenec\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2011.12.08 04:46:00 | 000,313,576 | ---- | M] () -- \Users\Ferda Mravenec\AppData\Local\Solid State Networks\downloader.bundle
[2011.12.08 02:29:00 | 000,525,216 | ---- | M] () -- \Users\Ferda Mravenec\AppData\Local\Solid State Networks\downloader.dll
[2010.09.28 08:38:58 | 000,007,134 | ---- | M] () -- \Users\Ferda Mravenec\Desktop\Minecraft-1.4.-full-game\.minecraft\Minecraft\Loader.class
[2010.09.28 08:39:04 | 000,002,208 | ---- | M] () -- \Users\Ferda Mravenec\Desktop\Minecraft-1.4.-full-game\.minecraft\Minecraft\bsh\classpath\BshClassLoader.class
[2010.09.28 08:39:04 | 000,000,687 | ---- | M] () -- \Users\Ferda Mravenec\Desktop\Minecraft-1.4.-full-game\.minecraft\Minecraft\bsh\classpath\DiscreteFilesClassLoader$ClassSourceMap.class
[2010.09.28 08:39:04 | 000,001,248 | ---- | M] () -- \Users\Ferda Mravenec\Desktop\Minecraft-1.4.-full-game\.minecraft\Minecraft\bsh\classpath\DiscreteFilesClassLoader.class
[2013.06.01 18:01:59 | 000,001,737 | ---- | M] () -- \Users\Ferda Mravenec\Documents\A DATA\Sims 3 další\preloader.gif
[2014.02.08 22:22:28 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2009.07.14 14:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2010.11.21 03:16:08 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2010.11.21 03:16:08 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2010.11.21 03:16:08 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2010.11.20 23:31:02 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2010.11.20 23:31:02 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2010.11.20 23:31:02 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2010.11.21 03:15:24 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2010.11.20 23:23:54 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.02.01 22:31:20 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.02.01 22:31:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.02.01 22:31:19 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.02.01 22:31:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ferda Mravenec\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16921)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,45 Gb Available Physical Memory | 72,77% Memory free
4,00 Gb Paging File | 3,07 Gb Available in Paging File | 76,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931,41 Gb Total Space | 766,33 Gb Free Space | 82,28% Space Free | Partition Type: NTFS
Drive F: | 298,09 Gb Total Space | 255,01 Gb Free Space | 85,55% Space Free | Partition Type: NTFS
Computer Name: FERDAMRAVENEC | User Name: Ferda Mravenec | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2014.07.05 06:19:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ferda Mravenec\Desktop\OTL.exe
PRC - [2014.04.26 08:30:45 | 000,879,456 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2014.02.24 16:27:06 | 001,343,408 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2014.02.24 16:26:50 | 005,075,104 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2014.02.01 22:32:27 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010.11.20 23:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.08.18 03:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009.08.18 03:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
========== Modules (No Company Name) ==========
MOD - [2014.05.17 16:02:59 | 011,922,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\70dbdd46969daf2bea2443c75b7629d4\System.Web.ni.dll
MOD - [2014.05.17 16:02:48 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\98c91b8d3f1d54c41ada5f37e0935303\System.Runtime.Remoting.ni.dll
MOD - [2014.02.15 13:45:43 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014.02.15 13:45:34 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014.02.15 13:45:12 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014.02.15 13:45:08 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014.02.15 13:45:06 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014.02.15 13:44:58 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2014.02.08 22:04:00 | 000,380,928 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3665.39640__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2014.02.08 22:04:00 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3665.39671__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2014.02.08 22:04:00 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3665.39663__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2014.02.08 22:04:00 | 000,011,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3665.39793__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MOD - [2014.02.08 22:04:00 | 000,008,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3665.39793__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MOD - [2014.02.08 22:04:00 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3665.39798__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
MOD - [2014.02.08 22:04:00 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3665.39794__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2014.02.08 22:03:59 | 001,708,032 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3665.39821__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.dll
MOD - [2014.02.08 22:03:59 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3665.39776__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2014.02.08 22:03:59 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3665.39748__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2014.02.08 22:03:59 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3665.39652__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2014.02.08 22:03:59 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3665.39777__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2014.02.08 22:03:59 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3665.39717__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2014.02.08 22:03:59 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3665.39654__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2014.02.08 22:03:59 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Runtime\2.0.3665.39822__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Runtime.dll
MOD - [2014.02.08 22:03:58 | 000,827,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3665.39706__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2014.02.08 22:03:58 | 000,651,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3665.39792__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll
MOD - [2014.02.08 22:03:58 | 000,409,600 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3665.39739__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2014.02.08 22:03:58 | 000,356,352 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3665.39725__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2014.02.08 22:03:58 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3665.39671__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2014.02.08 22:03:58 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3665.39705__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2014.02.08 22:03:58 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3665.39726__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2014.02.08 22:03:58 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3665.39713__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2014.02.08 22:03:58 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3665.39791__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll
MOD - [2014.02.08 22:03:58 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3665.39725__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2014.02.08 22:03:58 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3665.39774__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2014.02.08 22:03:58 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3665.39712__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2014.02.08 22:03:57 | 001,302,528 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3665.39817__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll
