Dobrý den, žádám o preventivní kontrolu PC. Přikládám log z RSIT. Děkuji předem
Logfile of random's system information tool 1.10 (written by random/random)
Run by Matěj at 2014-07-19 19:15:45
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 190 GB (62%) free of 305 GB
Total RAM: 1013 MB (8% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:16:18, on 19.7.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\Windows\twain_32\Samsung\SCX4x24\Scan2Pc.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Matěj\Downloads\RSIT.exe
C:\Program Files\trend micro\Matěj.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.bing.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.bing.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [4x24 Scan2PC] "C:\Windows\twain_32\Samsung\SCX4x24\Scan2Pc.exe"
O4 - HKLM\..\Run: [NSU_agent] "C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Raptr] C:\PROGRA~1\Raptr\raptrstub.exe --startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
--
End of file - 5941 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\SDMsgUpdate (Local).job - C:\SMARTD~1\Messages\SDNotify.exe -PLocal -V21020204 -SSDNI.ini -A -Mhttp://www.smartdraw.com/msgs/messagecheck.aspx -D0 -T -N -L
C:\Windows\tasks\SDMsgUpdate (TE).job - C:\SMARTD~1\Messages\SDNotify.exe -PTE -V21020204 -SSDU.ini -A -Mhttp://www.smartdraw.com/msgs/messagecheck.aspx -D0 -T -N -X
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-07-11 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-03-21 4502400]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2014-01-23 707800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-07-11 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-30 642304]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files\AMD AVT\bin\kdbsync.exe aml []
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2009-08-24 1190920]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-04-10 7399968]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 951576]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"Samsung PanelMgr"=C:\Windows\Samsung\PanelMgr\SSMMgr.exe [2009-08-21 614400]
"4x24 Scan2PC"=C:\Windows\twain_32\Samsung\SCX4x24\Scan2Pc.exe [2008-09-29 495616]
"NSU_agent"=C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe [2012-02-28 190768]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-05-26 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-05-26 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-05-26 150552]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-07-11 256896]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Raptr"=C:\PROGRA~1\Raptr\raptrstub.exe [2014-06-24 55360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2014-05-08 21445248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-05-26 218112]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-07-19 19:15:46 ----D---- C:\Program Files\trend micro
2014-07-19 19:15:45 ----D---- C:\rsit
2014-07-19 16:15:10 ----D---- C:\Program Files\Project Snowblind
2014-07-19 05:59:48 ----D---- C:\Users\Matěj\AppData\Roaming\BitTorrent
2014-07-19 03:58:23 ----D---- C:\Users\Matěj\AppData\Roaming\library_dir
2014-07-19 03:56:07 ----D---- C:\Users\Matěj\AppData\Roaming\Raptr
2014-07-19 03:56:06 ----D---- C:\Program Files\Raptr
2014-07-18 22:34:14 ----D---- C:\Deer Avenger 4
2014-07-18 18:00:51 ----D---- C:\Program Files\directx
2014-07-18 17:59:51 ----D---- C:\Program Files\Wanadoo Edition
2014-07-18 17:40:53 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2014-07-18 17:40:36 ----D---- C:\Users\Matěj\AppData\Roaming\DAEMON Tools Lite
2014-07-18 17:40:06 ----D---- C:\Program Files\DAEMON Tools Lite
2014-07-18 17:38:05 ----D---- C:\ProgramData\DAEMON Tools Lite
2014-07-18 12:39:13 ----D---- C:\Program Files\GOG.com
2014-07-16 20:18:20 ----D---- C:\Users\Matěj\AppData\Roaming\FLV and Media Player
2014-07-16 20:17:11 ----D---- C:\Users\Matěj\AppData\Roaming\WinRAR
2014-07-16 17:52:30 ----D---- C:\Program Files\Common Files\Java
2014-07-16 17:52:21 ----A---- C:\Windows\system32\javaws.exe
2014-07-16 17:51:51 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2014-07-16 17:51:51 ----A---- C:\Windows\system32\javaw.exe
2014-07-16 17:51:51 ----A---- C:\Windows\system32\java.exe
2014-07-16 17:41:58 ----D---- C:\Users\Matěj\AppData\Roaming\ATI
2014-07-16 17:40:51 ----D---- C:\Users\Matěj\AppData\Roaming\Identities
2014-07-16 17:39:28 ----D---- C:\Users\Matěj\AppData\Roaming\Adobe
2014-07-16 17:38:56 ----SD---- C:\Users\Matěj\AppData\Roaming\Microsoft
2014-07-16 17:38:56 ----D---- C:\Users\Matěj\AppData\Roaming\Media Center Programs
2014-07-15 21:22:27 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-15 21:22:26 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-07-15 21:22:26 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-07-15 21:22:22 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-15 21:22:21 ----A---- C:\Windows\system32\iernonce.dll
2014-07-15 21:22:20 ----A---- C:\Windows\system32\urlmon.dll
2014-07-15 21:22:18 ----A---- C:\Windows\system32\jsproxy.dll
2014-07-15 21:22:18 ----A---- C:\Windows\system32\ieUnatt.exe
2014-07-15 21:22:18 ----A---- C:\Windows\system32\iedkcs32.dll
2014-07-15 21:22:16 ----A---- C:\Windows\system32\ieapfltr.dll
2014-07-15 21:22:16 ----A---- C:\Windows\system32\dxtmsft.dll
2014-07-15 21:22:15 ----A---- C:\Windows\system32\msfeeds.dll
2014-07-15 21:22:10 ----A---- C:\Windows\system32\msrating.dll
2014-07-15 21:22:09 ----A---- C:\Windows\system32\ie4uinit.exe
2014-07-15 21:22:08 ----A---- C:\Windows\system32\iesetup.dll
2014-07-15 21:22:06 ----A---- C:\Windows\system32\wininet.dll
2014-07-15 21:22:06 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-07-15 21:22:02 ----A---- C:\Windows\system32\dxtrans.dll
2014-07-15 21:21:59 ----A---- C:\Windows\system32\ieui.dll
2014-07-15 21:21:57 ----A---- C:\Windows\system32\ieframe.dll
2014-07-15 21:21:54 ----A---- C:\Windows\system32\mshtmled.dll
2014-07-15 21:21:53 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-07-15 21:21:51 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-07-15 21:21:48 ----A---- C:\Windows\system32\iertutil.dll
2014-07-15 21:21:41 ----A---- C:\Windows\system32\jscript9diag.dll
2014-07-15 21:21:38 ----A---- C:\Windows\system32\mshtml.dll
2014-07-15 21:21:31 ----A---- C:\Windows\system32\vbscript.dll
2014-07-15 21:21:29 ----A---- C:\Windows\system32\jscript9.dll
2014-07-15 21:21:14 ----A---- C:\Windows\system32\win32k.sys
2014-07-15 21:21:12 ----A---- C:\Windows\system32\osk.exe
2014-07-15 21:20:09 ----A---- C:\Windows\system32\qedit.dll
2014-07-15 21:19:57 ----A---- C:\Windows\system32\drivers\afd.sys
2014-07-15 20:58:49 ----A---- C:\Windows\system32\aepdu.dll
2014-07-15 20:58:43 ----A---- C:\Windows\system32\aeinv.dll
2014-07-15 20:58:27 ----A---- C:\Windows\system32\schannel.dll
2014-07-15 20:58:27 ----A---- C:\Windows\system32\lsasrv.dll
2014-07-15 20:49:27 ----D---- C:\70aecd3afafc04fb51
2014-07-15 20:36:22 ----D---- C:\Program Files\CCleaner
2014-06-28 21:25:07 ----D---- C:\Program Files\Common Files\Skype
2014-06-28 20:40:44 ----A---- C:\Windows\system32\msxml6.dll
2014-06-28 20:40:44 ----A---- C:\Windows\system32\msxml3.dll
2014-06-28 20:40:43 ----A---- C:\Windows\system32\msxml6r.dll
2014-06-28 20:40:43 ----A---- C:\Windows\system32\msxml3r.dll
2014-06-28 20:40:37 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-06-28 20:40:36 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-06-28 20:40:35 ----A---- C:\Windows\system32\drivers\netio.sys
2014-06-28 20:40:22 ----A---- C:\Windows\system32\usp10.dll
2014-06-28 14:04:18 ----D---- C:\Program Files\GUMA509.tmp
2014-06-28 14:04:18 ----A---- C:\Program Files\GUTA52A.tmp
======List of files/folders modified in the last 1 month======
2014-07-19 19:15:46 ----RD---- C:\Program Files
2014-07-19 19:15:13 ----D---- C:\Windows\Temp
2014-07-19 08:21:43 ----D---- C:\Windows\system32\config
2014-07-19 08:20:05 ----D---- C:\Windows\inf
2014-07-19 04:36:07 ----D---- C:\Windows
2014-07-19 03:40:55 ----D---- C:\Windows\Prefetch
2014-07-19 01:26:11 ----SHD---- C:\System Volume Information
2014-07-18 22:33:58 ----D---- C:\Windows\System32
2014-07-18 22:33:56 ----D---- C:\Windows\system32\catroot2
2014-07-18 18:09:19 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-18 18:01:00 ----HD---- C:\Program Files\InstallShield Installation Information
2014-07-18 18:00:56 ----SHD---- C:\Windows\Installer
2014-07-18 17:58:49 ----D---- C:\Program Files\Common Files\InstallShield
2014-07-18 17:43:05 ----D---- C:\Windows\system32\drivers
2014-07-18 17:42:49 ----D---- C:\Windows\system32\catroot
2014-07-18 17:42:27 ----D---- C:\Windows\system32\DriverStore
2014-07-18 17:38:05 ----HD---- C:\ProgramData
2014-07-17 15:08:56 ----D---- C:\Windows\Tasks
2014-07-17 15:08:56 ----D---- C:\Windows\system32\Tasks
2014-07-16 19:50:33 ----D---- C:\PerfLogs
2014-07-16 19:46:58 ----SD---- C:\ProgramData\Microsoft
2014-07-16 17:53:18 ----D---- C:\ProgramData\Oracle
2014-07-16 17:52:30 ----D---- C:\Program Files\Common Files
2014-07-16 17:51:50 ----D---- C:\Program Files\Java
2014-07-16 17:39:55 ----SHD---- C:\$Recycle.Bin
2014-07-16 17:38:55 ----RD---- C:\Users
2014-07-16 12:56:15 ----D---- C:\Windows\debug
2014-07-16 12:46:45 ----D---- C:\Windows\winsxs
2014-07-16 12:43:15 ----D---- C:\Windows\system32\en-US
2014-07-16 12:43:15 ----D---- C:\Program Files\Windows Journal
2014-07-16 12:43:14 ----D---- C:\Program Files\Internet Explorer
2014-07-16 12:43:11 ----D---- C:\Windows\ehome
2014-07-16 12:43:10 ----D---- C:\Windows\system32\Dism
2014-07-16 12:43:09 ----SD---- C:\Windows\system32\CompatTel
2014-07-16 12:41:58 ----D---- C:\ProgramData\Microsoft Help
2014-07-16 12:24:59 ----D---- C:\Windows\system32\MRT
2014-07-16 12:12:36 ----A---- C:\Windows\system32\MRT.exe
2014-07-16 12:07:00 ----RSD---- C:\Windows\assembly
2014-07-15 20:42:08 ----D---- C:\Windows\Panther
2014-07-15 20:41:59 ----D---- C:\Windows\Logs
2014-06-28 21:27:36 ----RD---- C:\Program Files\Skype
2014-06-28 21:25:37 ----D---- C:\ProgramData\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 231960]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2012-01-11 173440]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2012-01-11 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-07-18 243128]
R1 MpKslda1d1e53;MpKslda1d1e53; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D97F4FE7-1DDA-4857-A29A-4B35810A24C8}\MpKslda1d1e53.sys [2014-07-19 39464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-01-11 48640]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 104264]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2007-12-11 5120]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2010-01-20 23136]
R3 amdiox86;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-12-14 1245696]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2009-03-26 21000]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-05-26 4806144]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-04-10 2358112]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-14 139776]
S1 DritekPortIO;Dritek General Port I/O; \??\C:\Program Files\Launch Manager\DPortIO.sys []
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [2007-12-11 41984]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 10070016]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-04-30 290304]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2012-05-14 86656]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 10070016]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2013-02-23 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2012-01-11 60416]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-04-29 54784]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2012-01-09 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2012-01-09 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-06-11 19072]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2012-01-11 133632]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2008-02-27 141408]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-14 207360]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-14 980992]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-14 661504]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2012-01-09 8192]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2012-01-09 8192]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-04-11 1390720]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-04-11 1764992]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2012-01-11 21504]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 22216]
R3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2012-01-11 21504]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 279776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-19 108032]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 4846168]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2012-01-11 21504]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2012-01-11 21504]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2012-01-11 21504]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-01-28 1343400]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-22 257712]
S4 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-04-30 217088]
S4 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-04-30 291840]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-28 116648]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-28 116648]
S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-01-06 136120]
S4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pomalé načítání
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Pomalé načítání
Zdravim 
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Pomalé načítání
Zde log - # AdwCleaner v3.216 - Report created 20/07/2014 at 12:45:33
# Updated 17/07/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)
# Username : Matěj - UŽIVATEL-PC
# Running from : C:\Users\Matěj\Desktop\adwcleaner_3.216.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
File Deleted : C:\Windows\Tasks\AmiUpdXp.job
File Deleted : C:\Windows\System32\Tasks\AmiUpdXp
***** [ Shortcuts ] *****
***** [ Registry ] *****
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B6666EDD-0234-4D73-8119-035558903DD7}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B6666EDD-0234-4D73-8119-035558903DD7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EC9510D-A439-4950-9399-B6399EDF9EA7}
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [LManager]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17207
-\\ Google Chrome v36.0.1985.125
[ File : C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=103&systemid=473&v=a10918-145&apn_uid=5063130338484171&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
Deleted [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=103&systemid=473&v=a9397-145&apn_uid=5063130338484171&apn_dtid=BND473&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ATU2&o=14670&locale=en_EU&apn_uid=b4d3c5be-e72a-4efc-9f16-7d117ec4b9d4&apn_ptnrs=%5ET8&apn_sauid=C743DEFA-0FD6-495C-ADFD-ABC628648221&apn_dtid=%5EYYYYYY%5EYY%5ECZ&q={searchTerms}
Deleted [Search Provider] : hxxp://www.delta-search.com/?q={searchTerms}&a ... 241dde43f6
Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&affID=119776&babsrc=SP_ss_gin2g&mntrId=3cdf189b00000000000000241dde43f6
Deleted [Search Provider] : hxxp://isearch.avg.com/search?cid={10359EC3-4C20-4B8D-9469-47A14DC35637}&mid=73272b5e78cf47d18dead16d5b3aaa05-e936fcb572542b250ed76b788d0a27e95de26972&lang=cs&ds=AVG&pr=pr&d=2012-01-24 18:59:25&v=10.2.0.3&sap=dsp&q={searchTerms}
Deleted [Search Provider] : hxxp://isearch.avg.com/search?cid={97133685-5966-425B-9E85-B62FAA8379B9}&mid=61954a268e3447d0939cd1584ffcfabf-e936fcb572542b250ed76b788d0a27e95de26972&lang=cs&ds=AVG&pr=pr&d=2013-08-23 01:56:59&v=15.4.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
Deleted [Search Provider] : hxxp://www.search.ask.com/web?p2=%5EBBK%5EOSJ0 ... earchTerms}
Deleted [Search Provider] : hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1750559&CUI=UN37049022831814445&UM=1
Deleted [Search Provider] : hxxp://www.amazon.com/websearch/ref=bit_bds-p1 ... earchTerms}
Deleted [Startup_urls] : hxxp://www.amazon.com/websearch/ref=bit_bds-p1 ... newspdr728
Deleted [Extension] : pljcgbedjplidkdjahbaalanadmjfgop
*************************
AdwCleaner[R0].txt - [4478 octets] - [20/07/2014 12:41:30]
AdwCleaner[S0].txt - [4457 octets] - [20/07/2014 12:45:33]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4517 octets] ##########
# Updated 17/07/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)
# Username : Matěj - UŽIVATEL-PC
# Running from : C:\Users\Matěj\Desktop\adwcleaner_3.216.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
File Deleted : C:\Windows\Tasks\AmiUpdXp.job
File Deleted : C:\Windows\System32\Tasks\AmiUpdXp
