Dobrý deň
Chcel by som Vás poprosiť o kontrolu logu. Mám podozrenie na nejakého šmejda v PC.
Spomaľuje mi to prehliadanie stránok a na niektoré weby sa ani nedostanem.
____________________________________________________________________________
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-01-2015
Ran by Andrej (administrator) on ANDREJ-PC on 07-01-2015 21:13:06
Running from C:\Users\Andrej\Desktop
Loaded Profile: Andrej (Available profiles: Andrej)
Platform: Microsoft Windows 7 Ultimate (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IObit) C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\ace\bin\CCAgent.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\AlmPanelPlugin\ALMPanelPlugin.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe
(SIEMENS AG) C:\Program Files\Siemens\WinCC\bin\CCProjectMgr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe
(Nitro PDF Software) C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
(SIEMENS AG) C:\Program Files\Siemens\Step7\S7BIN\s7hspsvx.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\SimNetCom\pniomgr.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\commonarchiving\CCDBUtils.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\SimNetCom\pniopcac.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe
(Hotger) C:\Program Files\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe
() C:\Windows\System32\C2MP\TrayMenu.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(TechSmith Corporation) C:\Program Files\TechSmith\Snagit 9\Snagit32.exe
(TechSmith Corporation) C:\Program Files\TechSmith\Snagit 9\TscHelp.exe
(TechSmith Corporation) C:\Program Files\TechSmith\Snagit 9\SnagPriv.exe
(TechSmith Corporation) C:\Program Files\TechSmith\Snagit 9\SnagitEditor.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-15] (AVAST Software)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKU\S-1-5-21-987201152-1341176263-1292834751-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-987201152-1341176263-1292834751-1000\...\Run: [Advanced SystemCare 8] => C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe [2425632 2014-11-07] (IObit)
HKU\S-1-5-21-987201152-1341176263-1292834751-1000\...\Run: [Flvto Youtube Downloader] => C:\Program Files\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe [493568 2014-11-26] (Hotger)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TrayMenu.lnk
ShortcutTarget: TrayMenu.lnk -> C:\Windows\System32\C2MP\TrayMenu.exe ()
Startup: C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 9.lnk
ShortcutTarget: Snagit 9.lnk -> C:\Program Files\TechSmith\Snagit 9\Snagit32.exe (TechSmith Corporation)
HKLM\...\AppCertDlls: [x64] -> c:\program files\settings manager\smdmf\x64\sysapcrt.dll
HKLM\...\AppCertDlls: [x86] -> c:\program files\settings manager\smdmf\sysapcrt.dll
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-987201152-1341176263-1292834751-1000 -> DefaultScope {44970120-AF3C-450E-AAA6-F4E3AF52D246} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
SearchScopes: HKU\S-1-5-21-987201152-1341176263-1292834751-1000 -> {44970120-AF3C-450E-AAA6-F4E3AF52D246} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
BHO: No Name -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> No File
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - No Name - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - No File
Toolbar: HKU\S-1-5-21-987201152-1341176263-1292834751-1000 -> No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default
FF NewTab: about:home
FF SelectedSearchEngine: Google
FF Homepage: https://www.google.sk/
FF Keyword.URL: hxxp://www.default-search.net/search?sid=503&a ... &src=ds&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\searchplugins\yahoo_ff.xml
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\Extensions\iobitascsurfingprotection@iobit.com [2014-12-08]
FF Extension: Homepage New Tab - C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\Extensions\HomepageNewTab@neocodex.us.xpi [2014-01-12]
FF Extension: New Tab Homepage - C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\Extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi [2014-01-12]
FF Extension: Adblock Plus - C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-19]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-12]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [cikkkfooompgefbcjlgdjejfdknkheaj] - C:\Program Files\Common Files\Spigot\GC\DomainErrorHelper_1.0_0.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [fpmeembnagmagppkgghhfjfdfajdfcah] - C:\Users\Andrej\AppData\Local\Linkey\ChromeExtension\ChromeExtension.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-16]