MOD - [2014.02.08 22:03:57 | 000,573,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3665.39673__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2014.02.08 22:03:57 | 000,270,336 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2014.02.08 22:03:57 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3665.39704__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2014.02.08 22:03:57 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3665.39705__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2014.02.08 22:03:57 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3665.39677__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2014.02.08 22:03:57 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3665.39715__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2014.02.08 22:03:57 | 000,008,192 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3665.39632__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2014.02.08 22:03:57 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3665.39626__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2014.02.08 22:03:57 | 000,006,144 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3665.39635__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2014.02.08 22:03:57 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3665.39784__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2014.02.08 22:03:57 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3665.39639__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2014.02.08 22:03:57 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3665.39635__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2014.02.08 22:03:56 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2014.02.08 22:03:56 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3665.39625__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2014.02.08 22:03:56 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3665.39768__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2014.02.08 22:03:56 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll
MOD - [2014.02.08 22:03:56 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2014.02.08 22:03:56 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2014.02.08 22:03:56 | 000,015,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3665.39626__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2014.02.08 22:03:56 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2014.02.08 22:03:56 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3665.39639__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2014.02.08 22:03:56 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3665.39774__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2014.02.08 22:03:56 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3665.39630__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2014.02.08 22:03:55 | 000,151,552 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3665.39630__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2014.02.08 22:03:55 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3665.39627__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2014.02.08 22:03:55 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3665.39791__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll
MOD - [2014.02.08 22:03:55 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3665.39693__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2014.02.08 22:03:55 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3665.39724__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2014.02.08 22:03:55 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3665.39775__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2014.02.08 22:03:55 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3665.39739__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2014.02.08 22:03:55 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3665.39629__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2014.02.08 22:03:55 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3665.39629__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2014.02.08 22:03:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3665.39662__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2014.02.08 22:03:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3665.39652__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2014.02.08 22:03:55 | 000,009,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Shared\2.0.3665.39776__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Shared.dll
MOD - [2014.02.08 22:03:55 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3665.39628__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2014.02.08 22:03:55 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3665.39634__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2014.02.08 22:03:54 | 000,741,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3665.39814__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2014.02.08 22:03:54 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3665.39748__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2014.02.08 22:03:54 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3665.39668__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2014.02.08 22:03:54 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3665.39704__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2014.02.08 22:03:54 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3665.39653__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2014.02.08 22:03:54 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3665.39784__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2014.02.08 22:03:54 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3665.39717__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2014.02.08 22:03:54 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3665.39654__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2014.02.08 22:03:54 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3665.39653__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2014.02.08 22:03:54 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3665.39667__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2014.02.08 22:03:54 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3665.39712__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2014.02.08 22:03:54 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3665.39639__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2014.02.08 22:03:54 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3665.39628__90ba9c70f846762e\APM.Foundation.dll
MOD - [2014.02.08 22:03:54 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3665.39636__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2014.02.08 22:03:54 | 000,006,144 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3665.39634__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2014.02.08 22:03:53 | 001,220,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3665.39647__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2014.02.08 22:03:53 | 000,577,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3665.39760__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2014.02.08 22:03:53 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3665.39662__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2014.02.08 22:03:53 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3665.39768__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2014.02.08 22:03:53 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3665.39765__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2014.02.08 22:03:53 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3665.39637__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2014.02.08 22:03:53 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3665.39638__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2014.02.08 22:03:53 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3665.39636__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2014.02.08 22:03:53 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3665.39632__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2014.02.08 22:03:53 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3665.39629__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2014.02.08 22:03:53 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3665.39631__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2014.02.08 22:03:53 | 000,011,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3665.39661__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2014.02.08 22:03:53 | 000,010,240 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3665.39646__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2014.02.08 22:03:53 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3665.39637__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2014.02.08 22:03:52 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3665.39632__90ba9c70f846762e\APM.Server.dll