***** [ Shortcuts ] *****
***** [ Registry ] *****
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B6666EDD-0234-4D73-8119-035558903DD7}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B6666EDD-0234-4D73-8119-035558903DD7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EC9510D-A439-4950-9399-B6399EDF9EA7}
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [LManager]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17207
-\\ Google Chrome v36.0.1985.125
[ File : C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=103&systemid=473&v=a10918-145&apn_uid=5063130338484171&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
Deleted [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=103&systemid=473&v=a9397-145&apn_uid=5063130338484171&apn_dtid=BND473&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ATU2&o=14670&locale=en_EU&apn_uid=b4d3c5be-e72a-4efc-9f16-7d117ec4b9d4&apn_ptnrs=%5ET8&apn_sauid=C743DEFA-0FD6-495C-ADFD-ABC628648221&apn_dtid=%5EYYYYYY%5EYY%5ECZ&q={searchTerms}
Deleted [Search Provider] : hxxp://www.delta-search.com/?q={searchTerms}&a ... 241dde43f6
Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&affID=119776&babsrc=SP_ss_gin2g&mntrId=3cdf189b00000000000000241dde43f6
Deleted [Search Provider] : hxxp://isearch.avg.com/search?cid={10359EC3-4C20-4B8D-9469-47A14DC35637}&mid=73272b5e78cf47d18dead16d5b3aaa05-e936fcb572542b250ed76b788d0a27e95de26972&lang=cs&ds=AVG&pr=pr&d=2012-01-24 18:59:25&v=10.2.0.3&sap=dsp&q={searchTerms}
Deleted [Search Provider] : hxxp://isearch.avg.com/search?cid={97133685-5966-425B-9E85-B62FAA8379B9}&mid=61954a268e3447d0939cd1584ffcfabf-e936fcb572542b250ed76b788d0a27e95de26972&lang=cs&ds=AVG&pr=pr&d=2013-08-23 01:56:59&v=15.4.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
Deleted [Search Provider] : hxxp://www.search.ask.com/web?p2=%5EBBK%5EOSJ0 ... earchTerms}
Deleted [Search Provider] : hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1750559&CUI=UN37049022831814445&UM=1
Deleted [Search Provider] : hxxp://www.amazon.com/websearch/ref=bit_bds-p1 ... earchTerms}
Deleted [Startup_urls] : hxxp://www.amazon.com/websearch/ref=bit_bds-p1 ... newspdr728
Deleted [Extension] : pljcgbedjplidkdjahbaalanadmjfgop
*************************
AdwCleaner[R0].txt - [4478 octets] - [20/07/2014 12:41:30]
AdwCleaner[S0].txt - [4457 octets] - [20/07/2014 12:45:33]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4517 octets] ##########
Re: Pomalé načítání
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Pomalé načítání
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 20.7.2014
Scan Time: 14:35:53
Logfile: log.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.07.20.03
Rootkit Database: v2014.07.17.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: MatÄ?j
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 388827
Time Elapsed: 5 hr, 38 min, 45 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 6
PUP.Optional.Amonetize.A, C:\Users\MatÄ?j\AppData\Local\24031\a20978.exe, , [596a940d4a312c0ae78be16280804cb4],
PUP.Optional.OneClickDownloader.A, C:\Users\MatÄ?j\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000000, , [f6cd643dd6a57bbbf521e5353ec320e0],
PUP.Optional.Amonetize, C:\Users\MatÄ?j\Downloads\Crack and Setup__4006_il174.exe, , [6162663bd0ab86b00e9c0c7c6d9449b7],
PUP.Optional.OpenCandy, C:\Users\MatÄ?j\Downloads\DTLite4491-0356.exe, , [f7ccdac79cdf37ffb8e5913dab59da26],
PUP.Optional.Amonetize, C:\Users\MatÄ?j\Downloads\KapiHospitalHackTool__7934_il1667997.exe, , [a023e5bce79459dd15957f09f30e17e9],
PUP.Optional.Amonetize, C:\Users\MatÄ?j\Downloads\Uniblue Powersuite 2014 Serial Keys are Here ( No Crack Required )__2957_il36.exe, , [596ac3de7a01c6703a70d7b1d1305ca4],
Physical Sectors: 0
(No malicious items detected)
(end)
www.malwarebytes.org
Scan Date: 20.7.2014
Scan Time: 14:35:53
Logfile: log.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.07.20.03
Rootkit Database: v2014.07.17.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: MatÄ?j
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 388827
Time Elapsed: 5 hr, 38 min, 45 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 6
PUP.Optional.Amonetize.A, C:\Users\MatÄ?j\AppData\Local\24031\a20978.exe, , [596a940d4a312c0ae78be16280804cb4],
PUP.Optional.OneClickDownloader.A, C:\Users\MatÄ?j\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000000, , [f6cd643dd6a57bbbf521e5353ec320e0],
PUP.Optional.Amonetize, C:\Users\MatÄ?j\Downloads\Crack and Setup__4006_il174.exe, , [6162663bd0ab86b00e9c0c7c6d9449b7],
PUP.Optional.OpenCandy, C:\Users\MatÄ?j\Downloads\DTLite4491-0356.exe, , [f7ccdac79cdf37ffb8e5913dab59da26],
PUP.Optional.Amonetize, C:\Users\MatÄ?j\Downloads\KapiHospitalHackTool__7934_il1667997.exe, , [a023e5bce79459dd15957f09f30e17e9],
PUP.Optional.Amonetize, C:\Users\MatÄ?j\Downloads\Uniblue Powersuite 2014 Serial Keys are Here ( No Crack Required )__2957_il36.exe, , [596ac3de7a01c6703a70d7b1d1305ca4],
Physical Sectors: 0
(No malicious items detected)
(end)
Re: Pomalé načítání
Nalezy nechte odstranit (do karanteny), pak MBAM odinstalujte.
Je s tim pc nejaky konkretni problem, nebo jde ciste jen o prevenci? Dejte novy log z RSITPokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Pomalé načítání
Načítaní je příšerně pomalé. Někdy třeba čekám deset minut než se něco stane. A taky se mi zobrazuje tabulka se kterou si nevím rady. Mám poslat obrázek ?
Logfile of random's system information tool 1.10 (written by random/random)
Run by Matěj at 2014-07-20 20:57:28
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 191 GB (63%) free of 305 GB
Total RAM: 1013 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:57:36, on 20.7.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\Windows\twain_32\Samsung\SCX4x24\Scan2Pc.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Matěj\Desktop\RSIT.exe
C:\Program Files\trend micro\Matěj.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.bing.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.bing.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [4x24 Scan2PC] "C:\Windows\twain_32\Samsung\SCX4x24\Scan2Pc.exe"
O4 - HKLM\..\Run: [NSU_agent] "C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Logfile of random's system information tool 1.10 (written by random/random)
Run by Matěj at 2014-07-20 20:57:28
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 191 GB (63%) free of 305 GB
Total RAM: 1013 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:57:36, on 20.7.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\Windows\twain_32\Samsung\SCX4x24\Scan2Pc.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Matěj\Desktop\RSIT.exe
C:\Program Files\trend micro\Matěj.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.bing.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.bing.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [4x24 Scan2PC] "C:\Windows\twain_32\Samsung\SCX4x24\Scan2Pc.exe"
O4 - HKLM\..\Run: [NSU_agent] "C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Re: Pomalé načítání
Poslete.Attistar píše:Mám poslat obrázek ?
Log neni cely Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Pomalé načítání
Obrázek pošlu později - problémy s velikostí.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Matěj at 2014-07-20 21:14:09
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 191 GB (63%) free of 305 GB
Total RAM: 1013 MB (33% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:14:16, on 20.7.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\Windows\twain_32\Samsung\SCX4x24\Scan2Pc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\Matěj\Desktop\RSIT.exe
C:\Program Files\trend micro\Matěj.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [4x24 Scan2PC] "C:\Windows\twain_32\Samsung\SCX4x24\Scan2Pc.exe"
O4 - HKLM\..\Run: [NSU_agent] "C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
--
End of file - 4943 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-07-11 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2014-01-23 707800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-07-11 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-30 642304]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files\AMD AVT\bin\kdbsync.exe aml []
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-04-10 7399968]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 951576]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"Samsung PanelMgr"=C:\Windows\Samsung\PanelMgr\SSMMgr.exe [2009-08-21 614400]
"4x24 Scan2PC"=C:\Windows\twain_32\Samsung\SCX4x24\Scan2Pc.exe [2008-09-29 495616]
"NSU_agent"=C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe [2012-02-28 190768]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-05-26 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-05-26 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-05-26 150552]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2014-05-08 21445248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-05-26 218112]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-07-20 20:15:46 ----A---- C:\log.txt
2014-07-20 14:29:51 ----D---- C:\ProgramData\Malwarebytes
2014-07-20 12:43:56 ----A---- C:\Windows\system32\sqlite3.dll
2014-07-20 12:41:24 ----D---- C:\AdwCleaner
2014-07-20 00:21:15 ----D---- C:\Users\Matěj\AppData\Roaming\AVG
2014-07-20 00:20:58 ----AD---- C:\ProgramData\TEMP
2014-07-20 00:15:51 ----D---- C:\Program Files\AVG
2014-07-19 19:15:46 ----D---- C:\Program Files\trend micro
2014-07-19 19:15:45 ----D---- C:\rsit
2014-07-19 16:15:10 ----D---- C:\Program Files\Project Snowblind
2014-07-19 05:59:48 ----D---- C:\Users\Matěj\AppData\Roaming\BitTorrent
2014-07-19 03:58:23 ----D---- C:\Users\Matěj\AppData\Roaming\library_dir
2014-07-19 03:56:07 ----D---- C:\Users\Matěj\AppData\Roaming\Raptr
2014-07-19 03:56:06 ----D---- C:\Program Files\Raptr
2014-07-18 22:34:14 ----D---- C:\Deer Avenger 4
2014-07-18 18:00:51 ----D---- C:\Program Files\directx
2014-07-18 17:59:51 ----D---- C:\Program Files\Wanadoo Edition
2014-07-18 17:40:53 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2014-07-18 17:40:36 ----D---- C:\Users\Matěj\AppData\Roaming\DAEMON Tools Lite
2014-07-18 17:40:06 ----D---- C:\Program Files\DAEMON Tools Lite
2014-07-18 17:38:05 ----D---- C:\ProgramData\DAEMON Tools Lite
2014-07-18 12:39:13 ----D---- C:\Program Files\GOG.com
2014-07-16 20:18:20 ----D---- C:\Users\Matěj\AppData\Roaming\FLV and Media Player
2014-07-16 20:17:11 ----D---- C:\Users\Matěj\AppData\Roaming\WinRAR
2014-07-16 17:52:30 ----D---- C:\Program Files\Common Files\Java
2014-07-16 17:52:21 ----A---- C:\Windows\system32\javaws.exe
2014-07-16 17:51:51 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2014-07-16 17:51:51 ----A---- C:\Windows\system32\javaw.exe
2014-07-16 17:51:51 ----A---- C:\Windows\system32\java.exe
2014-07-16 17:41:58 ----D---- C:\Users\Matěj\AppData\Roaming\ATI
2014-07-16 17:40:51 ----D---- C:\Users\Matěj\AppData\Roaming\Identities
2014-07-16 17:39:28 ----D---- C:\Users\Matěj\AppData\Roaming\Adobe
2014-07-16 17:38:56 ----SD---- C:\Users\Matěj\AppData\Roaming\Microsoft
2014-07-16 17:38:56 ----D---- C:\Users\Matěj\AppData\Roaming\Media Center Programs
2014-07-15 21:22:27 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-15 21:22:26 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-07-15 21:22:26 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-07-15 21:22:22 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-15 21:22:21 ----A---- C:\Windows\system32\iernonce.dll
2014-07-15 21:22:20 ----A---- C:\Windows\system32\urlmon.dll
2014-07-15 21:22:18 ----A---- C:\Windows\system32\jsproxy.dll
2014-07-15 21:22:18 ----A---- C:\Windows\system32\ieUnatt.exe
2014-07-15 21:22:18 ----A---- C:\Windows\system32\iedkcs32.dll
2014-07-15 21:22:16 ----A---- C:\Windows\system32\ieapfltr.dll
2014-07-15 21:22:16 ----A---- C:\Windows\system32\dxtmsft.dll
2014-07-15 21:22:15 ----A---- C:\Windows\system32\msfeeds.dll
2014-07-15 21:22:10 ----A---- C:\Windows\system32\msrating.dll
2014-07-15 21:22:09 ----A---- C:\Windows\system32\ie4uinit.exe
2014-07-15 21:22:08 ----A---- C:\Windows\system32\iesetup.dll
2014-07-15 21:22:06 ----A---- C:\Windows\system32\wininet.dll
2014-07-15 21:22:06 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-07-15 21:22:02 ----A---- C:\Windows\system32\dxtrans.dll
2014-07-15 21:21:59 ----A---- C:\Windows\system32\ieui.dll
2014-07-15 21:21:57 ----A---- C:\Windows\system32\ieframe.dll
2014-07-15 21:21:54 ----A---- C:\Windows\system32\mshtmled.dll
2014-07-15 21:21:53 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-07-15 21:21:51 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-07-15 21:21:48 ----A---- C:\Windows\system32\iertutil.dll
2014-07-15 21:21:41 ----A---- C:\Windows\system32\jscript9diag.dll
2014-07-15 21:21:38 ----A---- C:\Windows\system32\mshtml.dll
2014-07-15 21:21:31 ----A---- C:\Windows\system32\vbscript.dll
2014-07-15 21:21:29 ----A---- C:\Windows\system32\jscript9.dll
2014-07-15 21:21:14 ----A---- C:\Windows\system32\win32k.sys
2014-07-15 21:21:12 ----A---- C:\Windows\system32\osk.exe
2014-07-15 21:20:09 ----A---- C:\Windows\system32\qedit.dll
2014-07-15 21:19:57 ----A---- C:\Windows\system32\drivers\afd.sys
2014-07-15 20:58:49 ----A---- C:\Windows\system32\aepdu.dll
2014-07-15 20:58:43 ----A---- C:\Windows\system32\aeinv.dll
2014-07-15 20:58:27 ----A---- C:\Windows\system32\schannel.dll
2014-07-15 20:58:27 ----A---- C:\Windows\system32\lsasrv.dll
2014-07-15 20:49:27 ----D---- C:\70aecd3afafc04fb51
2014-07-15 20:36:22 ----D---- C:\Program Files\CCleaner
2014-06-28 21:25:07 ----D---- C:\Program Files\Common Files\Skype
2014-06-28 20:40:44 ----A---- C:\Windows\system32\msxml6.dll
2014-06-28 20:40:44 ----A---- C:\Windows\system32\msxml3.dll
2014-06-28 20:40:43 ----A---- C:\Windows\system32\msxml6r.dll
2014-06-28 20:40:43 ----A---- C:\Windows\system32\msxml3r.dll
2014-06-28 20:40:37 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-06-28 20:40:36 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-06-28 20:40:35 ----A---- C:\Windows\system32\drivers\netio.sys
2014-06-28 20:40:22 ----A---- C:\Windows\system32\usp10.dll
2014-06-28 14:04:18 ----D---- C:\Program Files\GUMA509.tmp
2014-06-28 14:04:18 ----A---- C:\Program Files\GUTA52A.tmp
======List of files/folders modified in the last 1 month======
2014-07-20 21:12:18 ----D---- C:\Windows\Temp
2014-07-20 21:09:44 ----D---- C:\Windows\system32\config
2014-07-20 20:35:45 ----RD---- C:\Program Files
2014-07-20 20:35:45 ----D---- C:\Windows\system32\drivers
2014-07-20 20:21:36 ----D---- C:\Windows\ShellNew
2014-07-20 14:29:51 ----HD---- C:\ProgramData
2014-07-20 13:04:51 ----SHD---- C:\System Volume Information
2014-07-20 12:45:35 ----D---- C:\Windows\Tasks
2014-07-20 12:45:35 ----D---- C:\Windows\system32\Tasks
2014-07-20 12:43:56 ----D---- C:\Windows\System32
2014-07-20 01:25:30 ----D---- C:\Windows
2014-07-20 01:00:05 ----D---- C:\Windows\inf
2014-07-20 00:31:47 ----D---- C:\Windows\Downloaded Program Files
2014-07-19 19:48:08 ----HD---- C:\Program Files\InstallShield Installation Information
2014-07-19 19:47:46 ----SHD---- C:\Windows\Installer
2014-07-19 03:40:55 ----D---- C:\Windows\Prefetch
2014-07-18 22:33:56 ----D---- C:\Windows\system32\catroot2
2014-07-18 18:09:19 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-18 17:58:49 ----D---- C:\Program Files\Common Files\InstallShield
2014-07-18 17:42:49 ----D---- C:\Windows\system32\catroot
2014-07-18 17:42:27 ----D---- C:\Windows\system32\DriverStore
2014-07-16 19:50:33 ----D---- C:\PerfLogs
2014-07-16 19:46:58 ----SD---- C:\ProgramData\Microsoft
2014-07-16 17:53:19 ----D---- C:\ProgramData\Oracle
2014-07-16 17:52:30 ----D---- C:\Program Files\Common Files
2014-07-16 17:51:50 ----D---- C:\Program Files\Java
2014-07-16 17:39:55 ----SHD---- C:\$Recycle.Bin
2014-07-16 17:38:55 ----RD---- C:\Users
2014-07-16 12:56:15 ----D---- C:\Windows\debug
2014-07-16 12:46:45 ----D---- C:\Windows\winsxs
2014-07-16 12:43:15 ----D---- C:\Windows\system32\en-US
2014-07-16 12:43:15 ----D---- C:\Program Files\Windows Journal
2014-07-16 12:43:14 ----D---- C:\Program Files\Internet Explorer
2014-07-16 12:43:11 ----D---- C:\Windows\ehome
2014-07-16 12:43:10 ----D---- C:\Windows\system32\Dism
2014-07-16 12:43:09 ----SD---- C:\Windows\system32\CompatTel
2014-07-16 12:41:58 ----D---- C:\ProgramData\Microsoft Help
2014-07-16 12:24:59 ----D---- C:\Windows\system32\MRT
2014-07-16 12:12:36 ----A---- C:\Windows\system32\MRT.exe
2014-07-16 12:07:00 ----RSD---- C:\Windows\assembly
2014-07-15 20:42:08 ----D---- C:\Windows\Panther
2014-07-15 20:41:59 ----D---- C:\Windows\Logs
2014-06-28 21:27:36 ----RD---- C:\Program Files\Skype
2014-06-28 21:25:37 ----D---- C:\ProgramData\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 231960]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2012-01-11 173440]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2012-01-11 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-07-18 243128]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-01-11 48640]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 104264]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2007-12-11 5120]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2010-01-20 23136]