CHR HKLM\...\Chrome\Extension: [gpiifgmgnfdiblgpaepbmfdkcheicgof] - C:\Program Files\Common Files\Spigot\GC\nta_1.0_0.crx [Not Found]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdvancedSystemCareService8; C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 almservice; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe [1138312 2011-12-11] (SIEMENS AG) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-16] (AVAST Software)
R2 CCAgent; C:\Program Files\Common Files\Siemens\ACE\bin\CCAgent.exe [363008 2011-11-14] (SIEMENS AG) [File not signed]
S3 CCAlgRtServer; C:\Program Files\Siemens\WinCC\bin\CcAlgRtServer.exe [119808 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCArchiveManagerService; C:\Program Files\Common Files\Siemens\CommonArchiving\CCArchiveManager.exe [757760 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCCSigRTServer; C:\Program Files\Siemens\WinCC\bin\CCCSigRTServer.exe [436736 2011-11-23] (SIEMENS AG) [File not signed]
R2 CCDBUtils; C:\Program Files\Common Files\Siemens\CommonArchiving\CCDBUtils.exe [98304 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCDeltaLoader; C:\Program Files\Siemens\WinCC\bin\CCDeltaLoader.exe [757760 2011-11-23] (SIEMENS AG) [File not signed]
R3 CCEClient; C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe [264704 2011-11-14] (SIEMENS AG) [File not signed]
R2 CCEServer; C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe [245248 2011-11-14] (SIEMENS AG) [File not signed]
S3 CCLBMRTServer; C:\Program Files\Siemens\WinCC\bin\CCLBMRTServer.exe [195072 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCLicenseService; C:\Program Files\Common Files\Siemens\bin\CCLicenseService.exe [489472 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCNSInfo2Provider; C:\Program Files\Siemens\WinCC\bin\CCNSInfo2Provider.exe [646144 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCOPC.UAWrapper; C:\Program Files\Siemens\WinCC\opc\UAWrapper\DA2UA.exe [344064 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCOPC.XMLWrapper; C:\Program Files\Siemens\WinCC\opc\XMLDataAccess\bin\DA2XML.exe [344064 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCPackageMgr; C:\Program Files\Siemens\WinCC\bin\CCPackageMgr.exe [450560 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCPerfMon; C:\Program Files\Common Files\Siemens\bin\CCPerfMon.exe [716288 2011-11-10] (SIEMENS AG) [File not signed]
S3 CCProfileServer; C:\Program Files\Siemens\WinCC\bin\CCProfileServer.exe [72192 2011-11-23] (SIEMENS AG) [File not signed]
R2 CCProjectMgr; C:\Program Files\Siemens\WinCC\bin\CCProjectMgr.exe [1464832 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCPtmRTServer; C:\Program Files\Siemens\WinCC\bin\CCPtmRTServer.exe [331776 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCRedundancyAgent-Service; C:\Program Files\Common Files\Siemens\CommonArchiving\CCRedundancyAgent.exe [856064 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCSsmRTServer; C:\Program Files\Siemens\WinCC\bin\CCSsmRTServer.exe [332800 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCTextServer; C:\Program Files\Siemens\WinCC\bin\CCTextServer.exe [372224 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCTlgServer; C:\Program Files\Siemens\WinCC\bin\CCTlgServer.exe [91648 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCTMTimeSyncServer; C:\Program Files\Siemens\WinCC\bin\CCTMTimeSyncServer.exe [299520 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCUsrAcv; C:\Program Files\Siemens\WinCC\bin\CCUsrAcv.exe [1311232 2011-11-23] (SIEMENS AG) [File not signed]
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2630432 2014-11-04] (IObit)
R2 MsDtsServer; C:\Program Files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe [202592 2010-12-10] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [8704 2009-07-14] (Microsoft Corporation)
R2 MSSQL$WINCC; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 MSSQL$WINCCFLEXEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [196624 2013-07-26] (Nitro PDF Software)
S3 OpcEnum; C:\Windows\system32\OPCEnum.exe [139488 2009-02-05] (OPC Foundation)
S3 RedundancyControl; C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe [486400 2011-11-14] (SIEMENS AG) [File not signed]
S3 RedundancyState; C:\Program Files\Common Files\Siemens\ace\bin\RedundancyState.exe [198144 2011-11-14] (SIEMENS AG) [File not signed]
R2 s7hspsvx; C:\Program Files\Siemens\Step7\s7bin\s7hspsvx.exe [61493 2011-05-30] (SIEMENS AG) [File not signed]
R2 s7oiehsx; C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe [412808 2011-11-04] (SIEMENS AG) [File not signed]
R2 S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe [556168 2011-11-04] (SIEMENS AG) [File not signed]
S3 SCSFsX; C:\Program Files\Common Files\Siemens\ACE\bin\SCSFsX.exe [101888 2011-11-14] (SIEMENS AG) [File not signed]
R2 SCSMonitor; C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe [163328 2011-11-14] (SIEMENS AG) [File not signed]
S3 SQLAgent$WINCC; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE [346976 2010-12-10] (Microsoft Corporation)