MOD - [2014.02.08 22:03:52 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3665.39635__90ba9c70f846762e\AEM.Server.dll
MOD - [2014.02.08 22:03:52 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3665.39645__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2014.02.08 22:03:52 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2014.02.08 22:03:52 | 000,019,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3665.39767__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2014.02.08 22:03:52 | 000,008,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3665.39669__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2010.11.13 03:54:29 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_cs_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2010.11.13 03:54:19 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.11.24 14:36:36 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Users\Ferda Mravenec\AppData\Local\Temp\7zS2E99\hpslpsvc32.dll -- (HPSLPSVC)
SRV - [2014.06.22 10:02:24 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.06.18 18:01:33 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.02.24 16:27:06 | 001,343,408 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.10.23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.05.27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.08.18 03:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - [2014.03.26 20:24:40 | 000,204,064 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxDrv.sys -- (VBoxDrv)
DRV - [2014.03.26 20:23:06 | 000,116,512 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2014.03.26 20:23:04 | 000,126,752 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - [2014.03.26 20:23:04 | 000,104,736 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon)
DRV - [2014.03.02 10:03:49 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2013.09.17 14:17:38 | 000,188,808 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2013.09.17 14:17:38 | 000,134,248 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2013.09.17 14:17:38 | 000,122,376 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2010.11.20 23:29:34 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 23:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 23:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 23:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - [2010.11.20 23:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2010.11.20 23:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010.11.20 23:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 23:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2010.11.20 23:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 23:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010.11.20 23:29:03 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV - [2010.11.20 23:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 23:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.09.07 08:27:22 | 000,028,672 | R--- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PcaSp60.sys -- (PcaSp60)
DRV - [2009.08.18 04:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2004.08.13 10:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2002.06.03 11:18:32 | 000,040,832 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\es1371mp.sys -- (es1371)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-344962686-1799321519-2938304592-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.seznam.cz/ [binary data]
IE - HKU\S-1-5-21-344962686-1799321519-2938304592-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchshock.com/?cid=4225
IE - HKU\S-1-5-21-344962686-1799321519-2938304592-1000\..\SearchScopes,DefaultScope = {6eae37ef-354e-4e40-a054-18406fbdd365}
IE - HKU\S-1-5-21-344962686-1799321519-2938304592-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-344962686-1799321519-2938304592-1000\..\SearchScopes\{1E4C1C84-DC97-4516-A83A-6CEE23A9954C}: "URL" = http://www.google.com/search?q={searchT ... utEncoding?}
IE - HKU\S-1-5-21-344962686-1799321519-2938304592-1000\..\SearchScopes\{6eae37ef-354e-4e40-a054-18406fbdd365}: "URL" = http://www.searchshock.com/search.html? ... }&cid=4225
IE - HKU\S-1-5-21-344962686-1799321519-2938304592-1000\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search?q={searchTerms}
IE - HKU\S-1-5-21-344962686-1799321519-2938304592-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.6.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.6.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014.06.07 09:32:14 | 000,000,000 | ---D | M]
[2014.04.21 12:08:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ferda Mravenec\AppData\Roaming\Mozilla\Extensions
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-344962686-1799321519-2938304592-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-344962686-1799321519-2938304592-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-344962686-1799321519-2938304592-1000\..Trusted Domains: samsungsetup.com ([www] http in Důvěryhodné weby)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{94432745-C9EB-4E77-BBCB-A9D83EBF7886}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2014.02.08 16:41:19 | 000,000,000 | ---- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2014.07.05 06:19:36 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Ferda Mravenec\Desktop\OTL.exe
[2014.07.04 15:51:01 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.07.04 15:51:01 | 000,000,000 | ---D | C] -- C:\rsit
[2014.06.29 16:54:06 | 000,000,000 | ---D | C] -- C:\Users\Ferda Mravenec\AppData\Local\Adobe
[2014.06.28 20:45:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2014.06.28 20:45:02 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2014.06.28 19:57:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
[2014.06.28 19:57:31 | 000,000,000 | ---D | C] -- C:\Users\Ferda Mravenec\AppData\Roaming\PerformerSoft
[2014.06.28 19:57:14 | 000,000,000 | ---D | C] -- C:\Users\Ferda Mravenec\AppData\Local\PCPerformer
[2014.06.28 19:57:01 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedAnalysis
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2014.07.05 06:24:03 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.07.05 06:19:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ferda Mravenec\Desktop\OTL.exe
[2014.07.05 06:15:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.07.04 15:19:00 | 000,021,248 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.07.04 15:19:00 | 000,021,248 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.07.04 15:17:53 | 000,622,422 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2014.07.04 15:17:53 | 000,606,992 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014.07.04 15:17:53 | 000,118,604 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2014.07.04 15:17:53 | 000,103,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014.07.04 15:11:34 | 1609,916,416 | -HS- | M] () -- C:\hiberfil.sys
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014.07.05 06:24:03 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.06.28 20:45:06 | 000,218,200 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2014.06.07 09:23:04 | 000,000,003 | ---- | C] () -- C:\Users\Ferda Mravenec\stut
[2014.06.06 16:33:00 | 000,972,814 | --S- | C] () -- C:\Windows\System32\dcgmnclyewd.exe
[2014.06.06 16:33:00 | 000,187,904 | --S- | C] () -- C:\Windows\System32\lcpmnclyewd.exe
[2014.06.06 16:32:59 | 010,236,928 | --S- | C] () -- C:\Windows\System32\acumnclyewd.exe
[2014.05.10 14:56:08 | 000,001,736 | ---- | C] () -- C:\Windows\hpdj3740.ini
[2014.05.10 14:33:44 | 000,007,045 | ---- | C] () -- C:\Windows\hpdj3600.ini
[2014.03.29 18:49:13 | 000,187,904 | --S- | C] () -- C:\Windows\System32\lcpmncqkjufn.exe
[2014.03.29 18:49:12 | 000,972,814 | --S- | C] () -- C:\Windows\System32\dcgmncqkjufn.exe