R3 amdiox86;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-12-14 1245696]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2009-03-26 21000]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-05-26 4806144]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-04-10 2358112]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-14 139776]
S1 DritekPortIO;Dritek General Port I/O; \??\C:\Program Files\Launch Manager\DPortIO.sys []
S1 MpKslda1d1e53;MpKslda1d1e53; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D97F4FE7-1DDA-4857-A29A-4B35810A24C8}\MpKslda1d1e53.sys []
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [2007-12-11 41984]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 10070016]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-04-30 290304]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2012-05-14 86656]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 10070016]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2013-02-23 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2012-01-11 60416]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-04-29 54784]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2012-01-09 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2012-01-09 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-06-11 19072]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2012-01-11 133632]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2008-02-27 141408]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-14 207360]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-14 980992]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-14 661504]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2012-01-09 8192]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2012-01-09 8192]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-04-11 1390720]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-04-11 1764992]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 22216]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 279776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2012-01-11 21504]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-19 108032]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 4846168]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2012-01-11 21504]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2012-01-11 21504]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2012-01-11 21504]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-01-28 1343400]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-22 257712]
S4 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-04-30 217088]
S4 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-04-30 291840]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2012-01-11 21504]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-28 116648]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-28 116648]
S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-01-06 136120]
S4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Matěj at 2014-07-20 21:14:09
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 191 GB (63%) free of 305 GB
Total RAM: 1013 MB (33% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:14:16, on 20.7.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\Windows\twain_32\Samsung\SCX4x24\Scan2Pc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\Matěj\Desktop\RSIT.exe
C:\Program Files\trend micro\Matěj.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [4x24 Scan2PC] "C:\Windows\twain_32\Samsung\SCX4x24\Scan2Pc.exe"
O4 - HKLM\..\Run: [NSU_agent] "C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
--
End of file - 4943 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-07-11 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2014-01-23 707800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-07-11 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-30 642304]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files\AMD AVT\bin\kdbsync.exe aml []
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-04-10 7399968]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 951576]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"Samsung PanelMgr"=C:\Windows\Samsung\PanelMgr\SSMMgr.exe [2009-08-21 614400]
"4x24 Scan2PC"=C:\Windows\twain_32\Samsung\SCX4x24\Scan2Pc.exe [2008-09-29 495616]
"NSU_agent"=C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe [2012-02-28 190768]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-05-26 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-05-26 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-05-26 150552]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2014-05-08 21445248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-05-26 218112]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-07-20 20:15:46 ----A---- C:\log.txt
2014-07-20 14:29:51 ----D---- C:\ProgramData\Malwarebytes
2014-07-20 12:43:56 ----A---- C:\Windows\system32\sqlite3.dll
2014-07-20 12:41:24 ----D---- C:\AdwCleaner
2014-07-20 00:21:15 ----D---- C:\Users\Matěj\AppData\Roaming\AVG
2014-07-20 00:20:58 ----AD---- C:\ProgramData\TEMP
2014-07-20 00:15:51 ----D---- C:\Program Files\AVG
2014-07-19 19:15:46 ----D---- C:\Program Files\trend micro
2014-07-19 19:15:45 ----D---- C:\rsit
2014-07-19 16:15:10 ----D---- C:\Program Files\Project Snowblind
2014-07-19 05:59:48 ----D---- C:\Users\Matěj\AppData\Roaming\BitTorrent
2014-07-19 03:58:23 ----D---- C:\Users\Matěj\AppData\Roaming\library_dir
2014-07-19 03:56:07 ----D---- C:\Users\Matěj\AppData\Roaming\Raptr
2014-07-19 03:56:06 ----D---- C:\Program Files\Raptr
2014-07-18 22:34:14 ----D---- C:\Deer Avenger 4
2014-07-18 18:00:51 ----D---- C:\Program Files\directx
2014-07-18 17:59:51 ----D---- C:\Program Files\Wanadoo Edition
2014-07-18 17:40:53 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2014-07-18 17:40:36 ----D---- C:\Users\Matěj\AppData\Roaming\DAEMON Tools Lite
2014-07-18 17:40:06 ----D---- C:\Program Files\DAEMON Tools Lite
2014-07-18 17:38:05 ----D---- C:\ProgramData\DAEMON Tools Lite
2014-07-18 12:39:13 ----D---- C:\Program Files\GOG.com
2014-07-16 20:18:20 ----D---- C:\Users\Matěj\AppData\Roaming\FLV and Media Player
2014-07-16 20:17:11 ----D---- C:\Users\Matěj\AppData\Roaming\WinRAR
2014-07-16 17:52:30 ----D---- C:\Program Files\Common Files\Java
2014-07-16 17:52:21 ----A---- C:\Windows\system32\javaws.exe
2014-07-16 17:51:51 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2014-07-16 17:51:51 ----A---- C:\Windows\system32\javaw.exe
2014-07-16 17:51:51 ----A---- C:\Windows\system32\java.exe
2014-07-16 17:41:58 ----D---- C:\Users\Matěj\AppData\Roaming\ATI
2014-07-16 17:40:51 ----D---- C:\Users\Matěj\AppData\Roaming\Identities
2014-07-16 17:39:28 ----D---- C:\Users\Matěj\AppData\Roaming\Adobe
2014-07-16 17:38:56 ----SD---- C:\Users\Matěj\AppData\Roaming\Microsoft
2014-07-16 17:38:56 ----D---- C:\Users\Matěj\AppData\Roaming\Media Center Programs
2014-07-15 21:22:27 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-15 21:22:26 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-07-15 21:22:26 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-07-15 21:22:22 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-15 21:22:21 ----A---- C:\Windows\system32\iernonce.dll
2014-07-15 21:22:20 ----A---- C:\Windows\system32\urlmon.dll
2014-07-15 21:22:18 ----A---- C:\Windows\system32\jsproxy.dll
2014-07-15 21:22:18 ----A---- C:\Windows\system32\ieUnatt.exe
2014-07-15 21:22:18 ----A---- C:\Windows\system32\iedkcs32.dll
2014-07-15 21:22:16 ----A---- C:\Windows\system32\ieapfltr.dll
2014-07-15 21:22:16 ----A---- C:\Windows\system32\dxtmsft.dll
2014-07-15 21:22:15 ----A---- C:\Windows\system32\msfeeds.dll
2014-07-15 21:22:10 ----A---- C:\Windows\system32\msrating.dll
2014-07-15 21:22:09 ----A---- C:\Windows\system32\ie4uinit.exe
2014-07-15 21:22:08 ----A---- C:\Windows\system32\iesetup.dll
2014-07-15 21:22:06 ----A---- C:\Windows\system32\wininet.dll
2014-07-15 21:22:06 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-07-15 21:22:02 ----A---- C:\Windows\system32\dxtrans.dll
2014-07-15 21:21:59 ----A---- C:\Windows\system32\ieui.dll
2014-07-15 21:21:57 ----A---- C:\Windows\system32\ieframe.dll
2014-07-15 21:21:54 ----A---- C:\Windows\system32\mshtmled.dll
2014-07-15 21:21:53 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-07-15 21:21:51 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-07-15 21:21:48 ----A---- C:\Windows\system32\iertutil.dll
2014-07-15 21:21:41 ----A---- C:\Windows\system32\jscript9diag.dll
2014-07-15 21:21:38 ----A---- C:\Windows\system32\mshtml.dll
2014-07-15 21:21:31 ----A---- C:\Windows\system32\vbscript.dll
2014-07-15 21:21:29 ----A---- C:\Windows\system32\jscript9.dll
2014-07-15 21:21:14 ----A---- C:\Windows\system32\win32k.sys
2014-07-15 21:21:12 ----A---- C:\Windows\system32\osk.exe
2014-07-15 21:20:09 ----A---- C:\Windows\system32\qedit.dll
2014-07-15 21:19:57 ----A---- C:\Windows\system32\drivers\afd.sys
2014-07-15 20:58:49 ----A---- C:\Windows\system32\aepdu.dll
2014-07-15 20:58:43 ----A---- C:\Windows\system32\aeinv.dll
2014-07-15 20:58:27 ----A---- C:\Windows\system32\schannel.dll
2014-07-15 20:58:27 ----A---- C:\Windows\system32\lsasrv.dll
2014-07-15 20:49:27 ----D---- C:\70aecd3afafc04fb51
2014-07-15 20:36:22 ----D---- C:\Program Files\CCleaner
2014-06-28 21:25:07 ----D---- C:\Program Files\Common Files\Skype
2014-06-28 20:40:44 ----A---- C:\Windows\system32\msxml6.dll
2014-06-28 20:40:44 ----A---- C:\Windows\system32\msxml3.dll
2014-06-28 20:40:43 ----A---- C:\Windows\system32\msxml6r.dll
2014-06-28 20:40:43 ----A---- C:\Windows\system32\msxml3r.dll
2014-06-28 20:40:37 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-06-28 20:40:36 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-06-28 20:40:35 ----A---- C:\Windows\system32\drivers\netio.sys
2014-06-28 20:40:22 ----A---- C:\Windows\system32\usp10.dll
2014-06-28 14:04:18 ----D---- C:\Program Files\GUMA509.tmp
2014-06-28 14:04:18 ----A---- C:\Program Files\GUTA52A.tmp
======List of files/folders modified in the last 1 month======
2014-07-20 21:12:18 ----D---- C:\Windows\Temp
2014-07-20 21:09:44 ----D---- C:\Windows\system32\config
2014-07-20 20:35:45 ----RD---- C:\Program Files
2014-07-20 20:35:45 ----D---- C:\Windows\system32\drivers
2014-07-20 20:21:36 ----D---- C:\Windows\ShellNew
2014-07-20 14:29:51 ----HD---- C:\ProgramData
2014-07-20 13:04:51 ----SHD---- C:\System Volume Information
2014-07-20 12:45:35 ----D---- C:\Windows\Tasks
2014-07-20 12:45:35 ----D---- C:\Windows\system32\Tasks
2014-07-20 12:43:56 ----D---- C:\Windows\System32
2014-07-20 01:25:30 ----D---- C:\Windows
2014-07-20 01:00:05 ----D---- C:\Windows\inf
2014-07-20 00:31:47 ----D---- C:\Windows\Downloaded Program Files
2014-07-19 19:48:08 ----HD---- C:\Program Files\InstallShield Installation Information
2014-07-19 19:47:46 ----SHD---- C:\Windows\Installer
2014-07-19 03:40:55 ----D---- C:\Windows\Prefetch
2014-07-18 22:33:56 ----D---- C:\Windows\system32\catroot2
2014-07-18 18:09:19 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-18 17:58:49 ----D---- C:\Program Files\Common Files\InstallShield
2014-07-18 17:42:49 ----D---- C:\Windows\system32\catroot
2014-07-18 17:42:27 ----D---- C:\Windows\system32\DriverStore
2014-07-16 19:50:33 ----D---- C:\PerfLogs
2014-07-16 19:46:58 ----SD---- C:\ProgramData\Microsoft
2014-07-16 17:53:19 ----D---- C:\ProgramData\Oracle
2014-07-16 17:52:30 ----D---- C:\Program Files\Common Files
2014-07-16 17:51:50 ----D---- C:\Program Files\Java
2014-07-16 17:39:55 ----SHD---- C:\$Recycle.Bin
2014-07-16 17:38:55 ----RD---- C:\Users
2014-07-16 12:56:15 ----D---- C:\Windows\debug
2014-07-16 12:46:45 ----D---- C:\Windows\winsxs
2014-07-16 12:43:15 ----D---- C:\Windows\system32\en-US
2014-07-16 12:43:15 ----D---- C:\Program Files\Windows Journal
2014-07-16 12:43:14 ----D---- C:\Program Files\Internet Explorer
2014-07-16 12:43:11 ----D---- C:\Windows\ehome
2014-07-16 12:43:10 ----D---- C:\Windows\system32\Dism
2014-07-16 12:43:09 ----SD---- C:\Windows\system32\CompatTel
2014-07-16 12:41:58 ----D---- C:\ProgramData\Microsoft Help
2014-07-16 12:24:59 ----D---- C:\Windows\system32\MRT
2014-07-16 12:12:36 ----A---- C:\Windows\system32\MRT.exe
2014-07-16 12:07:00 ----RSD---- C:\Windows\assembly
2014-07-15 20:42:08 ----D---- C:\Windows\Panther
2014-07-15 20:41:59 ----D---- C:\Windows\Logs
2014-06-28 21:27:36 ----RD---- C:\Program Files\Skype
2014-06-28 21:25:37 ----D---- C:\ProgramData\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 231960]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2012-01-11 173440]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2012-01-11 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-07-18 243128]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-01-11 48640]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 104264]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2007-12-11 5120]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2010-01-20 23136]
R3 amdiox86;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-12-14 1245696]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2009-03-26 21000]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-05-26 4806144]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-04-10 2358112]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-14 139776]
S1 DritekPortIO;Dritek General Port I/O; \??\C:\Program Files\Launch Manager\DPortIO.sys []
S1 MpKslda1d1e53;MpKslda1d1e53; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D97F4FE7-1DDA-4857-A29A-4B35810A24C8}\MpKslda1d1e53.sys []
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [2007-12-11 41984]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 10070016]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-04-30 290304]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2012-05-14 86656]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 10070016]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2013-02-23 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2012-01-11 60416]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-04-29 54784]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2012-01-09 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2012-01-09 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-06-11 19072]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2012-01-11 133632]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2008-02-27 141408]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-14 207360]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-14 980992]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-14 661504]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2012-01-09 8192]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2012-01-09 8192]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-04-11 1390720]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-04-11 1764992]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 22216]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 279776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2012-01-11 21504]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-19 108032]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 4846168]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2012-01-11 21504]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2012-01-11 21504]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2012-01-11 21504]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-01-28 1343400]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-22 257712]
S4 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-04-30 217088]
S4 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-04-30 291840]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2012-01-11 21504]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-28 116648]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-28 116648]
S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-01-06 136120]
S4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
-----------------EOF-----------------
Re: Pomalé načítání
----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Professional SP1 [6.1 Build 7601] (x86)
Date : 2014/07/20 21:27:04
-- Controller Map ----------------------------------------------------------
+ Standardní řadič AHCI 1.0 s rozhraním Serial ATA [ATA]
- ATA Channel 0 (0)
+ ATA Channel 1 (1)
- WDC WD3200BEKX-00B7WT0 ATA Device
-- Disk List ---------------------------------------------------------------
(1) WDC WD3200BEKX-00B7WT0 : 320,0 GB [0/1/0, pd1]
----------------------------------------------------------------------------
(1) WDC WD3200BEKX-00B7WT0
----------------------------------------------------------------------------
Model : WDC WD3200BEKX-00B7WT0
Firmware : 01.01A01
Serial Number : WD-WX81A8328091
Disk Size : 320,0 GB (8,4/137,4/320,0)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/600
Power On Hours : 543 hod.