[2014.03.29 18:49:11 | 010,236,928 | --S- | C] () -- C:\Windows\System32\acumncqkjufn.exe
[2014.03.29 18:49:11 | 000,133,632 | --S- | C] () -- C:\Windows\System32\librtmp.dll
[2014.03.29 18:49:11 | 000,100,864 | --S- | C] () -- C:\Windows\System32\zlib1.dll
[2014.03.29 18:49:10 | 000,538,126 | --S- | C] () -- C:\Windows\System32\libcurl-4.dll
[2014.03.29 18:49:10 | 000,192,512 | --S- | C] () -- C:\Windows\System32\libidn-11.dll
[2014.02.08 21:58:33 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2014.01.20 17:47:28 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
========== ZeroAccess Check ==========
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.03.25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 23:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2014.06.24 14:47:05 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\.minecraft
[2014.06.06 16:17:59 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\AVG
[2014.04.12 20:54:19 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\calibre
[2014.03.29 08:41:08 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\DAEMON Tools Lite
[2014.06.28 20:52:09 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\FLV and Media Player
[2014.03.15 20:45:22 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Leadertech
[2014.04.18 09:11:24 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\LolClient
[2014.06.06 16:16:16 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\OpenCandy
[2014.01.20 20:43:12 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Opera
[2014.05.24 11:12:25 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Opera Software
[2014.06.28 20:54:36 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\PerformerSoft
[2014.02.09 11:57:00 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Riot Games
[2014.04.21 12:08:48 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Thunderbird
[2014.02.09 17:24:27 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Wargaming.net
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 06:53:46 | 000,032,554 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2014.02.07 18:13:27 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 23:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 23:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010.11.20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2010.11.20 23:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\explorer.exe
[2010.11.20 23:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.20 23:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 23:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
< MD5 for: SCECLI.DLL >
[2010.11.20 23:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 23:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2010.11.20 23:29:20 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2013.07.06 07:05:35 | 001,293,760 | ---- | M] (Microsoft Corporation) MD5=4E8B9BE71B807B3BAEDB7F4243F85E3C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_b52f2f65c4a146e5\tcpip.sys
[2013.07.06 06:57:37 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=528F7CC60391DD0FAB0344F32F051FDF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_b5721e2eddf328f9\tcpip.sys
[2014.04.05 04:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\System32\drivers\tcpip.sys
[2014.04.05 04:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_b513c4dfc4b513b9\tcpip.sys
[2014.04.26 08:29:49 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=6C4F3D92764FFA22D28061A4D9235446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys
[2011.04.25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2014.04.26 08:29:49 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2014.04.05 04:16:21 | 001,310,144 | ---- | M] (Microsoft Corporation) MD5=EA47AB18E289333AB94397D77CA6E3A1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_b59293a4dddacc9b\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 23:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 23:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 23:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2014.03.04 11:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\System32\winlogon.exe
[2014.03.04 11:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_71da23b23327143c\winlogon.exe
[2014.03.04 12:39:02 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=D53972F87D850CD2EB4B29B60CAFDD77 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_7255f1994c4f8119\winlogon.exe
< >
< %systemroot%*.* /U /s >
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2014.06.24 14:47:05 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\.minecraft
[2014.01.25 21:59:20 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Adobe
[2014.02.08 22:04:06 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\ATI
[2014.05.10 15:47:45 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\atitray
[2014.06.06 16:17:59 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\AVG
[2014.04.12 20:54:19 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\calibre
[2014.03.29 08:41:08 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\DAEMON Tools Lite
[2014.06.28 20:52:09 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\FLV and Media Player
[2014.01.20 19:48:57 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Identities
[2014.02.14 22:24:22 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\InstallShield
[2014.03.15 20:45:22 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Leadertech
[2014.04.18 09:11:24 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\LolClient
[2014.02.07 20:19:38 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Macromedia
[2010.11.21 03:24:45 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Media Center Programs
[2014.06.28 19:58:07 | 000,000,000 | --SD | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Microsoft
[2014.04.21 12:08:49 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Mozilla
[2014.06.06 16:16:16 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\OpenCandy
[2014.01.20 20:43:12 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Opera
[2014.05.24 11:12:25 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Opera Software
[2014.06.28 20:54:36 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\PerformerSoft
[2014.02.09 11:57:00 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Riot Games
[2014.07.03 16:36:10 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Skype
[2014.04.21 12:08:48 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Thunderbird
[2014.06.21 11:28:10 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\vlc
[2014.02.09 17:24:27 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\Wargaming.net
[2014.01.20 20:30:17 | 000,000,000 | ---D | M] -- C:\Users\Ferda Mravenec\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2014.02.08 22:02:59 | 000,010,134 | R--- | M] () -- C:\Users\Ferda Mravenec\AppData\Roaming\Microsoft\Installer\{976CD7D9-36FD-68A6-36EE-4F6DE5BF6B42}\ARPPRODUCTICON.exe
[2014.04.10 00:33:06 | 027,826,600 | ---- | M] (AVG) -- C:\Users\Ferda Mravenec\AppData\Roaming\OpenCandy\95C134D6FBA549B8850BC41627BE42C7\AVG-PC-TuneUp2014.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2014.06.23 16:52:41 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2014.07.04 15:19:00 | 000,021,248 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.07.04 15:19:00 | 000,021,248 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.07.04 15:17:53 | 000,118,604 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2014.07.04 15:17:53 | 000,103,370 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2014.07.04 15:17:53 | 000,622,422 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2014.07.04 15:17:53 | 000,606,992 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2014.07.04 15:17:53 | 001,445,734 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 23:29:41 | 001,174,016 | ---- | M] (Microsoft Corporation)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2014.05.24 04:10:04 | 000,770,736 | ---- | M] (Microsoft Corporation) MD5=BB6ECFA1410FAF93A9DC762E8214D115 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2014.04.26 08:30:45 | 000,879,456 | ---- | M] (Opera Software) MD5=64E8DB17AA4D027C24F302AC0E769EFF -- C:\Program Files\Opera\opera.exe
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.07.05 06:24:03 | 000,000,512 | ---- | M] () MD5=A64A22D50047414E2BC8E6668DB75015 -- C:\PhysicalMBR.bin
[1 C:\*.tmp files -> C:\*.tmp -> ]
< >
< *crack* /s >
[2014.04.09 18:57:05 | 000,213,184 | ---- | M] () -- \Games\World_of_Tanks\res\audio\objects_ice_crack.fsb
[2013.03.01 23:19:15 | 1382,060,540 | ---- | M] () -- \Users\Ferda Mravenec\Documents\A DATA\Sims 3\12.-The-Sims-3---Showtime-CZ-+-crack-+-key.rar
[2013.02.03 12:05:56 | 006,210,223 | ---- | M] () -- \Users\Ferda Mravenec\Documents\A DATA\Sims 3\The-Sims-3-Cestovní-Horečka-crack-na-nejnovější-verzi.rar
[2012.10.28 23:37:14 | 1716,912,127 | ---- | M] () -- \Users\Ferda Mravenec\Documents\A DATA\Sims 3\The-Sims-3-CZ-Crack.iso
< *keygen* /s >
< *loader* /s >
[2011.09.01 04:59:42 | 000,021,504 | R--- | M] () -- \$WINDOWS.~BT\Sources\en-us\upgloader.dll.mui
[2014.04.09 18:57:05 | 000,071,208 | ---- | M] () -- \Games\World_of_Tanks\PhysXLoader.dll
[2014.06.04 11:31:51 | 000,001,508 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\eulaversionloader.pyc
[2014.04.09 18:57:05 | 000,002,209 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\graphicspresetsloader.pyc
[2014.04.09 18:57:05 | 000,007,130 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\guicolorsloader.pyc
[2014.04.09 18:57:05 | 000,003,955 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\guisoundsloader.pyc
[2014.04.09 18:57:05 | 000,006,579 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\logindataloader.pyc
[2014.04.09 18:57:05 | 000,002,753 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\windowsstoreddataloader.pyc
[2014.04.09 18:57:05 | 000,001,502 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\scaleform\framework\entities\abstract\loadermanagermeta.pyc
[2014.04.09 18:57:05 | 000,006,582 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\scaleform\framework\managers\loaders.pyc
[2014.04.09 18:57:05 | 000,003,649 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\helpers\rssdownloader.pyc
[2014.04.09 18:57:05 | 000,006,995 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\tutorial\loader.pyc
[2014.04.09 18:57:05 | 000,011,286 | ---- | M] () -- \Games\World_of_Tanks\res_bw\scripts\common\lib\unittest\loader.pyc
[2014.04.17 22:03:32 | 000,044,032 | R--- | M] () -- \Program Files\Calibre2\DLLs\PyISAPI_loader.dll
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2014.02.09 12:05:11 | 000,000,404 | ---- | M] () -- \Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.98\deploy\assets\storeImages\layout\small_loader.gif
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \The KMPlayer\ImLoader.dll
[2014.01.28 20:35:56 | 000,072,638 | ---- | M] () -- \Users\Ferda Mravenec\AppData\Local\Skype\Apps\login\images\loader.gif
[2014.01.28 20:35:56 | 000,003,032 | ---- | M] () -- \Users\Ferda Mravenec\AppData\Local\Skype\Apps\login\images\loader.png
[2014.01.28 20:35:56 | 000,006,012 | ---- | M] () -- \Users\Ferda Mravenec\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014.01.28 20:35:56 | 000,021,956 | ---- | M] () -- \Users\Ferda Mravenec\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014.01.28 20:35:56 | 000,009,772 | ---- | M] () -- \Users\Ferda Mravenec\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2011.12.08 04:46:00 | 000,313,576 | ---- | M] () -- \Users\Ferda Mravenec\AppData\Local\Solid State Networks\downloader.bundle
[2011.12.08 02:29:00 | 000,525,216 | ---- | M] () -- \Users\Ferda Mravenec\AppData\Local\Solid State Networks\downloader.dll
[2010.09.28 08:38:58 | 000,007,134 | ---- | M] () -- \Users\Ferda Mravenec\Desktop\Minecraft-1.4.-full-game\.minecraft\Minecraft\Loader.class
[2010.09.28 08:39:04 | 000,002,208 | ---- | M] () -- \Users\Ferda Mravenec\Desktop\Minecraft-1.4.-full-game\.minecraft\Minecraft\bsh\classpath\BshClassLoader.class
[2010.09.28 08:39:04 | 000,000,687 | ---- | M] () -- \Users\Ferda Mravenec\Desktop\Minecraft-1.4.-full-game\.minecraft\Minecraft\bsh\classpath\DiscreteFilesClassLoader$ClassSourceMap.class
[2010.09.28 08:39:04 | 000,001,248 | ---- | M] () -- \Users\Ferda Mravenec\Desktop\Minecraft-1.4.-full-game\.minecraft\Minecraft\bsh\classpath\DiscreteFilesClassLoader.class
[2013.06.01 18:01:59 | 000,001,737 | ---- | M] () -- \Users\Ferda Mravenec\Documents\A DATA\Sims 3 další\preloader.gif
[2014.02.08 22:22:28 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2009.07.14 14:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2010.11.21 03:16:08 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2010.11.21 03:16:08 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2010.11.21 03:16:08 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2010.11.20 23:31:02 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2010.11.20 23:31:02 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2010.11.20 23:31:02 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2010.11.21 03:15:24 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2010.11.20 23:23:54 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.02.01 22:31:20 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.02.01 22:31:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.02.01 22:31:19 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.02.01 22:31:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
< End of report >
Re: log Extras
OTL Extras logfile created on: 5.7.2014 6:22:23 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ferda Mravenec\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16921)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,45 Gb Available Physical Memory | 72,77% Memory free
4,00 Gb Paging File | 3,07 Gb Available in Paging File | 76,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931,41 Gb Total Space | 766,33 Gb Free Space | 82,28% Space Free | Partition Type: NTFS
Drive F: | 298,09 Gb Total Space | 255,01 Gb Free Space | 85,55% Space Free | Partition Type: NTFS
Computer Name: FERDAMRAVENEC | User Name: Ferda Mravenec | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = OperaStable] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-344962686-1799321519-2938304592-1000\SOFTWARE\Classes\<extension>]
.html [@ = OperaStable] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1" (Applian Technologies Inc)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1" (Applian Technologies Inc)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10EA024C-CF4E-44D5-9CE2-C649AA188BF7}" = lport=139 | protocol=6 | dir=in | app=system |
"{24291181-AB1A-41B1-9CFC-699EF9DC678F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3BCC77C5-9956-4192-B7D2-49EC1514D4CB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{41392289-4CD4-4D32-BFB5-439701FA8C81}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{553C9A89-6A87-4F38-B2F2-DE2F3FD05981}" = rport=10243 | protocol=6 | dir=out | app=system |
"{569DB8B1-12F9-4BD6-8A83-0C6797DB6C46}" = lport=10243 | protocol=6 | dir=in | app=system |
"{7949F10F-3FB3-4CED-9BE3-B7AAD40772D3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8A28AE3F-5819-4B19-93D6-94EC998FC93A}" = lport=445 | protocol=6 | dir=in | app=system |
"{8C811FAB-8C65-4663-AD2A-15DC3CBF93A7}" = rport=445 | protocol=6 | dir=out | app=system |
"{924333FA-2946-4DFF-A969-37D58DF0443B}" = rport=138 | protocol=17 | dir=out | app=system |
"{92C55C30-9C47-4391-9D23-BDDD8E039661}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A6E847B7-4929-4563-A21F-794A1E7C52BB}" = rport=137 | protocol=17 | dir=out | app=system |
"{AAD06CCD-48E2-44A3-BFF3-A4181EC8656F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{B026C9B4-F371-437A-B2BB-8815CB66BC76}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B27C31B1-63B9-41BD-8438-9886CEE9F2AF}" = lport=137 | protocol=17 | dir=in | app=system |
"{CD6A0E80-C916-4B16-9FD2-3325C352F9C3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D1FDFA2D-FC8B-4526-986B-14D902458FEA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D447905E-F9F6-45FE-A98B-ED132CF25393}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DD8D54D3-3E3A-482F-8292-F573AA1274D8}" = lport=138 | protocol=17 | dir=in | app=system |
"{E12CD4E7-1BBD-411C-85F0-035D1A5AB702}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F13EEF40-B1CD-450C-AE81-429F0AD1937F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F2A02DB2-B048-47E5-B03D-70103BAE42EA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FE90A9E1-36EC-4088-A4E9-E0732EC752E8}" = rport=139 | protocol=6 | dir=out | app=system |