Power On Count : 294 krát
Temparature : 43 C (109 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 152 144 _21 00000000054E Čas na roztočení ploten
04 100 100 __0 00000000012B Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 __0 000000000000 Počet chybných hledání
09 100 100 __0 00000000021F Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C 100 100 __0 000000000126 Počet cyklů zapnutí zařízení
C0 200 200 __0 000000000015 Počet vypnutí disku
C1 199 199 __0 000000001000 Počet cyklů načítání/vymazání
C2 100 _95 __0 00000000002B Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4138 4138 3332 3830 3931
020: 0000 8000 0032 3031 2E30 3031 3031 5744 4320 5744
030: 3332 3030 4245 4B58 2D30 3757 3757 5430 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 9F0E 9F0E 0004 004C 0048
080: 01FE 0000 746B 7D69 6163 BC49 BC49 6163 207F 001E
090: 001E 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: EAB0 2542 0000 0000 0000 0000 0000 0000 5001 4EE6
110: 592A 882B 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16FE 013F 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 70B5 70B5 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 BDA5
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Professional SP1 [6.1 Build 7601] (x86)
Date : 2014/07/20 21:27:04
-- Controller Map ----------------------------------------------------------
+ Standardní řadič AHCI 1.0 s rozhraním Serial ATA [ATA]
- ATA Channel 0 (0)
+ ATA Channel 1 (1)
- WDC WD3200BEKX-00B7WT0 ATA Device
-- Disk List ---------------------------------------------------------------
(1) WDC WD3200BEKX-00B7WT0 : 320,0 GB [0/1/0, pd1]
----------------------------------------------------------------------------
(1) WDC WD3200BEKX-00B7WT0
----------------------------------------------------------------------------
Model : WDC WD3200BEKX-00B7WT0
Firmware : 01.01A01
Serial Number : WD-WX81A8328091
Disk Size : 320,0 GB (8,4/137,4/320,0)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/600
Power On Hours : 543 hod.
Power On Count : 294 krát
Temparature : 43 C (109 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 152 144 _21 00000000054E Čas na roztočení ploten
04 100 100 __0 00000000012B Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 __0 000000000000 Počet chybných hledání
09 100 100 __0 00000000021F Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C 100 100 __0 000000000126 Počet cyklů zapnutí zařízení
C0 200 200 __0 000000000015 Počet vypnutí disku
C1 199 199 __0 000000001000 Počet cyklů načítání/vymazání
C2 100 _95 __0 00000000002B Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4138 4138 3332 3830 3931
020: 0000 8000 0032 3031 2E30 3031 3031 5744 4320 5744
030: 3332 3030 4245 4B58 2D30 3757 3757 5430 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 9F0E 9F0E 0004 004C 0048
080: 01FE 0000 746B 7D69 6163 BC49 BC49 6163 207F 001E
090: 001E 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: EAB0 2542 0000 0000 0000 0000 0000 0000 5001 4EE6
110: 592A 882B 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16FE 013F 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 70B5 70B5 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 BDA5
Re: Pomalé načítání
- 2014-07-20_213145.png (458.91 KiB) Zobrazeno 2046 x
Re: Pomalé načítání
Tak aktualizujte ten ovladac.Attistar píše:Zde obrázek.
Jinak bacha na pouzivani TuneUp, dokaze to v pc udelat poradnou paseku.
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Pomalé načítání
Koukal jsem, ale nic aktualizovat nechce. Akorát mám v správci zařízení - "MpKslda1d1e53". Bohužel to nejde nijak aktualizovat a ani nevím co to je. Je normální, že tomu OTL trvá dlouho, než vytvoří nějaký log ?
Re: Pomalé načítání
Sam mozna nechce, ale mozna je uz nejaky novejsi.
"MpKslda1d1e53" patri k c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D97F4FE7-1DDA-4857-A29A-4B35810A24C8}\MpKslda1d1e53.sys
OTL trva dele, takze je to normalni.
"MpKslda1d1e53" patri k c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D97F4FE7-1DDA-4857-A29A-4B35810A24C8}\MpKslda1d1e53.sys
OTL trva dele, takze je to normalni.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Pomalé načítání
OTL logfile created on: 20.7.2014 22:14:35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Matěj\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1013,42 Mb Total Physical Memory | 216,84 Mb Available Physical Memory | 21,40% Memory free
1,99 Gb Paging File | 0,74 Gb Available in Paging File | 37,23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 297,99 Gb Total Space | 186,58 Gb Free Space | 62,61% Space Free | Partition Type: NTFS
Computer Name: UŽIVATEL-PC | User Name: Matěj | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014.07.20 21:58:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Matěj\Desktop\OTL.exe
PRC - [2014.07.15 11:24:50 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014.04.11 19:45:50 | 001,764,992 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2014.04.11 19:45:42 | 001,390,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014.03.11 10:13:24 | 000,279,776 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2014.03.11 10:13:24 | 000,022,216 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2014.03.11 10:13:14 | 000,951,576 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2013.02.23 06:40:27 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012.01.11 16:24:39 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.08.21 05:57:12 | 000,614,400 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe
PRC - [2008.09.29 01:18:46 | 000,495,616 | ---- | M] () -- C:\Windows\twain_32\Samsung\SCX4x24\Scan2Pc.exe
========== Modules (No Company Name) ==========
MOD - [2014.07.15 11:24:48 | 000,353,096 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.125\ppgooglenaclpluginchrome.dll
MOD - [2014.07.15 11:24:46 | 014,664,008 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll
MOD - [2014.07.15 11:24:44 | 008,537,928 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.125\pdf.dll
MOD - [2014.07.15 11:24:35 | 001,732,936 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
MOD - [2014.05.26 19:04:32 | 011,926,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\e26d20d803045f9826c9db3a5428a674\System.Web.ni.dll
MOD - [2014.05.26 19:03:14 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\f183e093a6fe96848f97b54861cb5cfe\System.Runtime.Remoting.ni.dll
MOD - [2014.02.13 08:36:52 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\5bbfddda63a1283dc40775a10a655b76\WindowsFormsIntegration.ni.dll
MOD - [2014.02.13 07:30:23 | 002,297,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\7ca198ce0678a1feb62b2fdfb60c7cec\System.Core.ni.dll
MOD - [2014.02.13 07:22:58 | 000,226,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\b20c23a647b2b1ee8623cb17bc1aa2f8\PresentationFramework.Classic.ni.dll
MOD - [2014.02.13 07:22:05 | 014,344,192 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\76d1e682a5b80792cd0f104dc4867aa2\PresentationFramework.ni.dll
MOD - [2014.02.13 07:21:39 | 012,435,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\9dffc88a612a54345330f4fd5a163526\System.Windows.Forms.ni.dll
MOD - [2014.02.13 07:21:27 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d0bb6fcf40879c657531f019c9d4143e\System.Drawing.ni.dll
MOD - [2014.02.13 07:21:23 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\1e7316a2dff07b9907b0b48782a0f138\UIAutomationProvider.ni.dll
MOD - [2014.02.13 07:21:22 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\fb79719caeeefd68b1a09acdd2809234\Accessibility.ni.dll
MOD - [2014.02.13 07:21:21 | 012,239,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\915fa0b4ddf5538ba94b71f0523430d4\PresentationCore.ni.dll
MOD - [2014.02.13 07:21:04 | 003,349,504 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\6bed28b51eb4520f4cd0f26d097da8dc\WindowsBase.ni.dll
MOD - [2014.02.13 07:20:54 | 005,463,552 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cebf414a03abb5c514d6ac94c5c5d2bb\System.Xml.ni.dll
MOD - [2014.02.13 07:20:48 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\88ed0292613452dff93b0f6d87a0df15\System.Configuration.ni.dll
MOD - [2014.02.13 07:20:46 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\d51a4cd53e9ab1a925cad78fd62c984f\System.ni.dll
MOD - [2014.02.13 07:20:34 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\83ca3470d7ffd45618c0bfbbd0ba5fb3\mscorlib.ni.dll
MOD - [2014.02.10 13:44:24 | 004,592,128 | ---- | M] () -- C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libGLESv2.dll
MOD - [2014.02.10 13:44:24 | 000,112,128 | ---- | M] () -- C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libEGL.dll
MOD - [2014.01.28 18:51:36 | 008,007,680 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2013.06.18 16:49:28 | 000,016,384 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2013.04.30 00:08:08 | 000,369,152 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2012.01.11 16:26:46 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_cs_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2012.01.11 16:26:46 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2011.04.12 03:36:58 | 000,237,568 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_cs_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2011.04.12 03:36:58 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_cs_31bf3856ad364e35\PresentationCore.resources.dll
MOD - [2011.04.12 03:36:58 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Core.resources\3.5.0.0_cs_b77a5c561934e089\System.Core.resources.dll
MOD - [2011.04.12 03:36:50 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_cs_b77a5c561934e089\System.resources.dll
MOD - [2009.08.21 05:57:12 | 000,614,400 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe
MOD - [2008.09.29 01:18:46 | 000,495,616 | ---- | M] () -- C:\Windows\twain_32\Samsung\SCX4x24\Scan2Pc.exe
MOD - [2008.09.11 05:57:46 | 000,367,104 | ---- | M] () -- C:\Windows\twain_32\Samsung\SCX4x24\NetModule.dll
MOD - [2008.09.11 05:57:44 | 000,155,648 | ---- | M] () -- C:\Windows\twain_32\Samsung\SCX4x24\IMFilter.dll
MOD - [2008.05.29 11:10:48 | 001,384,520 | ---- | M] () -- C:\Windows\twain_32\Samsung\SCX4x24\SSOle.dll
========== Services (SafeList) ==========
SRV - [2014.06.19 01:23:24 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014.05.22 18:14:04 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.04.11 19:45:50 | 001,764,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014.04.11 19:45:42 | 001,390,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014.03.11 10:13:24 | 000,279,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2014.03.11 10:13:24 | 000,022,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2014.01.28 21:35:22 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.10.23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.05.27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.04.30 05:52:26 | 000,217,088 | ---- | M] (AMD) [Disabled | Stopped] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2013.04.30 00:24:04 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Disabled | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2012.06.11 12:33:26 | 000,724,376 | ---- | M] (Nokia) [Disabled | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.07.20 12:51:52 | 000,935,208 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D97F4FE7-1DDA-4857-A29A-4B35810A24C8}\MpKslda1d1e53.sys -- (MpKslda1d1e53)
DRV - File not found [File_System | On_Demand | Stopped] -- C:\Windows\system32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)
DRV - [2014.07.18 17:40:54 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2014.03.11 09:52:30 | 000,104,264 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2013.04.30 06:14:44 | 010,070,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2013.04.30 06:14:44 | 010,070,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2013.04.30 04:47:52 | 000,290,304 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2012.06.11 12:33:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012.05.14 08:12:28 | 000,086,656 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2012.01.09 18:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012.01.09 18:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012.01.09 18:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2012.01.09 18:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.11.20 23:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 23:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 23:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010.11.20 23:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 23:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 23:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 23:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010.11.20 23:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 23:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.02.18 10:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2010.01.20 06:14:42 | 000,023,136 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV - [2009.12.14 12:44:42 | 001,245,696 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008.04.29 02:54:58 | 000,054,784 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\enecir.sys -- (enecir)
DRV - [2008.02.27 20:36:02 | 000,141,408 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2007.12.11 22:47:08 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2007.12.11 06:47:06 | 000,041,984 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\DGIVECP.SYS -- (DgiVecp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.bing.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.bing.com
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.bing.com
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2962489488-1740152995-2069433674-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.bing.com
IE - HKU\S-1-5-21-2962489488-1740152995-2069433674-1004\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2962489488-1740152995-2069433674-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-2962489488-1740152995-2069433674-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.65.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.65.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage:
CHR - plugin: Error reading preferences file
CHR - Extension: Dokumenty Google = C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Disk Google = C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.3_0\
CHR - Extension: VyhledávánĂ Google = C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Lookup Companion for Wikipedia = C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhgpkiiipkgmckicafkhcihkcldbdeej\1.9.0_0\
CHR - Extension: Adblock Pro = C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbgcnjkhhefobgkhmaeojefkciblgaml\1.0_0\
CHR - Extension: AdBlock = C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.7_0\
CHR - Extension: Skype Click to Call = C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.2.15747.10003_0\
CHR - Extension: Peněženka Google = C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [4x24 Scan2PC] C:\Windows\twain_32\Samsung\SCX4x24\Scan2Pc.exe ()
O4 - HKLM..\Run: [AMD AVT] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NSU_agent] C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe ()
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-2962489488-1740152995-2069433674-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{85AE3507-76D8-4081-A415-80CF6FDBA868}: DhcpNameServer = 192.168.1.254 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A85F59E5-0169-46EE-B947-B990C36754E3}: DhcpNameServer = 192.168.1.254 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E118D8FD-6D5D-437A-A3A8-A3A32DCB8670}: DhcpNameServer = 192.168.1.254 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FEFA9982-CEE6-4845-89D4-24D0388231C7}: DhcpNameServer = 192.168.1.254 8.8.8.8
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{9ce795f7-0dc8-11e4-88cb-60eb69d71ea7}\Shell - "" = AutoRun
O33 - MountPoints2\{9ce795f7-0dc8-11e4-88cb-60eb69d71ea7}\Shell\AutoRun\command - "" = F:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014.07.20 21:58:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Matěj\Desktop\OTL.exe
[2014.07.20 21:31:16 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Roaming\FastStone
[2014.07.20 21:31:16 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Local\FastStone
[2014.07.20 21:30:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Capture
[2014.07.20 21:30:42 | 000,000,000 | ---D | C] -- C:\Program Files\FastStone Capture
[2014.07.20 21:26:22 | 000,000,000 | ---D | C] -- C:\Users\Matěj\Desktop\Nová složka
[2014.07.20 14:29:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014.07.20 14:29:32 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Local\Programs
[2014.07.20 14:25:51 | 017,292,760 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Matěj\Desktop\mbam-setup-2.0.2.1012.exe
[2014.07.20 12:43:56 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\System32\sqlite3.dll
[2014.07.20 12:41:24 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.07.20 00:21:15 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Roaming\AVG
[2014.07.20 00:20:58 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2014.07.20 00:17:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC Tuneup 2011
[2014.07.20 00:15:51 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2014.07.19 22:20:20 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Local\24031
[2014.07.19 19:47:49 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wanadoo Edition
[2014.07.19 19:15:46 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.07.19 19:15:45 | 000,000,000 | ---D | C] -- C:\rsit
[2014.07.19 16:21:12 | 000,000,000 | ---D | C] -- C:\Users\Matěj\Documents\Project Snowblind
[2014.07.19 16:17:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eidos
[2014.07.19 16:15:10 | 000,000,000 | ---D | C] -- C:\Program Files\Project Snowblind
[2014.07.19 15:59:15 | 000,000,000 | ---D | C] -- C:\Users\Matěj\Desktop\Project.Snowblind-HOODLUM
[2014.07.19 08:29:09 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014.07.19 05:59:48 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Roaming\BitTorrent
[2014.07.19 03:59:44 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
[2014.07.19 03:58:23 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Roaming\library_dir
[2014.07.19 03:56:07 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Roaming\Raptr
[2014.07.19 03:56:06 | 000,000,000 | ---D | C] -- C:\Program Files\Raptr
[2014.07.19 03:48:45 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\AppData\Local\EmieUserList
[2014.07.19 03:48:45 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\AppData\Local\EmieSiteList
[2014.07.18 22:35:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deer Avenger 4
[2014.07.18 22:34:14 | 000,000,000 | ---D | C] -- C:\Deer Avenger 4
[2014.07.18 18:00:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wanadoo Edition
[2014.07.18 18:00:51 | 000,000,000 | ---D | C] -- C:\Program Files\directx
[2014.07.18 17:59:51 | 000,000,000 | ---D | C] -- C:\Program Files\Wanadoo Edition
[2014.07.18 17:43:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2014.07.18 17:40:53 | 000,243,128 | ---- | C] (Disc Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2014.07.18 17:40:36 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Roaming\DAEMON Tools Lite
[2014.07.18 17:40:06 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2014.07.18 17:38:05 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2014.07.18 14:28:26 | 000,000,000 | ---D | C] -- C:\Users\Matěj\Desktop\Captain°°Claw°°(2002)
[2014.07.18 12:40:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
[2014.07.18 12:39:13 | 000,000,000 | ---D | C] -- C:\Program Files\GOG.com