"{FECE27D2-ADC8-4F01-8C80-84A895FABA9E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2131DF73-5790-4AB9-84D9-B6B38B9B9C57}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{24CCE5B7-C504-40F5-9BFE-CBB2E6DD7146}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{3450BBCC-298B-42CC-9755-4232B48100D4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3C443AFE-053B-4A34-8E66-F9CD3B63DCE9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{43FBE29F-A454-4432-A4DC-12587E6FFB8E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{44791251-A958-4607-B9A2-1DE98DF3993F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{45F1557C-CBDC-4D57-891F-7B1F24299E31}" = protocol=6 | dir=in | app=c:\program files\asus\rt-n10lx wireless router utilities\qiswizard.exe |
"{47F92BB4-B841-46D9-918E-8700597821A2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4BCFBA10-6A70-4BF1-B47B-DF045E532E1C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{4EAE5576-5B6A-4DDC-9512-FB89EA3010AE}" = protocol=17 | dir=in | app=c:\program files\asus\rt-n10lx wireless router utilities\discovery.exe |
"{503EE569-2BC0-42DE-A5B9-3BA90C866497}" = protocol=6 | dir=in | app=c:\program files\asus\rt-n10lx wireless router utilities\discovery.exe |
"{5124D5E9-B9AC-40E3-A24E-2F855AAF4F99}" = protocol=6 | dir=in | app=c:\program files\asus\rt-n10lx wireless router utilities\rescue.exe |
"{5AEB5295-C0DD-452D-BF99-A47FC7EF9E60}" = protocol=6 | dir=out | app=system |
"{626204AC-96DD-456B-B2D0-8CA3BE7116D3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8C304A79-391A-4320-90BC-6A9B1F58C458}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9D30BD2C-4566-44BA-AEF9-7ADE2E41FC62}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A263472A-8BE9-4097-AB02-B5C8A88CF20D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{AF77555F-71F3-46F6-BD45-E00E0A5C5FE9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B44E5E95-DF59-480B-9F67-EE8DE7E051A8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BA1070B2-E814-4167-891F-1A964F909399}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BAC8CC18-FD76-44C4-986B-E43E23CA9ED6}" = protocol=17 | dir=in | app=c:\program files\asus\rt-n10lx wireless router utilities\liveupdate.exe |
"{C27C3BE3-A207-4F58-9F2A-7B95E58097B2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C2FBFC55-4A76-446B-8AE3-5325A552F484}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{C9C00096-2B4C-449A-9635-85FDD0C0B21B}" = protocol=6 | dir=in | app=c:\program files\asus\rt-n10lx wireless router utilities\liveupdate.exe |
"{D7739522-B59A-4499-8A19-77BDDCB88D6A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{D9CAFE7F-6C14-4734-9E25-DB24F9D97C1F}" = protocol=6 | dir=in | app=e:\routersetup\qiswizard.exe |
"{DAC9AACB-BD70-4D73-8E72-0A7EED5BE8CD}" = protocol=17 | dir=in | app=c:\program files\asus\rt-n10lx wireless router utilities\rescue.exe |
"{DC02BE17-3E49-4DAA-9BE9-7EFC39B02436}" = protocol=17 | dir=in | app=c:\program files\asus\rt-n10lx wireless router utilities\qiswizard.exe |
"{E1301BFF-BE6C-4BD9-BCA9-B16553ED45D9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E1CCDAA3-FDE8-45F1-8F67-A58228ABBEC1}" = protocol=17 | dir=in | app=e:\routersetup\qiswizard.exe |
"{E4804680-3205-4FF1-9AA6-1D69CB197D63}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{ED450301-B39B-4D62-8894-30467310F9DC}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{F4DB401A-AF12-4395-BA8C-14A9C4E480E9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F5585F1F-4949-44EC-A2D9-1CFEEAB9E1C4}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{FBDF7EDA-D831-46F8-B2B6-4CD7F1B210B2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"TCP Query User{2DC3CC7B-B61B-419E-90E3-F5BF036641E2}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{3F436978-EE05-4372-AE54-3BFBD72564D4}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{442D291E-1717-4323-93F5-823E19EB9937}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{C9FCB2DB-0499-4D5A-B2A0-19ED22CB6456}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{EEFA26D7-C504-4E6D-806A-14604F0200DC}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{0003FFA5-F82F-467E-AC98-3D60108231D5}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{012317A2-D934-41DC-986A-76DA84181CFB}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{3883784D-6F45-4C8B-BF7C-5DDB045E3780}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{700370BE-3C44-4A2B-8BBF-1CDEC7BE961B}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{B4972C61-68F3-4F4F-810D-FC37E67FE8E6}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{068E7D95-9C62-078D-9BC3-3984330F284F}" = CCC Help Japanese
"{080DE5D5-7847-730E-63A8-87FA495FCE82}" = CCC Help Italian
"{0B196585-9E29-3A87-3EA8-C2EAB9695685}" = CCC Help Finnish
"{0C1349F8-B5DB-39C7-8414-AD9FF7851AED}" = CCC Help German
"{1634557C-60B2-45AC-AA41-3474AF859F27}" = CCC Help Danish
"{18D91211-0119-FA44-816C-2B2EE6D9E0EF}" = CCC Help Spanish
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{256C90BC-AF27-BCC1-CDFC-BACC9439F742}" = CCC Help Chinese Traditional
"{26A24AE4-039D-4CA4-87B4-2F03217060FF}" = Java 7 Update 60
"{29270E40-E62E-7E69-CEAE-B18E9F5B6FFB}" = CCC Help Turkish
"{307C0A77-E5A4-A942-1766-D91FE30936CB}" = Catalyst Control Center HydraVision Full
"{3D45185D-3712-7F98-49A9-A7C7549C59B4}" = CCC Help Polish
"{3D458001-1281-9340-752E-0B73D813E148}" = CCC Help Greek
"{48C84341-E4F7-42EC-BED5-7A5CAA3291F5}" = calibre
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50B10977-0259-B95E-077C-096633104383}" = ATI Problem Report Wizard
"{568AE04A-68C9-2567-564C-748415070271}" = CCC Help English
"{573BCE21-A17C-981C-4D43-C7E79ED6E6CA}" = CCC Help Thai
"{580CA891-08DB-4B6F-B0C1-DF1D149671D7}" = ASUS RT-N10LX Wireless Router Utilities
"{5CC76D28-8A9E-974C-A900-1CAD9F85FCDE}" = Catalyst Control Center Graphics Full Existing
"{5D75C815-1E9F-2B7C-54A5-1BBBFC53F6F5}" = ccc-core-static
"{60F32CD3-EBCC-C697-BBB1-9BDC1327ABD1}" = Catalyst Control Center Localization All
"{6413C9AB-0DF6-149A-32C1-0BA6A8434D2E}" = CCC Help Korean
"{782E77F5-9503-0D89-F5E6-573AF0D67314}" = CCC Help Dutch
"{79BF4901-1EC4-4726-B3C2-A7859706C6E7}" = League of Legends
"{7A36F851-98F5-42F3-BB84-E1BC99786CB4}" = CCC Help Chinese Standard
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14
"{824BA841-F8E4-EB17-7C6A-72D931F9B37E}" = CCC Help Czech
"{82D31BE4-BA3F-D04F-F7DA-B3708680465B}" = ccc-utility
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{883B5392-53BD-DB78-4BBD-FD3DEE9FFA61}" = Catalyst Control Center Graphics Full New
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B3C7257-4B30-AD81-1B0E-6AFEF9A2B1B8}" = CCC Help Portuguese
"{8CC64E4E-DD74-421D-B3E9-90044732D1EF}" = Oracle VM VirtualBox 4.3.10
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8E8C6330-FCC1-B19C-50FA-432EDF09A549}" = Catalyst Control Center Graphics Light
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{9049E434-2EFB-2AA6-6AE2-61CACC7F2803}" = Catalyst Control Center Core Implementation
"{976CD7D9-36FD-68A6-36EE-4F6DE5BF6B42}" = Catalyst Control Center InstallProxy
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.07) - Czech
"{B20D5A51-FE04-D205-C248-81A1F9ABAC8A}" = CCC Help Hungarian
"{BA79217D-E5C5-5D89-01CA-31D108C57B6A}" = CCC Help French
"{BDE1289F-4025-41A5-AD17-101DB4D82CA7}" = TRS2004
"{C6AA4F74-6916-818D-EE2E-029D63C68801}" = CCC Help Swedish
"{D361951C-7FA1-8727-F546-3042750C55C4}" = Catalyst Control Center Graphics Previews Common
"{DF0E3364-8B34-56FC-A2B2-9ED5028B0601}" = CCC Help Russian
"{E3616EA8-6823-2FB8-4532-8EB9524C55C6}" = CCC Help Norwegian
"{FA446361-DCFF-A09C-C426-4E201269032F}" = ATI Catalyst Install Manager
"{FEF8F14C-FF0F-440C-9A3F-98E508EE767F}" = ESET NOD32 Antivirus
"ABC Amber Palm Converter" = ABC Amber Palm Converter
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FLV and Media Player" = FLV and Media Player 4.2.1.1
"KLiteCodecPack_is1" = K-Lite Codec Pack 10.4.0 Basic
"League of Legends 3.0.1" = League of Legends
"Mozilla Thunderbird 24.6.0 (x86 cs)" = Mozilla Thunderbird 24.6.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Opera 12.17.1863" = Opera 12.17
"The KMPlayer" = The KMPlayer (remove only)