[2014.07.18 12:37:02 | 000,000,000 | ---D | C] -- C:\Users\Matěj\Desktop\Duke Nukem Manhattan Project
[2014.07.17 17:36:01 | 000,000,000 | ---D | C] -- C:\Users\Matěj\Documents\Euro Truck Simulator 2
[2014.07.17 16:31:07 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2014.07.16 23:24:19 | 000,000,000 | ---D | C] -- C:\Users\Matěj\Desktop\RYTMUS - BENGORO
[2014.07.16 20:18:20 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Roaming\FLV and Media Player
[2014.07.16 20:17:30 | 000,000,000 | ---D | C] -- C:\Users\Matěj\Desktop\EKTOR & DJ WICH - TETRIS (2013)
[2014.07.16 20:17:11 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Roaming\WinRAR
[2014.07.16 17:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2014.07.16 17:52:21 | 000,272,808 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2014.07.16 17:51:51 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2014.07.16 17:51:51 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2014.07.16 17:51:51 | 000,096,680 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2014.07.16 17:51:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014.07.16 17:42:09 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Local\S2PC
[2014.07.16 17:41:58 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Roaming\ATI
[2014.07.16 17:41:58 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Local\ATI
[2014.07.16 17:41:18 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Local\Google
[2014.07.16 17:41:12 | 000,000,000 | R--D | C] -- C:\Users\Matěj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014.07.16 17:41:12 | 000,000,000 | R--D | C] -- C:\Users\Matěj\Searches
[2014.07.16 17:41:12 | 000,000,000 | R--D | C] -- C:\Users\Matěj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014.07.16 17:40:51 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Roaming\Identities
[2014.07.16 17:40:02 | 000,000,000 | R--D | C] -- C:\Users\Matěj\Contacts
[2014.07.16 17:39:28 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Roaming\Adobe
[2014.07.16 17:39:09 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Local\VirtualStore
[2014.07.16 17:38:59 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\AppData\Local\Temporary Internet Files
[2014.07.16 17:38:59 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\Šablony
[2014.07.16 17:38:59 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\Soubory cookie
[2014.07.16 17:38:59 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\SendTo
[2014.07.16 17:38:59 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\Poslední
[2014.07.16 17:38:59 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\Okolní tiskárny
[2014.07.16 17:38:59 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\Okolní síť
[2014.07.16 17:38:59 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\Documents\Obrázky
[2014.07.16 17:38:59 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\Nabídka Start
[2014.07.16 17:38:59 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\Local Settings
[2014.07.16 17:38:59 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\Documents\Hudba
[2014.07.16 17:38:59 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\AppData\Local\History
[2014.07.16 17:38:59 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\Documents\Filmy
[2014.07.16 17:38:59 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\Dokumenty
[2014.07.16 17:38:59 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\Data aplikací
[2014.07.16 17:38:59 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\AppData\Local\Data aplikací
[2014.07.16 17:38:56 | 000,000,000 | --SD | C] -- C:\Users\Matěj\AppData\Roaming\Microsoft
[2014.07.16 17:38:56 | 000,000,000 | R--D | C] -- C:\Users\Matěj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014.07.16 17:38:56 | 000,000,000 | R--D | C] -- C:\Users\Matěj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014.07.16 17:38:56 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Local\Temp
[2014.07.16 17:38:56 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Local\Microsoft Help
[2014.07.16 17:38:56 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Local\Microsoft
[2014.07.16 17:38:56 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Roaming\Media Center Programs
[2014.07.16 17:38:55 | 000,000,000 | R--D | C] -- C:\Users\Matěj\Videos
[2014.07.16 17:38:55 | 000,000,000 | R--D | C] -- C:\Users\Matěj\Saved Games
[2014.07.16 17:38:55 | 000,000,000 | R--D | C] -- C:\Users\Matěj\Pictures
[2014.07.16 17:38:55 | 000,000,000 | R--D | C] -- C:\Users\Matěj\Music
[2014.07.16 17:38:55 | 000,000,000 | R--D | C] -- C:\Users\Matěj\Links
[2014.07.16 17:38:55 | 000,000,000 | R--D | C] -- C:\Users\Matěj\Favorites
[2014.07.16 17:38:55 | 000,000,000 | R--D | C] -- C:\Users\Matěj\Downloads
[2014.07.16 17:38:55 | 000,000,000 | R--D | C] -- C:\Users\Matěj\Documents
[2014.07.16 17:38:55 | 000,000,000 | R--D | C] -- C:\Users\Matěj\Desktop
[2014.07.16 17:38:55 | 000,000,000 | -H-D | C] -- C:\Users\Matěj\AppData
[2014.07.15 21:22:27 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2014.07.15 21:22:26 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014.07.15 21:22:26 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014.07.15 21:22:22 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2014.07.15 21:22:21 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014.07.15 21:22:18 | 000,240,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014.07.15 21:22:18 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014.07.15 21:22:18 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014.07.15 21:22:16 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014.07.15 21:22:16 | 000,367,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014.07.15 21:22:15 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014.07.15 21:22:14 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014.07.15 21:22:11 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014.07.15 21:22:10 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014.07.15 21:22:09 | 000,595,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014.07.15 21:22:08 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014.07.15 21:22:06 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014.07.15 21:22:02 | 000,239,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014.07.15 21:21:59 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014.07.15 21:21:53 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2014.07.15 21:21:51 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2014.07.15 21:21:41 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014.07.15 21:21:29 | 004,254,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014.07.15 21:21:14 | 002,350,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2014.07.15 21:21:12 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
[2014.07.15 21:20:09 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2014.07.15 20:58:49 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2014.07.15 20:58:43 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2014.07.15 20:49:27 | 000,000,000 | ---D | C] -- C:\70aecd3afafc04fb51
[2014.07.15 20:36:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014.07.15 20:36:22 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014.06.28 21:25:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2014.06.28 20:40:43 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
[2014.06.28 20:40:43 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2014.06.28 20:40:36 | 000,187,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2014.06.28 20:40:35 | 000,240,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[4 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014.07.20 22:21:43 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.07.20 21:58:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Matěj\Desktop\OTL.exe
[2014.07.20 21:58:04 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.07.20 21:35:45 | 000,469,921 | ---- | M] () -- C:\Users\Matěj\Desktop\2014-07-20_213145.png
[2014.07.20 21:33:02 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.07.20 21:30:52 | 000,001,037 | ---- | M] () -- C:\Users\Public\Desktop\FastStone Capture.lnk
[2014.07.20 21:30:20 | 002,966,142 | ---- | M] () -- C:\Users\Matěj\Desktop\FSCaptureSetup78.exe
[2014.07.20 21:23:10 | 001,496,172 | ---- | M] () -- C:\Users\Matěj\Desktop\CrystalDiskInfo5_0_0.zip
[2014.07.20 21:19:07 | 000,021,504 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.07.20 21:19:07 | 000,021,504 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.07.20 21:11:20 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.07.20 21:11:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.07.20 21:11:00 | 796,987,392 | -HS- | M] () -- C:\hiberfil.sys
[2014.07.20 20:44:28 | 001,107,968 | ---- | M] () -- C:\Users\Matěj\Desktop\RSIT.exe
[2014.07.20 14:29:00 | 017,292,760 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Matěj\Desktop\mbam-setup-2.0.2.1012.exe
[2014.07.20 12:40:29 | 001,354,223 | ---- | M] () -- C:\Users\Matěj\Desktop\adwcleaner_3.216.exe
[2014.07.20 00:17:57 | 000,001,139 | ---- | M] () -- C:\Users\Matěj\Desktop\AVG PC Tuneup 2011.lnk
[2014.07.19 19:47:50 | 000,002,079 | ---- | M] () -- C:\Users\Matěj\Desktop\Pink Panther.lnk
[2014.07.19 16:17:58 | 000,001,037 | ---- | M] () -- C:\Users\Public\Desktop\Project Snowblind.lnk
[2014.07.19 06:01:31 | 000,000,874 | ---- | M] () -- C:\Users\Matěj\Desktop\BitTorrent.lnk
[2014.07.19 04:35:58 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.07.18 22:35:46 | 000,000,631 | ---- | M] () -- C:\Users\Public\Desktop\Deer Avenger 4.lnk
[2014.07.18 18:09:19 | 000,668,376 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2014.07.18 18:09:19 | 000,653,724 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014.07.18 18:09:19 | 000,141,004 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2014.07.18 18:09:19 | 000,121,596 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014.07.18 17:56:47 | 000,001,900 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2014.07.18 17:40:54 | 000,243,128 | ---- | M] (Disc Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2014.07.18 12:40:40 | 000,002,180 | ---- | M] () -- C:\Users\Public\Desktop\Duke Nukem - Manhattan Project.lnk
[2014.07.16 19:49:59 | 000,007,605 | ---- | M] () -- C:\Users\Matěj\AppData\Local\resmon.resmoncfg
[2014.07.16 19:48:37 | 001,052,672 | ---- | M] () -- C:\Users\Matěj\Documents\Q.evtx
[2014.07.16 12:46:07 | 000,431,680 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014.07.15 20:36:43 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014.07.11 03:02:10 | 000,096,680 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2014.07.11 02:56:08 | 000,272,808 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2014.07.11 02:56:01 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2014.07.11 02:55:32 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2014.06.30 03:40:16 | 000,404,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2014.06.30 03:36:00 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2014.06.28 21:12:40 | 000,013,778 | ---- | M] () -- C:\Windows\System32\results.xml
[4 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014.07.20 22:08:18 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.07.20 21:31:57 | 000,469,921 | ---- | C] () -- C:\Users\Matěj\Desktop\2014-07-20_213145.png
[2014.07.20 21:30:52 | 000,001,037 | ---- | C] () -- C:\Users\Public\Desktop\FastStone Capture.lnk
[2014.07.20 21:29:27 | 002,966,142 | ---- | C] () -- C:\Users\Matěj\Desktop\FSCaptureSetup78.exe
[2014.07.20 21:22:41 | 001,496,172 | ---- | C] () -- C:\Users\Matěj\Desktop\CrystalDiskInfo5_0_0.zip
[2014.07.20 20:44:23 | 001,107,968 | ---- | C] () -- C:\Users\Matěj\Desktop\RSIT.exe
[2014.07.20 12:40:03 | 001,354,223 | ---- | C] () -- C:\Users\Matěj\Desktop\adwcleaner_3.216.exe
[2014.07.20 00:17:57 | 000,001,139 | ---- | C] () -- C:\Users\Matěj\Desktop\AVG PC Tuneup 2011.lnk
[2014.07.19 19:47:50 | 000,002,079 | ---- | C] () -- C:\Users\Matěj\Desktop\Pink Panther.lnk
[2014.07.19 16:17:58 | 000,001,037 | ---- | C] () -- C:\Users\Public\Desktop\Project Snowblind.lnk
[2014.07.19 06:01:31 | 000,000,874 | ---- | C] () -- C:\Users\Matěj\Desktop\BitTorrent.lnk
[2014.07.18 22:35:45 | 000,000,631 | ---- | C] () -- C:\Users\Public\Desktop\Deer Avenger 4.lnk
[2014.07.18 17:56:47 | 000,001,900 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2014.07.18 12:40:40 | 000,002,180 | ---- | C] () -- C:\Users\Public\Desktop\Duke Nukem - Manhattan Project.lnk
[2014.07.16 19:48:47 | 000,007,605 | ---- | C] () -- C:\Users\Matěj\AppData\Local\resmon.resmoncfg
[2014.07.16 19:48:36 | 001,052,672 | ---- | C] () -- C:\Users\Matěj\Documents\Q.evtx
[2014.07.16 17:39:26 | 000,001,397 | ---- | C] () -- C:\Users\Matěj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014.07.15 20:36:43 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014.01.28 20:19:04 | 000,482,408 | ---- | C] () -- C:\Windows\ssndii.exe
[2014.01.28 20:18:33 | 000,113,768 | ---- | C] () -- C:\Windows\Wiainst.exe
[2014.01.28 20:17:56 | 000,217,088 | ---- | C] () -- C:\Windows\System32\ssminidriver.dll
[2014.01.28 20:17:56 | 000,027,136 | ---- | C] () -- C:\Windows\System32\ssimgfilter.dll
[2014.01.28 20:17:56 | 000,011,264 | ---- | C] () -- C:\Windows\System32\sssegfilter.dll
[2014.01.28 20:17:56 | 000,010,752 | ---- | C] () -- C:\Windows\System32\sserrhandler.dll
[2014.01.28 20:17:54 | 000,022,723 | ---- | C] () -- C:\Windows\System32\sss1ml3.dll
[2014.01.27 12:15:41 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2014.01.27 11:32:36 | 000,107,276 | ---- | C] () -- C:\Windows\System32\drivers\RtConvEQ.DAT
[2014.01.27 11:32:36 | 000,000,632 | ---- | C] () -- C:\Windows\System32\drivers\RtHdatEx.dat
[2014.01.27 11:32:36 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX2.dat
[2014.01.27 11:32:36 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2014.01.27 11:32:36 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2014.01.27 11:32:36 | 000,000,016 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2014.01.27 11:31:01 | 000,000,000 | ---- | C] () -- C:\Windows\Setup.INI
[2013.04.30 04:30:54 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2013.04.30 04:30:54 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2013.04.30 00:36:28 | 000,159,232 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2013.02.23 06:46:33 | 000,000,712 | ---- | C] () -- C:\Windows\System32\RTSLCS.dll
========== ZeroAccess Check ==========
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.03.25 04:18:50 | 012,877,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013.02.23 06:04:20 | 000,636,928 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2013.02.23 06:04:19 | 000,351,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2014.07.20 01:21:07 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\AVG
[2014.07.19 09:17:01 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\BitTorrent
[2014.07.19 08:18:21 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\DAEMON Tools Lite
[2014.07.16 20:24:03 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\FLV and Media Player
[2014.07.19 03:58:23 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\library_dir
[2014.07.19 04:03:42 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\Raptr
[2014.07.15 20:42:17 | 000,000,000 | ---D | M] -- C:\Users\uživatel\AppData\Roaming\BitTorrent
[2014.05.22 18:14:29 | 000,000,000 | ---D | M] -- C:\Users\uživatel\AppData\Roaming\FLV and Media Player
[2014.03.09 07:29:37 | 000,000,000 | ---D | M] -- C:\Users\uživatel\AppData\Roaming\Garmin
[2014.03.06 09:11:04 | 000,000,000 | ---D | M] -- C:\Users\uživatel\AppData\Roaming\Nokia
[2014.05.01 06:14:08 | 000,000,000 | ---D | M] -- C:\Users\uživatel\AppData\Roaming\Oracle
[2014.03.06 22:40:27 | 000,000,000 | ---D | M] -- C:\Users\uživatel\AppData\Roaming\PC Suite
[2014.01.28 23:30:18 | 000,000,000 | ---D | M] -- C:\Users\uživatel\AppData\Roaming\PDF Writer
[2014.04.29 17:22:22 | 000,000,000 | ---D | M] -- C:\Users\uživatel\AppData\Roaming\SmartDraw
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 06:53:46 | 000,026,824 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2014.01.27 11:35:15 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014.01.28 17:13:19 | 000,000,940 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.01.28 17:13:20 | 000,000,944 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< >
< MD5 for: AGP440.SYS >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_0df88df672b38012\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_302c3064e8a4daa5\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_7f45ba754b7ae099\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17686_none_bbd0aa2d1d29e5f1\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.21772_none_bc6115bc3643046e\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.21812_none_bca1f72a361259ef\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 23:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 23:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010.11.20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2013.02.23 06:22:11 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2013.02.23 06:23:27 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2013.02.23 06:23:27 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2013.05.10 06:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013.05.13 06:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013.07.09 15:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013.07.09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2013.02.23 06:22:11 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2010.11.20 23:29:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013.05.11 06:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2013.05.10 07:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2013.10.05 03:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\System32\cryptsvc.dll
[2013.10.05 03:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2012.01.11 16:24:39 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2010.11.20 23:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2012.01.11 16:24:39 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2012.01.11 16:24:39 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.20 23:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2012.01.11 19:54:53 | 000,194,416 | ---- | M] (Microsoft Corporation) MD5=1E5B1D91DAE34315C747FF9855AD2C7E -- C:\Windows\System32\hal.dll
[2012.01.11 19:54:53 | 000,194,416 | ---- | M] (Microsoft Corporation) MD5=1E5B1D91DAE34315C747FF9855AD2C7E -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.21855_none_ad8fbdc0d1297393\hal.dll
< MD5 for: IASTORV.SYS >
[2012.01.11 15:18:57 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2012.01.11 15:18:57 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2012.01.11 15:18:57 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2012.01.11 15:18:57 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2010.11.20 23:29:03 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 23:29:03 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\drivers\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_0df88df672b38012\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_302c3064e8a4daa5\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_7f45ba754b7ae099\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17686_none_bbd0aa2d1d29e5f1\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.21772_none_bc6115bc3643046e\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.21812_none_bca1f72a361259ef\isapnp.sys
< MD5 for: LSASS.EXE >
[2014.05.30 09:34:43 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=0421593A1955FE63245B700560B44600 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22705_none_a8e74cccd4220539\lsass.exe
[2014.05.30 09:52:03 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=213601D688579B98F576BA7CA88496DE -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18489_none_a80b2dfdbb41b005\lsass.exe
[2012.01.11 17:03:29 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=3ABDB971E97A59E6749B160E17335D7A -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21728_none_a8d4c49ad42f6f7f\lsass.exe
[2013.09.25 02:54:21 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=559C7769B397F07E12725EE55337D4C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22465_none_a8a66792d452b56a\lsass.exe
[2014.04.12 04:06:16 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=627B40EB2595D8FCF1960F33389EB7D3 -- C:\Windows\System32\lsass.exe
[2014.04.12 04:06:16 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=627B40EB2595D8FCF1960F33389EB7D3 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22653_none_a8af3ab6d44c6119\lsass.exe
[2014.04.12 04:06:16 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=627B40EB2595D8FCF1960F33389EB7D3 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22712_none_a8d97c02d42cd525\lsass.exe
[2013.02.23 06:37:02 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=71034B08A78EA24ACE92736EC56FE6DE -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22119_none_a8e072a4d426979c\lsass.exe
[2013.09.25 02:49:20 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=803B370865D907EA21DC0C2B6A8936B5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18270_none_a80cf783bb41b5b7\lsass.exe
[2013.02.23 06:11:55 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\lsass.exe
[2013.02.23 06:11:55 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_a828bb43bb2beb28\lsass.exe
[2014.04.12 04:11:22 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=DD17E1573651293D4ED31053795B3471 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18443_none_a8306bf1bb26a837\lsass.exe
[2014.04.12 04:11:22 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=DD17E1573651293D4ED31053795B3471 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18496_none_a7fd5d33bb4c7ff1\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe
[2013.02.23 06:19:13 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FA7B950E4CA6AA260C4EABA19E03644D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_a8d76e24d42eb666\lsass.exe
[2013.02.23 06:11:54 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FBCB2DFA40862DAA7B1534C9538208A5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\lsass.exe
< MD5 for: NDIS.SYS >
[2013.02.23 06:28:13 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=15B74B6283CEBCCE3054C1001CA01B5E -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_aa0491cf93ad1c31\ndis.sys
[2012.01.11 19:21:37 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=59CB432AFBB2340122B7F84A21AC86AD -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.21849_none_aa3cc7f7938292c1\ndis.sys
[2013.02.23 06:28:14 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=8C9C922D71F1CD4DEF73F186416B7896 -- C:\Windows\System32\drivers\ndis.sys
[2013.02.23 06:28:14 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=8C9C922D71F1CD4DEF73F186416B7896 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_a9bdfee47a5cd154\ndis.sys
[2012.01.11 19:21:38 | 000,712,560 | ---- | M] (Microsoft Corporation) MD5=C339D6BDE0FA22BA79398FF743866DB2 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17715_none_a9cf99c87a5039c8\ndis.sys
[2010.11.20 23:29:12 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys
< MD5 for: NETLOGON.DLL >
[2012.01.11 18:01:36 | 000,564,224 | ---- | M] (Microsoft Corporation) MD5=AED7E9BBC2E7DE2F67C0BE054794F0ED -- C:\Windows\System32\netlogon.dll
[2012.01.11 18:01:36 | 000,564,224 | ---- | M] (Microsoft Corporation) MD5=AED7E9BBC2E7DE2F67C0BE054794F0ED -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.21813_none_0047c17baf5a8223\netlogon.dll
[2010.11.20 23:29:12 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
< MD5 for: NVRAID.SYS >
[2010.11.20 23:29:03 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 23:29:03 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvraid.sys
[2012.01.11 15:18:57 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\System32\drivers\nvraid.sys
[2012.01.11 15:18:57 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvraid.sys
[2012.01.11 15:18:57 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvraid.sys
[2012.01.11 15:18:56 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=E3B840350A72CA6F39BD2BEF85A2BCFB -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2012.01.11 15:18:56 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2012.01.11 15:18:56 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2012.01.11 15:18:56 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2012.01.11 15:18:56 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2010.11.20 23:29:03 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 23:29:03 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
< MD5 for: SCECLI.DLL >
[2010.11.20 23:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 23:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: SMSS.EXE >
[2009.07.14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe
[2014.01.27 11:49:59 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=D2A72C71CD6C18A99E920EC5761F0C7D -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_aeb7f4db909fe272\smss.exe
[2014.04.12 04:06:24 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=D8A5E3B8EB601B897AC78B060177E460 -- C:\Windows\System32\smss.exe
[2014.04.12 04:06:24 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=D8A5E3B8EB601B897AC78B060177E460 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22653_none_ae9f57f190b2c89d\smss.exe
[2014.01.27 11:49:59 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=DE91DCC7BC55E940979097E98F743205 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_ae40f33e7774c473\smss.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012.01.11 16:19:52 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=A91A288C91F9D9F1CFA4FAA9893C4D55 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.21671_none_b8087ff17ce0d25b\svchost.exe
[2012.01.11 16:19:52 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=ECDB182F885292145826C58252B53000 -- C:\Windows\System32\svchost.exe
[2012.01.11 16:19:52 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=ECDB182F885292145826C58252B53000 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.17568_none_b790b51863b4c801\svchost.exe
< MD5 for: TCPIP.SYS >
[2013.02.23 06:31:52 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2010.11.20 23:29:20 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2013.02.23 06:41:50 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2012.01.11 15:45:42 | 001,299,328 | ---- | M] (Microsoft Corporation) MD5=4AA93F6ACA15ABCDA686FE3D8A008298 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21645_none_b58fa98edddd66f5\tcpip.sys
[2014.04.05 04:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_b513c4dfc4b513b9\tcpip.sys
[2014.01.27 11:49:38 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=6C4F3D92764FFA22D28061A4D9235446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys
[2013.02.23 06:41:51 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2013.02.23 06:31:52 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2014.01.27 11:49:38 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2012.01.11 17:15:43 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=CE197C5A444941CE0BD6A4713C70948D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21855_none_b584dd6edde57d34\tcpip.sys
[2013.02.23 06:34:45 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2013.11.26 13:07:37 | 001,309,632 | ---- | M] (Microsoft Corporation) MD5=DC08335B30D83FB61E9EFE6FDD09D40D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_b5a530b8ddcd4b8d\tcpip.sys
[2012.01.11 15:37:56 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=DEB39B9561044164A1F40449CE95F361 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21789_none_b5686cecddfa393c\tcpip.sys
[2013.02.23 06:34:45 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2014.04.05 04:16:21 | 001,310,144 | ---- | M] (Microsoft Corporation) MD5=EA47AB18E289333AB94397D77CA6E3A1 -- C:\Windows\System32\drivers\tcpip.sys
[2014.04.05 04:16:21 | 001,310,144 | ---- | M] (Microsoft Corporation) MD5=EA47AB18E289333AB94397D77CA6E3A1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_b59293a4dddacc9b\tcpip.sys
[2012.01.11 16:48:04 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=F99E3D57EE87286AE9BFAFC157F53616 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21732_none_b5977a82ddd7fc26\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 23:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 23:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 23:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2012.01.11 18:55:15 | 000,287,232 | ---- | M] (Microsoft Corporation) MD5=7295110E1BF93885D29480D29D967E0F -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.21820_none_72453a854c5ce5ad\winlogon.exe
[2014.03.04 11:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_71da23b23327143c\winlogon.exe
[2014.03.04 12:39:02 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=D53972F87D850CD2EB4B29B60CAFDD77 -- C:\Windows\System32\winlogon.exe
[2014.03.04 12:39:02 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=D53972F87D850CD2EB4B29B60CAFDD77 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_7255f1994c4f8119\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010.11.20 23:29:06 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\System32\ws2_32.dll
[2010.11.20 23:29:06 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[9 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2014.07.16 17:39:28 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\Adobe
[2014.07.16 17:41:58 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\ATI
[2014.07.20 01:21:07 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\AVG
[2014.07.19 09:17:01 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\BitTorrent
[2014.07.19 08:18:21 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\DAEMON Tools Lite
[2014.07.20 21:31:16 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\FastStone
[2014.07.16 20:24:03 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\FLV and Media Player
[2014.07.16 17:40:51 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\Identities
[2014.07.19 03:58:23 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\library_dir
[2011.04.12 03:46:30 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\Media Center Programs
[2014.07.19 07:47:57 | 000,000,000 | --SD | M] -- C:\Users\Matěj\AppData\Roaming\Microsoft
[2014.07.19 04:03:42 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\Raptr
[2014.07.16 20:17:13 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2014.07.19 06:01:31 | 001,913,432 | ---- | M] (BitTorrent Inc.) -- C:\Users\Matěj\AppData\Roaming\BitTorrent\BitTorrent.exe
[2014.07.19 06:01:31 | 001,913,432 | ---- | M] (BitTorrent Inc.) -- C:\Users\Matěj\AppData\Roaming\BitTorrent\updates\7.9.2_32355.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
[2014.07.18 17:40:54 | 000,243,128 | ---- | M] (Disc Soft Ltd) -- C:\Windows\system32\drivers\dtsoftbus01.sys
< %systemroot%\system32\*.* /3 >
[2014.07.20 21:19:07 | 000,021,504 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.07.20 21:19:07 | 000,021,504 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.07.18 18:09:19 | 000,141,004 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2014.07.18 18:09:19 | 000,121,596 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2014.07.18 18:09:19 | 000,668,376 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2014.07.18 18:09:19 | 000,653,724 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2014.07.18 18:09:19 | 001,582,262 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Matěj\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1013,42 Mb Total Physical Memory | 216,84 Mb Available Physical Memory | 21,40% Memory free
1,99 Gb Paging File | 0,74 Gb Available in Paging File | 37,23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 297,99 Gb Total Space | 186,58 Gb Free Space | 62,61% Space Free | Partition Type: NTFS
Computer Name: UŽIVATEL-PC | User Name: Matěj | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014.07.20 21:58:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Matěj\Desktop\OTL.exe
PRC - [2014.07.15 11:24:50 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014.04.11 19:45:50 | 001,764,992 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2014.04.11 19:45:42 | 001,390,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014.03.11 10:13:24 | 000,279,776 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2014.03.11 10:13:24 | 000,022,216 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2014.03.11 10:13:14 | 000,951,576 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2013.02.23 06:40:27 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012.01.11 16:24:39 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.08.21 05:57:12 | 000,614,400 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe
PRC - [2008.09.29 01:18:46 | 000,495,616 | ---- | M] () -- C:\Windows\twain_32\Samsung\SCX4x24\Scan2Pc.exe
========== Modules (No Company Name) ==========
MOD - [2014.07.15 11:24:48 | 000,353,096 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.125\ppgooglenaclpluginchrome.dll
MOD - [2014.07.15 11:24:46 | 014,664,008 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll
MOD - [2014.07.15 11:24:44 | 008,537,928 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.125\pdf.dll
MOD - [2014.07.15 11:24:35 | 001,732,936 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
MOD - [2014.05.26 19:04:32 | 011,926,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\e26d20d803045f9826c9db3a5428a674\System.Web.ni.dll
MOD - [2014.05.26 19:03:14 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\f183e093a6fe96848f97b54861cb5cfe\System.Runtime.Remoting.ni.dll
MOD - [2014.02.13 08:36:52 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\5bbfddda63a1283dc40775a10a655b76\WindowsFormsIntegration.ni.dll
MOD - [2014.02.13 07:30:23 | 002,297,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\7ca198ce0678a1feb62b2fdfb60c7cec\System.Core.ni.dll
MOD - [2014.02.13 07:22:58 | 000,226,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\b20c23a647b2b1ee8623cb17bc1aa2f8\PresentationFramework.Classic.ni.dll
MOD - [2014.02.13 07:22:05 | 014,344,192 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\76d1e682a5b80792cd0f104dc4867aa2\PresentationFramework.ni.dll
MOD - [2014.02.13 07:21:39 | 012,435,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\9dffc88a612a54345330f4fd5a163526\System.Windows.Forms.ni.dll
MOD - [2014.02.13 07:21:27 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d0bb6fcf40879c657531f019c9d4143e\System.Drawing.ni.dll
MOD - [2014.02.13 07:21:23 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\1e7316a2dff07b9907b0b48782a0f138\UIAutomationProvider.ni.dll
MOD - [2014.02.13 07:21:22 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\fb79719caeeefd68b1a09acdd2809234\Accessibility.ni.dll
MOD - [2014.02.13 07:21:21 | 012,239,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\915fa0b4ddf5538ba94b71f0523430d4\PresentationCore.ni.dll
MOD - [2014.02.13 07:21:04 | 003,349,504 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\6bed28b51eb4520f4cd0f26d097da8dc\WindowsBase.ni.dll
MOD - [2014.02.13 07:20:54 | 005,463,552 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cebf414a03abb5c514d6ac94c5c5d2bb\System.Xml.ni.dll
MOD - [2014.02.13 07:20:48 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\88ed0292613452dff93b0f6d87a0df15\System.Configuration.ni.dll
MOD - [2014.02.13 07:20:46 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\d51a4cd53e9ab1a925cad78fd62c984f\System.ni.dll
MOD - [2014.02.13 07:20:34 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\83ca3470d7ffd45618c0bfbbd0ba5fb3\mscorlib.ni.dll
MOD - [2014.02.10 13:44:24 | 004,592,128 | ---- | M] () -- C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libGLESv2.dll
MOD - [2014.02.10 13:44:24 | 000,112,128 | ---- | M] () -- C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libEGL.dll
MOD - [2014.01.28 18:51:36 | 008,007,680 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2013.06.18 16:49:28 | 000,016,384 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2013.04.30 00:08:08 | 000,369,152 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2012.01.11 16:26:46 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_cs_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2012.01.11 16:26:46 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2011.04.12 03:36:58 | 000,237,568 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_cs_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2011.04.12 03:36:58 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_cs_31bf3856ad364e35\PresentationCore.resources.dll
MOD - [2011.04.12 03:36:58 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Core.resources\3.5.0.0_cs_b77a5c561934e089\System.Core.resources.dll
MOD - [2011.04.12 03:36:50 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_cs_b77a5c561934e089\System.resources.dll
MOD - [2009.08.21 05:57:12 | 000,614,400 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe
MOD - [2008.09.29 01:18:46 | 000,495,616 | ---- | M] () -- C:\Windows\twain_32\Samsung\SCX4x24\Scan2Pc.exe
MOD - [2008.09.11 05:57:46 | 000,367,104 | ---- | M] () -- C:\Windows\twain_32\Samsung\SCX4x24\NetModule.dll
MOD - [2008.09.11 05:57:44 | 000,155,648 | ---- | M] () -- C:\Windows\twain_32\Samsung\SCX4x24\IMFilter.dll
MOD - [2008.05.29 11:10:48 | 001,384,520 | ---- | M] () -- C:\Windows\twain_32\Samsung\SCX4x24\SSOle.dll
========== Services (SafeList) ==========
SRV - [2014.06.19 01:23:24 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014.05.22 18:14:04 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.04.11 19:45:50 | 001,764,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014.04.11 19:45:42 | 001,390,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014.03.11 10:13:24 | 000,279,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2014.03.11 10:13:24 | 000,022,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2014.01.28 21:35:22 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.10.23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.05.27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.04.30 05:52:26 | 000,217,088 | ---- | M] (AMD) [Disabled | Stopped] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2013.04.30 00:24:04 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Disabled | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2012.06.11 12:33:26 | 000,724,376 | ---- | M] (Nokia) [Disabled | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.07.20 12:51:52 | 000,935,208 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D97F4FE7-1DDA-4857-A29A-4B35810A24C8}\MpKslda1d1e53.sys -- (MpKslda1d1e53)
DRV - File not found [File_System | On_Demand | Stopped] -- C:\Windows\system32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)