"USB Disk Storage Format Tool_is1" = USB Disk Storage Format Tool 5.0
"VLC media player" = VLC media player 2.1.3
"WinRAR archiver" = WinRAR 4.20 (32-bit)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 29.6.2014 13:00:06 | Computer Name = FerdaMravenec | Source = Windows Backup | ID = 4103
Description =
Error - 29.6.2014 13:44:33 | Computer Name = FerdaMravenec | Source = Application Hang | ID = 1002
Description = Program kmplayer.exe verze 3.9.0.124 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
3f8 Čas spuštění: 01cf93c18c628169 Čas ukončení: 20 Cesta k aplikaci: c:\the kmplayer\kmplayer.exe
ID
hlášení:
Error - 30.6.2014 15:12:44 | Computer Name = FerdaMravenec | Source = WinMgmt | ID = 10
Description =
Error - 1.7.2014 9:23:22 | Computer Name = FerdaMravenec | Source = WinMgmt | ID = 10
Description =
Error - 1.7.2014 9:27:41 | Computer Name = FerdaMravenec | Source = WinMgmt | ID = 10
Description =
Error - 2.7.2014 9:32:56 | Computer Name = FerdaMravenec | Source = WinMgmt | ID = 10
Description =
Error - 3.7.2014 9:33:09 | Computer Name = FerdaMravenec | Source = WinMgmt | ID = 10
Description =
Error - 4.7.2014 9:13:26 | Computer Name = FerdaMravenec | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 3.7.2014 9:31:22 | Computer Name = FerdaMravenec | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 3.7.2014 9:33:31 | Computer Name = FerdaMravenec | Source = Service Control Manager | ID = 7023
Description = Služba HP Network Devices Support byla ukončena s následující chybou:
%%126
Error - 3.7.2014 11:48:27 | Computer Name = FerdaMravenec | Source = DCOM | ID = 10010
Description =
Error - 3.7.2014 11:48:32 | Computer Name = FerdaMravenec | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 4.7.2014 9:11:37 | Computer Name = FerdaMravenec | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 4.7.2014 9:11:37 | Computer Name = FerdaMravenec | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 4.7.2014 9:13:46 | Computer Name = FerdaMravenec | Source = Service Control Manager | ID = 7023
Description = Služba HP Network Devices Support byla ukončena s následující chybou:
%%126
Error - 5.7.2014 0:15:54 | Computer Name = FerdaMravenec | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 5.7.2014 0:16:03 | Computer Name = FerdaMravenec | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 5.7.2014 0:16:18 | Computer Name = FerdaMravenec | Source = atikmdag | ID = 43029
Description = Display is not active
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ferda Mravenec\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16921)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,45 Gb Available Physical Memory | 72,77% Memory free
4,00 Gb Paging File | 3,07 Gb Available in Paging File | 76,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931,41 Gb Total Space | 766,33 Gb Free Space | 82,28% Space Free | Partition Type: NTFS
Drive F: | 298,09 Gb Total Space | 255,01 Gb Free Space | 85,55% Space Free | Partition Type: NTFS
Computer Name: FERDAMRAVENEC | User Name: Ferda Mravenec | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = OperaStable] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-344962686-1799321519-2938304592-1000\SOFTWARE\Classes\<extension>]
.html [@ = OperaStable] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1" (Applian Technologies Inc)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1" (Applian Technologies Inc)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10EA024C-CF4E-44D5-9CE2-C649AA188BF7}" = lport=139 | protocol=6 | dir=in | app=system |
"{24291181-AB1A-41B1-9CFC-699EF9DC678F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3BCC77C5-9956-4192-B7D2-49EC1514D4CB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{41392289-4CD4-4D32-BFB5-439701FA8C81}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{553C9A89-6A87-4F38-B2F2-DE2F3FD05981}" = rport=10243 | protocol=6 | dir=out | app=system |
"{569DB8B1-12F9-4BD6-8A83-0C6797DB6C46}" = lport=10243 | protocol=6 | dir=in | app=system |
"{7949F10F-3FB3-4CED-9BE3-B7AAD40772D3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8A28AE3F-5819-4B19-93D6-94EC998FC93A}" = lport=445 | protocol=6 | dir=in | app=system |
"{8C811FAB-8C65-4663-AD2A-15DC3CBF93A7}" = rport=445 | protocol=6 | dir=out | app=system |
"{924333FA-2946-4DFF-A969-37D58DF0443B}" = rport=138 | protocol=17 | dir=out | app=system |
"{92C55C30-9C47-4391-9D23-BDDD8E039661}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A6E847B7-4929-4563-A21F-794A1E7C52BB}" = rport=137 | protocol=17 | dir=out | app=system |
"{AAD06CCD-48E2-44A3-BFF3-A4181EC8656F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{B026C9B4-F371-437A-B2BB-8815CB66BC76}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B27C31B1-63B9-41BD-8438-9886CEE9F2AF}" = lport=137 | protocol=17 | dir=in | app=system |
"{CD6A0E80-C916-4B16-9FD2-3325C352F9C3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D1FDFA2D-FC8B-4526-986B-14D902458FEA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D447905E-F9F6-45FE-A98B-ED132CF25393}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DD8D54D3-3E3A-482F-8292-F573AA1274D8}" = lport=138 | protocol=17 | dir=in | app=system |
"{E12CD4E7-1BBD-411C-85F0-035D1A5AB702}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F13EEF40-B1CD-450C-AE81-429F0AD1937F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F2A02DB2-B048-47E5-B03D-70103BAE42EA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FE90A9E1-36EC-4088-A4E9-E0732EC752E8}" = rport=139 | protocol=6 | dir=out | app=system |
"{FECE27D2-ADC8-4F01-8C80-84A895FABA9E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2131DF73-5790-4AB9-84D9-B6B38B9B9C57}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{24CCE5B7-C504-40F5-9BFE-CBB2E6DD7146}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{3450BBCC-298B-42CC-9755-4232B48100D4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3C443AFE-053B-4A34-8E66-F9CD3B63DCE9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{43FBE29F-A454-4432-A4DC-12587E6FFB8E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{44791251-A958-4607-B9A2-1DE98DF3993F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{45F1557C-CBDC-4D57-891F-7B1F24299E31}" = protocol=6 | dir=in | app=c:\program files\asus\rt-n10lx wireless router utilities\qiswizard.exe |
"{47F92BB4-B841-46D9-918E-8700597821A2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4BCFBA10-6A70-4BF1-B47B-DF045E532E1C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{4EAE5576-5B6A-4DDC-9512-FB89EA3010AE}" = protocol=17 | dir=in | app=c:\program files\asus\rt-n10lx wireless router utilities\discovery.exe |
"{503EE569-2BC0-42DE-A5B9-3BA90C866497}" = protocol=6 | dir=in | app=c:\program files\asus\rt-n10lx wireless router utilities\discovery.exe |
"{5124D5E9-B9AC-40E3-A24E-2F855AAF4F99}" = protocol=6 | dir=in | app=c:\program files\asus\rt-n10lx wireless router utilities\rescue.exe |
"{5AEB5295-C0DD-452D-BF99-A47FC7EF9E60}" = protocol=6 | dir=out | app=system |
"{626204AC-96DD-456B-B2D0-8CA3BE7116D3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8C304A79-391A-4320-90BC-6A9B1F58C458}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9D30BD2C-4566-44BA-AEF9-7ADE2E41FC62}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A263472A-8BE9-4097-AB02-B5C8A88CF20D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{AF77555F-71F3-46F6-BD45-E00E0A5C5FE9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B44E5E95-DF59-480B-9F67-EE8DE7E051A8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BA1070B2-E814-4167-891F-1A964F909399}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BAC8CC18-FD76-44C4-986B-E43E23CA9ED6}" = protocol=17 | dir=in | app=c:\program files\asus\rt-n10lx wireless router utilities\liveupdate.exe |
"{C27C3BE3-A207-4F58-9F2A-7B95E58097B2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C2FBFC55-4A76-446B-8AE3-5325A552F484}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{C9C00096-2B4C-449A-9635-85FDD0C0B21B}" = protocol=6 | dir=in | app=c:\program files\asus\rt-n10lx wireless router utilities\liveupdate.exe |
"{D7739522-B59A-4499-8A19-77BDDCB88D6A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{D9CAFE7F-6C14-4734-9E25-DB24F9D97C1F}" = protocol=6 | dir=in | app=e:\routersetup\qiswizard.exe |