DRV - [2014.07.18 17:40:54 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2014.03.11 09:52:30 | 000,104,264 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2013.04.30 06:14:44 | 010,070,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2013.04.30 06:14:44 | 010,070,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2013.04.30 04:47:52 | 000,290,304 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2012.06.11 12:33:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012.05.14 08:12:28 | 000,086,656 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2012.01.09 18:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012.01.09 18:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012.01.09 18:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2012.01.09 18:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.11.20 23:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 23:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 23:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010.11.20 23:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 23:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 23:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 23:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010.11.20 23:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 23:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.02.18 10:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2010.01.20 06:14:42 | 000,023,136 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV - [2009.12.14 12:44:42 | 001,245,696 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008.04.29 02:54:58 | 000,054,784 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\enecir.sys -- (enecir)
DRV - [2008.02.27 20:36:02 | 000,141,408 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2007.12.11 22:47:08 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2007.12.11 06:47:06 | 000,041,984 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\DGIVECP.SYS -- (DgiVecp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.bing.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.bing.com
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.bing.com
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2962489488-1740152995-2069433674-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.bing.com
IE - HKU\S-1-5-21-2962489488-1740152995-2069433674-1004\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2962489488-1740152995-2069433674-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-2962489488-1740152995-2069433674-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.65.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.65.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage:
CHR - plugin: Error reading preferences file
CHR - Extension: Dokumenty Google = C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Disk Google = C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.3_0\
CHR - Extension: VyhledávánĂ Google = C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Lookup Companion for Wikipedia = C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhgpkiiipkgmckicafkhcihkcldbdeej\1.9.0_0\
CHR - Extension: Adblock Pro = C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbgcnjkhhefobgkhmaeojefkciblgaml\1.0_0\
CHR - Extension: AdBlock = C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.7_0\
CHR - Extension: Skype Click to Call = C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.2.15747.10003_0\
CHR - Extension: Peněženka Google = C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Matěj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [4x24 Scan2PC] C:\Windows\twain_32\Samsung\SCX4x24\Scan2Pc.exe ()
O4 - HKLM..\Run: [AMD AVT] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NSU_agent] C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe ()
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-2962489488-1740152995-2069433674-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{85AE3507-76D8-4081-A415-80CF6FDBA868}: DhcpNameServer = 192.168.1.254 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A85F59E5-0169-46EE-B947-B990C36754E3}: DhcpNameServer = 192.168.1.254 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E118D8FD-6D5D-437A-A3A8-A3A32DCB8670}: DhcpNameServer = 192.168.1.254 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FEFA9982-CEE6-4845-89D4-24D0388231C7}: DhcpNameServer = 192.168.1.254 8.8.8.8
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{9ce795f7-0dc8-11e4-88cb-60eb69d71ea7}\Shell - "" = AutoRun
O33 - MountPoints2\{9ce795f7-0dc8-11e4-88cb-60eb69d71ea7}\Shell\AutoRun\command - "" = F:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014.07.20 21:58:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Matěj\Desktop\OTL.exe
[2014.07.20 21:31:16 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Roaming\FastStone
[2014.07.20 21:31:16 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Local\FastStone
[2014.07.20 21:30:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Capture
[2014.07.20 21:30:42 | 000,000,000 | ---D | C] -- C:\Program Files\FastStone Capture
[2014.07.20 21:26:22 | 000,000,000 | ---D | C] -- C:\Users\Matěj\Desktop\Nová složka
[2014.07.20 14:29:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014.07.20 14:29:32 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Local\Programs
[2014.07.20 14:25:51 | 017,292,760 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Matěj\Desktop\mbam-setup-2.0.2.1012.exe
[2014.07.20 12:43:56 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\System32\sqlite3.dll
[2014.07.20 12:41:24 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.07.20 00:21:15 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Roaming\AVG
[2014.07.20 00:20:58 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2014.07.20 00:17:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC Tuneup 2011
[2014.07.20 00:15:51 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2014.07.19 22:20:20 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Local\24031
[2014.07.19 19:47:49 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wanadoo Edition
[2014.07.19 19:15:46 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.07.19 19:15:45 | 000,000,000 | ---D | C] -- C:\rsit
[2014.07.19 16:21:12 | 000,000,000 | ---D | C] -- C:\Users\Matěj\Documents\Project Snowblind
[2014.07.19 16:17:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eidos
[2014.07.19 16:15:10 | 000,000,000 | ---D | C] -- C:\Program Files\Project Snowblind
[2014.07.19 15:59:15 | 000,000,000 | ---D | C] -- C:\Users\Matěj\Desktop\Project.Snowblind-HOODLUM
[2014.07.19 08:29:09 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014.07.19 05:59:48 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Roaming\BitTorrent
[2014.07.19 03:59:44 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
[2014.07.19 03:58:23 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Roaming\library_dir
[2014.07.19 03:56:07 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Roaming\Raptr
[2014.07.19 03:56:06 | 000,000,000 | ---D | C] -- C:\Program Files\Raptr
[2014.07.19 03:48:45 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\AppData\Local\EmieUserList
[2014.07.19 03:48:45 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\AppData\Local\EmieSiteList
[2014.07.18 22:35:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deer Avenger 4
[2014.07.18 22:34:14 | 000,000,000 | ---D | C] -- C:\Deer Avenger 4
[2014.07.18 18:00:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wanadoo Edition
[2014.07.18 18:00:51 | 000,000,000 | ---D | C] -- C:\Program Files\directx
[2014.07.18 17:59:51 | 000,000,000 | ---D | C] -- C:\Program Files\Wanadoo Edition
[2014.07.18 17:43:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2014.07.18 17:40:53 | 000,243,128 | ---- | C] (Disc Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2014.07.18 17:40:36 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Roaming\DAEMON Tools Lite
[2014.07.18 17:40:06 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2014.07.18 17:38:05 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2014.07.18 14:28:26 | 000,000,000 | ---D | C] -- C:\Users\Matěj\Desktop\Captain°°Claw°°(2002)
[2014.07.18 12:40:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
[2014.07.18 12:39:13 | 000,000,000 | ---D | C] -- C:\Program Files\GOG.com
[2014.07.18 12:37:02 | 000,000,000 | ---D | C] -- C:\Users\Matěj\Desktop\Duke Nukem Manhattan Project
[2014.07.17 17:36:01 | 000,000,000 | ---D | C] -- C:\Users\Matěj\Documents\Euro Truck Simulator 2
[2014.07.17 16:31:07 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2014.07.16 23:24:19 | 000,000,000 | ---D | C] -- C:\Users\Matěj\Desktop\RYTMUS - BENGORO
[2014.07.16 20:18:20 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Roaming\FLV and Media Player
[2014.07.16 20:17:30 | 000,000,000 | ---D | C] -- C:\Users\Matěj\Desktop\EKTOR & DJ WICH - TETRIS (2013)
[2014.07.16 20:17:11 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Roaming\WinRAR
[2014.07.16 17:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2014.07.16 17:52:21 | 000,272,808 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2014.07.16 17:51:51 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2014.07.16 17:51:51 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2014.07.16 17:51:51 | 000,096,680 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2014.07.16 17:51:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014.07.16 17:42:09 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Local\S2PC
[2014.07.16 17:41:58 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Roaming\ATI
[2014.07.16 17:41:58 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Local\ATI
[2014.07.16 17:41:18 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Local\Google
[2014.07.16 17:41:12 | 000,000,000 | R--D | C] -- C:\Users\Matěj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014.07.16 17:41:12 | 000,000,000 | R--D | C] -- C:\Users\Matěj\Searches
[2014.07.16 17:41:12 | 000,000,000 | R--D | C] -- C:\Users\Matěj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014.07.16 17:40:51 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Roaming\Identities
[2014.07.16 17:40:02 | 000,000,000 | R--D | C] -- C:\Users\Matěj\Contacts
[2014.07.16 17:39:28 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Roaming\Adobe
[2014.07.16 17:39:09 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Local\VirtualStore
[2014.07.16 17:38:59 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\AppData\Local\Temporary Internet Files
[2014.07.16 17:38:59 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\Šablony
[2014.07.16 17:38:59 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\Soubory cookie
[2014.07.16 17:38:59 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\SendTo
[2014.07.16 17:38:59 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\Poslední
[2014.07.16 17:38:59 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\Okolní tiskárny
[2014.07.16 17:38:59 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\Okolní síť
[2014.07.16 17:38:59 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\Documents\Obrázky
[2014.07.16 17:38:59 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\Nabídka Start
[2014.07.16 17:38:59 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\Local Settings
[2014.07.16 17:38:59 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\Documents\Hudba
[2014.07.16 17:38:59 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\AppData\Local\History
[2014.07.16 17:38:59 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\Documents\Filmy
[2014.07.16 17:38:59 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\Dokumenty
[2014.07.16 17:38:59 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\Data aplikací
[2014.07.16 17:38:59 | 000,000,000 | -HSD | C] -- C:\Users\Matěj\AppData\Local\Data aplikací
[2014.07.16 17:38:56 | 000,000,000 | --SD | C] -- C:\Users\Matěj\AppData\Roaming\Microsoft
[2014.07.16 17:38:56 | 000,000,000 | R--D | C] -- C:\Users\Matěj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014.07.16 17:38:56 | 000,000,000 | R--D | C] -- C:\Users\Matěj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014.07.16 17:38:56 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Local\Temp
[2014.07.16 17:38:56 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Local\Microsoft Help
[2014.07.16 17:38:56 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Local\Microsoft
[2014.07.16 17:38:56 | 000,000,000 | ---D | C] -- C:\Users\Matěj\AppData\Roaming\Media Center Programs
[2014.07.16 17:38:55 | 000,000,000 | R--D | C] -- C:\Users\Matěj\Videos
[2014.07.16 17:38:55 | 000,000,000 | R--D | C] -- C:\Users\Matěj\Saved Games
[2014.07.16 17:38:55 | 000,000,000 | R--D | C] -- C:\Users\Matěj\Pictures
[2014.07.16 17:38:55 | 000,000,000 | R--D | C] -- C:\Users\Matěj\Music
[2014.07.16 17:38:55 | 000,000,000 | R--D | C] -- C:\Users\Matěj\Links
[2014.07.16 17:38:55 | 000,000,000 | R--D | C] -- C:\Users\Matěj\Favorites
[2014.07.16 17:38:55 | 000,000,000 | R--D | C] -- C:\Users\Matěj\Downloads
[2014.07.16 17:38:55 | 000,000,000 | R--D | C] -- C:\Users\Matěj\Documents
[2014.07.16 17:38:55 | 000,000,000 | R--D | C] -- C:\Users\Matěj\Desktop
[2014.07.16 17:38:55 | 000,000,000 | -H-D | C] -- C:\Users\Matěj\AppData
[2014.07.15 21:22:27 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2014.07.15 21:22:26 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014.07.15 21:22:26 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014.07.15 21:22:22 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2014.07.15 21:22:21 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014.07.15 21:22:18 | 000,240,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014.07.15 21:22:18 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014.07.15 21:22:18 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014.07.15 21:22:16 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014.07.15 21:22:16 | 000,367,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014.07.15 21:22:15 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014.07.15 21:22:14 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014.07.15 21:22:11 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014.07.15 21:22:10 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014.07.15 21:22:09 | 000,595,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014.07.15 21:22:08 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014.07.15 21:22:06 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014.07.15 21:22:02 | 000,239,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014.07.15 21:21:59 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014.07.15 21:21:53 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2014.07.15 21:21:51 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2014.07.15 21:21:41 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014.07.15 21:21:29 | 004,254,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014.07.15 21:21:14 | 002,350,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2014.07.15 21:21:12 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
[2014.07.15 21:20:09 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2014.07.15 20:58:49 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2014.07.15 20:58:43 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2014.07.15 20:49:27 | 000,000,000 | ---D | C] -- C:\70aecd3afafc04fb51
[2014.07.15 20:36:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014.07.15 20:36:22 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014.06.28 21:25:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2014.06.28 20:40:43 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
[2014.06.28 20:40:43 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2014.06.28 20:40:36 | 000,187,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2014.06.28 20:40:35 | 000,240,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[4 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014.07.20 22:21:43 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.07.20 21:58:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Matěj\Desktop\OTL.exe
[2014.07.20 21:58:04 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.07.20 21:35:45 | 000,469,921 | ---- | M] () -- C:\Users\Matěj\Desktop\2014-07-20_213145.png
[2014.07.20 21:33:02 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.07.20 21:30:52 | 000,001,037 | ---- | M] () -- C:\Users\Public\Desktop\FastStone Capture.lnk
[2014.07.20 21:30:20 | 002,966,142 | ---- | M] () -- C:\Users\Matěj\Desktop\FSCaptureSetup78.exe
[2014.07.20 21:23:10 | 001,496,172 | ---- | M] () -- C:\Users\Matěj\Desktop\CrystalDiskInfo5_0_0.zip
[2014.07.20 21:19:07 | 000,021,504 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.07.20 21:19:07 | 000,021,504 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.07.20 21:11:20 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.07.20 21:11:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.07.20 21:11:00 | 796,987,392 | -HS- | M] () -- C:\hiberfil.sys
[2014.07.20 20:44:28 | 001,107,968 | ---- | M] () -- C:\Users\Matěj\Desktop\RSIT.exe
[2014.07.20 14:29:00 | 017,292,760 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Matěj\Desktop\mbam-setup-2.0.2.1012.exe
[2014.07.20 12:40:29 | 001,354,223 | ---- | M] () -- C:\Users\Matěj\Desktop\adwcleaner_3.216.exe
[2014.07.20 00:17:57 | 000,001,139 | ---- | M] () -- C:\Users\Matěj\Desktop\AVG PC Tuneup 2011.lnk
[2014.07.19 19:47:50 | 000,002,079 | ---- | M] () -- C:\Users\Matěj\Desktop\Pink Panther.lnk
[2014.07.19 16:17:58 | 000,001,037 | ---- | M] () -- C:\Users\Public\Desktop\Project Snowblind.lnk
[2014.07.19 06:01:31 | 000,000,874 | ---- | M] () -- C:\Users\Matěj\Desktop\BitTorrent.lnk
[2014.07.19 04:35:58 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.07.18 22:35:46 | 000,000,631 | ---- | M] () -- C:\Users\Public\Desktop\Deer Avenger 4.lnk
[2014.07.18 18:09:19 | 000,668,376 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2014.07.18 18:09:19 | 000,653,724 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014.07.18 18:09:19 | 000,141,004 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2014.07.18 18:09:19 | 000,121,596 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014.07.18 17:56:47 | 000,001,900 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2014.07.18 17:40:54 | 000,243,128 | ---- | M] (Disc Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2014.07.18 12:40:40 | 000,002,180 | ---- | M] () -- C:\Users\Public\Desktop\Duke Nukem - Manhattan Project.lnk
[2014.07.16 19:49:59 | 000,007,605 | ---- | M] () -- C:\Users\Matěj\AppData\Local\resmon.resmoncfg
[2014.07.16 19:48:37 | 001,052,672 | ---- | M] () -- C:\Users\Matěj\Documents\Q.evtx
[2014.07.16 12:46:07 | 000,431,680 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014.07.15 20:36:43 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014.07.11 03:02:10 | 000,096,680 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2014.07.11 02:56:08 | 000,272,808 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2014.07.11 02:56:01 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2014.07.11 02:55:32 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2014.06.30 03:40:16 | 000,404,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2014.06.30 03:36:00 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2014.06.28 21:12:40 | 000,013,778 | ---- | M] () -- C:\Windows\System32\results.xml
[4 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014.07.20 22:08:18 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.07.20 21:31:57 | 000,469,921 | ---- | C] () -- C:\Users\Matěj\Desktop\2014-07-20_213145.png
[2014.07.20 21:30:52 | 000,001,037 | ---- | C] () -- C:\Users\Public\Desktop\FastStone Capture.lnk
[2014.07.20 21:29:27 | 002,966,142 | ---- | C] () -- C:\Users\Matěj\Desktop\FSCaptureSetup78.exe
[2014.07.20 21:22:41 | 001,496,172 | ---- | C] () -- C:\Users\Matěj\Desktop\CrystalDiskInfo5_0_0.zip
[2014.07.20 20:44:23 | 001,107,968 | ---- | C] () -- C:\Users\Matěj\Desktop\RSIT.exe
[2014.07.20 12:40:03 | 001,354,223 | ---- | C] () -- C:\Users\Matěj\Desktop\adwcleaner_3.216.exe
[2014.07.20 00:17:57 | 000,001,139 | ---- | C] () -- C:\Users\Matěj\Desktop\AVG PC Tuneup 2011.lnk
[2014.07.19 19:47:50 | 000,002,079 | ---- | C] () -- C:\Users\Matěj\Desktop\Pink Panther.lnk