"{DAC9AACB-BD70-4D73-8E72-0A7EED5BE8CD}" = protocol=17 | dir=in | app=c:\program files\asus\rt-n10lx wireless router utilities\rescue.exe |
"{DC02BE17-3E49-4DAA-9BE9-7EFC39B02436}" = protocol=17 | dir=in | app=c:\program files\asus\rt-n10lx wireless router utilities\qiswizard.exe |
"{E1301BFF-BE6C-4BD9-BCA9-B16553ED45D9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E1CCDAA3-FDE8-45F1-8F67-A58228ABBEC1}" = protocol=17 | dir=in | app=e:\routersetup\qiswizard.exe |
"{E4804680-3205-4FF1-9AA6-1D69CB197D63}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{ED450301-B39B-4D62-8894-30467310F9DC}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{F4DB401A-AF12-4395-BA8C-14A9C4E480E9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F5585F1F-4949-44EC-A2D9-1CFEEAB9E1C4}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{FBDF7EDA-D831-46F8-B2B6-4CD7F1B210B2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"TCP Query User{2DC3CC7B-B61B-419E-90E3-F5BF036641E2}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{3F436978-EE05-4372-AE54-3BFBD72564D4}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{442D291E-1717-4323-93F5-823E19EB9937}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{C9FCB2DB-0499-4D5A-B2A0-19ED22CB6456}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{EEFA26D7-C504-4E6D-806A-14604F0200DC}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{0003FFA5-F82F-467E-AC98-3D60108231D5}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{012317A2-D934-41DC-986A-76DA84181CFB}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{3883784D-6F45-4C8B-BF7C-5DDB045E3780}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{700370BE-3C44-4A2B-8BBF-1CDEC7BE961B}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{B4972C61-68F3-4F4F-810D-FC37E67FE8E6}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{068E7D95-9C62-078D-9BC3-3984330F284F}" = CCC Help Japanese
"{080DE5D5-7847-730E-63A8-87FA495FCE82}" = CCC Help Italian
"{0B196585-9E29-3A87-3EA8-C2EAB9695685}" = CCC Help Finnish
"{0C1349F8-B5DB-39C7-8414-AD9FF7851AED}" = CCC Help German
"{1634557C-60B2-45AC-AA41-3474AF859F27}" = CCC Help Danish
"{18D91211-0119-FA44-816C-2B2EE6D9E0EF}" = CCC Help Spanish
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{256C90BC-AF27-BCC1-CDFC-BACC9439F742}" = CCC Help Chinese Traditional
"{26A24AE4-039D-4CA4-87B4-2F03217060FF}" = Java 7 Update 60
"{29270E40-E62E-7E69-CEAE-B18E9F5B6FFB}" = CCC Help Turkish
"{307C0A77-E5A4-A942-1766-D91FE30936CB}" = Catalyst Control Center HydraVision Full
"{3D45185D-3712-7F98-49A9-A7C7549C59B4}" = CCC Help Polish
"{3D458001-1281-9340-752E-0B73D813E148}" = CCC Help Greek
"{48C84341-E4F7-42EC-BED5-7A5CAA3291F5}" = calibre
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50B10977-0259-B95E-077C-096633104383}" = ATI Problem Report Wizard
"{568AE04A-68C9-2567-564C-748415070271}" = CCC Help English
"{573BCE21-A17C-981C-4D43-C7E79ED6E6CA}" = CCC Help Thai
"{580CA891-08DB-4B6F-B0C1-DF1D149671D7}" = ASUS RT-N10LX Wireless Router Utilities
"{5CC76D28-8A9E-974C-A900-1CAD9F85FCDE}" = Catalyst Control Center Graphics Full Existing
"{5D75C815-1E9F-2B7C-54A5-1BBBFC53F6F5}" = ccc-core-static
"{60F32CD3-EBCC-C697-BBB1-9BDC1327ABD1}" = Catalyst Control Center Localization All
"{6413C9AB-0DF6-149A-32C1-0BA6A8434D2E}" = CCC Help Korean
"{782E77F5-9503-0D89-F5E6-573AF0D67314}" = CCC Help Dutch
"{79BF4901-1EC4-4726-B3C2-A7859706C6E7}" = League of Legends
"{7A36F851-98F5-42F3-BB84-E1BC99786CB4}" = CCC Help Chinese Standard
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14
"{824BA841-F8E4-EB17-7C6A-72D931F9B37E}" = CCC Help Czech
"{82D31BE4-BA3F-D04F-F7DA-B3708680465B}" = ccc-utility
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{883B5392-53BD-DB78-4BBD-FD3DEE9FFA61}" = Catalyst Control Center Graphics Full New
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B3C7257-4B30-AD81-1B0E-6AFEF9A2B1B8}" = CCC Help Portuguese
"{8CC64E4E-DD74-421D-B3E9-90044732D1EF}" = Oracle VM VirtualBox 4.3.10
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8E8C6330-FCC1-B19C-50FA-432EDF09A549}" = Catalyst Control Center Graphics Light
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{9049E434-2EFB-2AA6-6AE2-61CACC7F2803}" = Catalyst Control Center Core Implementation
"{976CD7D9-36FD-68A6-36EE-4F6DE5BF6B42}" = Catalyst Control Center InstallProxy
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.07) - Czech
"{B20D5A51-FE04-D205-C248-81A1F9ABAC8A}" = CCC Help Hungarian
"{BA79217D-E5C5-5D89-01CA-31D108C57B6A}" = CCC Help French
"{BDE1289F-4025-41A5-AD17-101DB4D82CA7}" = TRS2004
"{C6AA4F74-6916-818D-EE2E-029D63C68801}" = CCC Help Swedish
"{D361951C-7FA1-8727-F546-3042750C55C4}" = Catalyst Control Center Graphics Previews Common
"{DF0E3364-8B34-56FC-A2B2-9ED5028B0601}" = CCC Help Russian
"{E3616EA8-6823-2FB8-4532-8EB9524C55C6}" = CCC Help Norwegian
"{FA446361-DCFF-A09C-C426-4E201269032F}" = ATI Catalyst Install Manager
"{FEF8F14C-FF0F-440C-9A3F-98E508EE767F}" = ESET NOD32 Antivirus
"ABC Amber Palm Converter" = ABC Amber Palm Converter
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FLV and Media Player" = FLV and Media Player 4.2.1.1
"KLiteCodecPack_is1" = K-Lite Codec Pack 10.4.0 Basic
"League of Legends 3.0.1" = League of Legends
"Mozilla Thunderbird 24.6.0 (x86 cs)" = Mozilla Thunderbird 24.6.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Opera 12.17.1863" = Opera 12.17
"The KMPlayer" = The KMPlayer (remove only)
"USB Disk Storage Format Tool_is1" = USB Disk Storage Format Tool 5.0
"VLC media player" = VLC media player 2.1.3
"WinRAR archiver" = WinRAR 4.20 (32-bit)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 29.6.2014 13:00:06 | Computer Name = FerdaMravenec | Source = Windows Backup | ID = 4103
Description =
Error - 29.6.2014 13:44:33 | Computer Name = FerdaMravenec | Source = Application Hang | ID = 1002
Description = Program kmplayer.exe verze 3.9.0.124 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
3f8 Čas spuštění: 01cf93c18c628169 Čas ukončení: 20 Cesta k aplikaci: c:\the kmplayer\kmplayer.exe
ID
hlášení:
Error - 30.6.2014 15:12:44 | Computer Name = FerdaMravenec | Source = WinMgmt | ID = 10
Description =
Error - 1.7.2014 9:23:22 | Computer Name = FerdaMravenec | Source = WinMgmt | ID = 10
Description =
Error - 1.7.2014 9:27:41 | Computer Name = FerdaMravenec | Source = WinMgmt | ID = 10
Description =
Error - 2.7.2014 9:32:56 | Computer Name = FerdaMravenec | Source = WinMgmt | ID = 10
Description =
Error - 3.7.2014 9:33:09 | Computer Name = FerdaMravenec | Source = WinMgmt | ID = 10
Description =
Error - 4.7.2014 9:13:26 | Computer Name = FerdaMravenec | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 3.7.2014 9:31:22 | Computer Name = FerdaMravenec | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 3.7.2014 9:33:31 | Computer Name = FerdaMravenec | Source = Service Control Manager | ID = 7023
Description = Služba HP Network Devices Support byla ukončena s následující chybou:
%%126
Error - 3.7.2014 11:48:27 | Computer Name = FerdaMravenec | Source = DCOM | ID = 10010
Description =
Error - 3.7.2014 11:48:32 | Computer Name = FerdaMravenec | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 4.7.2014 9:11:37 | Computer Name = FerdaMravenec | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 4.7.2014 9:11:37 | Computer Name = FerdaMravenec | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 4.7.2014 9:13:46 | Computer Name = FerdaMravenec | Source = Service Control Manager | ID = 7023
Description = Služba HP Network Devices Support byla ukončena s následující chybou:
%%126
Error - 5.7.2014 0:15:54 | Computer Name = FerdaMravenec | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 5.7.2014 0:16:03 | Computer Name = FerdaMravenec | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 5.7.2014 0:16:18 | Computer Name = FerdaMravenec | Source = atikmdag | ID = 43029
Description = Display is not active
< End of report >
Re: Podvodný email
Ještě pro úplnost - v poslední době zlobil LCD displej a v tomto týdnu asi odešel úplně.
Re: Podvodný email
Ja myslim, ze Vam bylo na foru uz jednou receno, ze nelegalni systemy tu neresime a Vy znovu zadate o pomoc s craknutym systemem 
To zkousite jestli naaaahodou se neprehlednem nebo jak
To zkousite jestli naaaahodou se neprehlednem nebo jak "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?