[2014.07.19 16:17:58 | 000,001,037 | ---- | C] () -- C:\Users\Public\Desktop\Project Snowblind.lnk
[2014.07.19 06:01:31 | 000,000,874 | ---- | C] () -- C:\Users\Matěj\Desktop\BitTorrent.lnk
[2014.07.18 22:35:45 | 000,000,631 | ---- | C] () -- C:\Users\Public\Desktop\Deer Avenger 4.lnk
[2014.07.18 17:56:47 | 000,001,900 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2014.07.18 12:40:40 | 000,002,180 | ---- | C] () -- C:\Users\Public\Desktop\Duke Nukem - Manhattan Project.lnk
[2014.07.16 19:48:47 | 000,007,605 | ---- | C] () -- C:\Users\Matěj\AppData\Local\resmon.resmoncfg
[2014.07.16 19:48:36 | 001,052,672 | ---- | C] () -- C:\Users\Matěj\Documents\Q.evtx
[2014.07.16 17:39:26 | 000,001,397 | ---- | C] () -- C:\Users\Matěj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014.07.15 20:36:43 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014.01.28 20:19:04 | 000,482,408 | ---- | C] () -- C:\Windows\ssndii.exe
[2014.01.28 20:18:33 | 000,113,768 | ---- | C] () -- C:\Windows\Wiainst.exe
[2014.01.28 20:17:56 | 000,217,088 | ---- | C] () -- C:\Windows\System32\ssminidriver.dll
[2014.01.28 20:17:56 | 000,027,136 | ---- | C] () -- C:\Windows\System32\ssimgfilter.dll
[2014.01.28 20:17:56 | 000,011,264 | ---- | C] () -- C:\Windows\System32\sssegfilter.dll
[2014.01.28 20:17:56 | 000,010,752 | ---- | C] () -- C:\Windows\System32\sserrhandler.dll
[2014.01.28 20:17:54 | 000,022,723 | ---- | C] () -- C:\Windows\System32\sss1ml3.dll
[2014.01.27 12:15:41 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2014.01.27 11:32:36 | 000,107,276 | ---- | C] () -- C:\Windows\System32\drivers\RtConvEQ.DAT
[2014.01.27 11:32:36 | 000,000,632 | ---- | C] () -- C:\Windows\System32\drivers\RtHdatEx.dat
[2014.01.27 11:32:36 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX2.dat
[2014.01.27 11:32:36 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2014.01.27 11:32:36 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2014.01.27 11:32:36 | 000,000,016 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2014.01.27 11:31:01 | 000,000,000 | ---- | C] () -- C:\Windows\Setup.INI
[2013.04.30 04:30:54 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2013.04.30 04:30:54 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2013.04.30 00:36:28 | 000,159,232 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2013.02.23 06:46:33 | 000,000,712 | ---- | C] () -- C:\Windows\System32\RTSLCS.dll
========== ZeroAccess Check ==========
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.03.25 04:18:50 | 012,877,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013.02.23 06:04:20 | 000,636,928 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2013.02.23 06:04:19 | 000,351,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2014.07.20 01:21:07 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\AVG
[2014.07.19 09:17:01 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\BitTorrent
[2014.07.19 08:18:21 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\DAEMON Tools Lite
[2014.07.16 20:24:03 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\FLV and Media Player
[2014.07.19 03:58:23 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\library_dir
[2014.07.19 04:03:42 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\Raptr
[2014.07.15 20:42:17 | 000,000,000 | ---D | M] -- C:\Users\uživatel\AppData\Roaming\BitTorrent
[2014.05.22 18:14:29 | 000,000,000 | ---D | M] -- C:\Users\uživatel\AppData\Roaming\FLV and Media Player
[2014.03.09 07:29:37 | 000,000,000 | ---D | M] -- C:\Users\uživatel\AppData\Roaming\Garmin
[2014.03.06 09:11:04 | 000,000,000 | ---D | M] -- C:\Users\uživatel\AppData\Roaming\Nokia
[2014.05.01 06:14:08 | 000,000,000 | ---D | M] -- C:\Users\uživatel\AppData\Roaming\Oracle
[2014.03.06 22:40:27 | 000,000,000 | ---D | M] -- C:\Users\uživatel\AppData\Roaming\PC Suite
[2014.01.28 23:30:18 | 000,000,000 | ---D | M] -- C:\Users\uživatel\AppData\Roaming\PDF Writer
[2014.04.29 17:22:22 | 000,000,000 | ---D | M] -- C:\Users\uživatel\AppData\Roaming\SmartDraw
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 06:53:46 | 000,026,824 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2014.01.27 11:35:15 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014.01.28 17:13:19 | 000,000,940 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.01.28 17:13:20 | 000,000,944 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< >
< MD5 for: AGP440.SYS >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_0df88df672b38012\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_302c3064e8a4daa5\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_7f45ba754b7ae099\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17686_none_bbd0aa2d1d29e5f1\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.21772_none_bc6115bc3643046e\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.21812_none_bca1f72a361259ef\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 23:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 23:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010.11.20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2013.02.23 06:22:11 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2013.02.23 06:23:27 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2013.02.23 06:23:27 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2013.05.10 06:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013.05.13 06:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013.07.09 15:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013.07.09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2013.02.23 06:22:11 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2010.11.20 23:29:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013.05.11 06:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2013.05.10 07:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2013.10.05 03:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\System32\cryptsvc.dll
[2013.10.05 03:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2012.01.11 16:24:39 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2010.11.20 23:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2012.01.11 16:24:39 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2012.01.11 16:24:39 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.20 23:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2012.01.11 19:54:53 | 000,194,416 | ---- | M] (Microsoft Corporation) MD5=1E5B1D91DAE34315C747FF9855AD2C7E -- C:\Windows\System32\hal.dll
[2012.01.11 19:54:53 | 000,194,416 | ---- | M] (Microsoft Corporation) MD5=1E5B1D91DAE34315C747FF9855AD2C7E -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.21855_none_ad8fbdc0d1297393\hal.dll
< MD5 for: IASTORV.SYS >
[2012.01.11 15:18:57 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2012.01.11 15:18:57 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2012.01.11 15:18:57 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2012.01.11 15:18:57 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2010.11.20 23:29:03 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 23:29:03 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\drivers\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_0df88df672b38012\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_302c3064e8a4daa5\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_7f45ba754b7ae099\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17686_none_bbd0aa2d1d29e5f1\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.21772_none_bc6115bc3643046e\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.21812_none_bca1f72a361259ef\isapnp.sys
< MD5 for: LSASS.EXE >
[2014.05.30 09:34:43 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=0421593A1955FE63245B700560B44600 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22705_none_a8e74cccd4220539\lsass.exe
[2014.05.30 09:52:03 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=213601D688579B98F576BA7CA88496DE -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18489_none_a80b2dfdbb41b005\lsass.exe
[2012.01.11 17:03:29 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=3ABDB971E97A59E6749B160E17335D7A -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21728_none_a8d4c49ad42f6f7f\lsass.exe
[2013.09.25 02:54:21 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=559C7769B397F07E12725EE55337D4C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22465_none_a8a66792d452b56a\lsass.exe
[2014.04.12 04:06:16 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=627B40EB2595D8FCF1960F33389EB7D3 -- C:\Windows\System32\lsass.exe
[2014.04.12 04:06:16 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=627B40EB2595D8FCF1960F33389EB7D3 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22653_none_a8af3ab6d44c6119\lsass.exe
[2014.04.12 04:06:16 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=627B40EB2595D8FCF1960F33389EB7D3 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22712_none_a8d97c02d42cd525\lsass.exe
[2013.02.23 06:37:02 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=71034B08A78EA24ACE92736EC56FE6DE -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22119_none_a8e072a4d426979c\lsass.exe
[2013.09.25 02:49:20 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=803B370865D907EA21DC0C2B6A8936B5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18270_none_a80cf783bb41b5b7\lsass.exe
[2013.02.23 06:11:55 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\lsass.exe
[2013.02.23 06:11:55 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_a828bb43bb2beb28\lsass.exe
[2014.04.12 04:11:22 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=DD17E1573651293D4ED31053795B3471 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18443_none_a8306bf1bb26a837\lsass.exe
[2014.04.12 04:11:22 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=DD17E1573651293D4ED31053795B3471 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18496_none_a7fd5d33bb4c7ff1\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe
[2013.02.23 06:19:13 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FA7B950E4CA6AA260C4EABA19E03644D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_a8d76e24d42eb666\lsass.exe
[2013.02.23 06:11:54 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FBCB2DFA40862DAA7B1534C9538208A5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\lsass.exe
< MD5 for: NDIS.SYS >
[2013.02.23 06:28:13 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=15B74B6283CEBCCE3054C1001CA01B5E -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_aa0491cf93ad1c31\ndis.sys
[2012.01.11 19:21:37 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=59CB432AFBB2340122B7F84A21AC86AD -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.21849_none_aa3cc7f7938292c1\ndis.sys
[2013.02.23 06:28:14 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=8C9C922D71F1CD4DEF73F186416B7896 -- C:\Windows\System32\drivers\ndis.sys
[2013.02.23 06:28:14 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=8C9C922D71F1CD4DEF73F186416B7896 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_a9bdfee47a5cd154\ndis.sys
[2012.01.11 19:21:38 | 000,712,560 | ---- | M] (Microsoft Corporation) MD5=C339D6BDE0FA22BA79398FF743866DB2 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17715_none_a9cf99c87a5039c8\ndis.sys
[2010.11.20 23:29:12 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys
< MD5 for: NETLOGON.DLL >
[2012.01.11 18:01:36 | 000,564,224 | ---- | M] (Microsoft Corporation) MD5=AED7E9BBC2E7DE2F67C0BE054794F0ED -- C:\Windows\System32\netlogon.dll
[2012.01.11 18:01:36 | 000,564,224 | ---- | M] (Microsoft Corporation) MD5=AED7E9BBC2E7DE2F67C0BE054794F0ED -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.21813_none_0047c17baf5a8223\netlogon.dll
[2010.11.20 23:29:12 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
< MD5 for: NVRAID.SYS >
[2010.11.20 23:29:03 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 23:29:03 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvraid.sys
[2012.01.11 15:18:57 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\System32\drivers\nvraid.sys
[2012.01.11 15:18:57 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvraid.sys
[2012.01.11 15:18:57 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvraid.sys
[2012.01.11 15:18:56 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=E3B840350A72CA6F39BD2BEF85A2BCFB -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2012.01.11 15:18:56 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2012.01.11 15:18:56 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2012.01.11 15:18:56 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2012.01.11 15:18:56 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2010.11.20 23:29:03 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 23:29:03 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
< MD5 for: SCECLI.DLL >
[2010.11.20 23:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 23:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: SMSS.EXE >
[2009.07.14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe
[2014.01.27 11:49:59 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=D2A72C71CD6C18A99E920EC5761F0C7D -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_aeb7f4db909fe272\smss.exe
[2014.04.12 04:06:24 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=D8A5E3B8EB601B897AC78B060177E460 -- C:\Windows\System32\smss.exe
[2014.04.12 04:06:24 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=D8A5E3B8EB601B897AC78B060177E460 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22653_none_ae9f57f190b2c89d\smss.exe
[2014.01.27 11:49:59 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=DE91DCC7BC55E940979097E98F743205 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_ae40f33e7774c473\smss.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012.01.11 16:19:52 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=A91A288C91F9D9F1CFA4FAA9893C4D55 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.21671_none_b8087ff17ce0d25b\svchost.exe
[2012.01.11 16:19:52 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=ECDB182F885292145826C58252B53000 -- C:\Windows\System32\svchost.exe
[2012.01.11 16:19:52 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=ECDB182F885292145826C58252B53000 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.17568_none_b790b51863b4c801\svchost.exe
< MD5 for: TCPIP.SYS >
[2013.02.23 06:31:52 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2010.11.20 23:29:20 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2013.02.23 06:41:50 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2012.01.11 15:45:42 | 001,299,328 | ---- | M] (Microsoft Corporation) MD5=4AA93F6ACA15ABCDA686FE3D8A008298 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21645_none_b58fa98edddd66f5\tcpip.sys
[2014.04.05 04:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_b513c4dfc4b513b9\tcpip.sys
[2014.01.27 11:49:38 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=6C4F3D92764FFA22D28061A4D9235446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys
[2013.02.23 06:41:51 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2013.02.23 06:31:52 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2014.01.27 11:49:38 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2012.01.11 17:15:43 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=CE197C5A444941CE0BD6A4713C70948D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21855_none_b584dd6edde57d34\tcpip.sys
[2013.02.23 06:34:45 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2013.11.26 13:07:37 | 001,309,632 | ---- | M] (Microsoft Corporation) MD5=DC08335B30D83FB61E9EFE6FDD09D40D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_b5a530b8ddcd4b8d\tcpip.sys
[2012.01.11 15:37:56 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=DEB39B9561044164A1F40449CE95F361 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21789_none_b5686cecddfa393c\tcpip.sys
[2013.02.23 06:34:45 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2014.04.05 04:16:21 | 001,310,144 | ---- | M] (Microsoft Corporation) MD5=EA47AB18E289333AB94397D77CA6E3A1 -- C:\Windows\System32\drivers\tcpip.sys
[2014.04.05 04:16:21 | 001,310,144 | ---- | M] (Microsoft Corporation) MD5=EA47AB18E289333AB94397D77CA6E3A1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_b59293a4dddacc9b\tcpip.sys
[2012.01.11 16:48:04 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=F99E3D57EE87286AE9BFAFC157F53616 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21732_none_b5977a82ddd7fc26\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 23:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 23:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 23:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2012.01.11 18:55:15 | 000,287,232 | ---- | M] (Microsoft Corporation) MD5=7295110E1BF93885D29480D29D967E0F -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.21820_none_72453a854c5ce5ad\winlogon.exe
[2014.03.04 11:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_71da23b23327143c\winlogon.exe
[2014.03.04 12:39:02 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=D53972F87D850CD2EB4B29B60CAFDD77 -- C:\Windows\System32\winlogon.exe
[2014.03.04 12:39:02 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=D53972F87D850CD2EB4B29B60CAFDD77 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_7255f1994c4f8119\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010.11.20 23:29:06 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\System32\ws2_32.dll
[2010.11.20 23:29:06 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[9 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2014.07.16 17:39:28 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\Adobe
[2014.07.16 17:41:58 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\ATI
[2014.07.20 01:21:07 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\AVG
[2014.07.19 09:17:01 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\BitTorrent
[2014.07.19 08:18:21 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\DAEMON Tools Lite
[2014.07.20 21:31:16 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\FastStone
[2014.07.16 20:24:03 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\FLV and Media Player
[2014.07.16 17:40:51 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\Identities
[2014.07.19 03:58:23 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\library_dir
[2011.04.12 03:46:30 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\Media Center Programs
[2014.07.19 07:47:57 | 000,000,000 | --SD | M] -- C:\Users\Matěj\AppData\Roaming\Microsoft
[2014.07.19 04:03:42 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\Raptr
[2014.07.16 20:17:13 | 000,000,000 | ---D | M] -- C:\Users\Matěj\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2014.07.19 06:01:31 | 001,913,432 | ---- | M] (BitTorrent Inc.) -- C:\Users\Matěj\AppData\Roaming\BitTorrent\BitTorrent.exe
[2014.07.19 06:01:31 | 001,913,432 | ---- | M] (BitTorrent Inc.) -- C:\Users\Matěj\AppData\Roaming\BitTorrent\updates\7.9.2_32355.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
[2014.07.18 17:40:54 | 000,243,128 | ---- | M] (Disc Soft Ltd) -- C:\Windows\system32\drivers\dtsoftbus01.sys
< %systemroot%\system32\*.* /3 >
[2014.07.20 21:19:07 | 000,021,504 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.07.20 21:19:07 | 000,021,504 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.07.18 18:09:19 | 000,141,004 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2014.07.18 18:09:19 | 000,121,596 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2014.07.18 18:09:19 | 000,668,376 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2014.07.18 18:09:19 | 000,653,724 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2014.07.18 18:09:19 | 001,582,262 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
Přispějete na provoz fóra?