S3 XR_CCOPC.UAWrapper; C:\Program Files\Siemens\WinCC\opc\UAWrapper\CCRT2UA.exe [188416 2011-11-23] (SIEMENS AG) [File not signed]
S3 XR_CCOPC.XMLWrapper; C:\Program Files\Siemens\WinCC\opc\XMLDataAccess\bin\CCRT2XML.exe [188416 2011-11-23] (SIEMENS AG) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-11-16] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2014-11-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-11-16] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-11-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2014-11-20] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2014-11-16] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2014-11-16] ()
S3 cp5711; C:\Windows\System32\Drivers\cp5711.sys [994944 2011-04-19] (SIEMENS AG)
R1 Dlc; C:\Windows\System32\DRIVERS\dlc.sys [56080 2004-06-03] (Microsoft Corporation) [File not signed]
R1 dpmconv; C:\Windows\System32\DRIVERS\dpmconv32.sys [288256 2011-04-19] (SIEMENS AG)
R1 DPMTRCDD; C:\Windows\System32\DRIVERS\DPMTRCDD32.sys [72248 2010-03-22] (SIEMENS AG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-01-20] (Disc Soft Ltd)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [141824 2009-07-14] (Microsoft Corporation)
R3 S7odpx2x32; C:\Windows\System32\Drivers\S7odpx2x32.sys [87552 2011-05-06] (SIEMENS AG)
R2 S7otranx32; C:\Windows\System32\Drivers\S7otranx32.sys [521216 2011-05-06] (SIEMENS AG)
R3 s7otsadx32; C:\Windows\System32\Drivers\s7otsadx32.sys [182784 2011-09-29] (SIEMENS AG)
R2 s7ousbu32x; C:\Windows\System32\DRIVERS\s7ousbu32x.sys [641280 2011-09-29] (SIEMENS AG)
R2 s7sn2srtx; C:\Windows\System32\DRIVERS\s7sn2srtx.sys [63104 2011-06-16] (SIEMENS AG) [File not signed]
R2 SNTIE; C:\Windows\System32\DRIVERS\sntie.sys [343888 2011-10-11] (SIEMENS AG)
R1 vsnl2ada; C:\Windows\System32\DRIVERS\vsnl2ada32.sys [140288 2011-04-19] (SIEMENS AG)
U2 CP5711_1; No ImagePath
S3 HmPci; \??\C:\Windows\system32\drivers\HmPci.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-07 21:13 - 2015-01-07 21:13 - 00018810 _____ () C:\Users\Andrej\Desktop\FRST.txt
2015-01-07 21:13 - 2015-01-07 21:13 - 00000000 ____D () C:\FRST
2015-01-07 21:11 - 2015-01-07 21:11 - 01115648 _____ (Farbar) C:\Users\Andrej\Desktop\FRST.exe
2014-12-30 12:09 - 2015-01-07 21:05 - 00000280 _____ () C:\Windows\setupact.log
2014-12-30 12:09 - 2015-01-05 20:43 - 00000830 _____ () C:\Windows\PFRO.log
2014-12-30 12:09 - 2014-12-30 12:09 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-30 12:08 - 2014-12-30 12:08 - 00000000 ____D () C:\Users\Andrej\AppData\Local\Hotger
2014-12-30 12:07 - 2014-12-30 12:07 - 02377216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-12-30 12:07 - 2014-12-30 12:07 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-30 12:07 - 2014-12-30 12:07 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-12-30 12:07 - 2014-12-30 12:07 - 00194488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-12-30 12:06 - 2014-12-30 12:06 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-30 12:06 - 2014-12-30 12:06 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-12-30 12:06 - 2014-12-30 12:06 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-12-30 12:06 - 2014-12-30 12:06 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-12-30 12:06 - 2014-12-30 12:06 - 00221696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-12-30 12:06 - 2014-12-30 12:06 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-12-30 12:06 - 2014-12-30 12:06 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-12-30 12:06 - 2014-12-30 12:06 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-12-30 12:05 - 2014-12-30 12:05 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-12-16 21:43 - 2014-12-16 21:43 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-12-16 21:42 - 2014-12-16 21:42 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys
2014-12-16 21:39 - 2015-01-05 20:43 - 00000000 ____D () C:\ProgramData\smdmf
2014-12-16 21:39 - 2014-12-16 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flvto Youtube Downloader
2014-12-16 21:38 - 2014-12-16 21:39 - 00000000 ____D () C:\Program Files\Flvto Youtube Downloader
2014-12-15 21:25 - 2014-12-15 21:25 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-12-08 21:22 - 2014-12-08 21:22 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-08 21:22 - 2014-12-08 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-08 21:22 - 2014-12-08 21:22 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-12-08 21:22 - 2014-10-01 11:11 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-08 21:22 - 2014-10-01 11:11 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-08 21:17 - 2014-12-08 21:17 - 66256896 _____ () C:\Windows\system32\config\SOFTWARE.iobit
2014-12-08 21:17 - 2014-12-08 21:17 - 00249856 _____ () C:\Windows\system32\config\DEFAULT.iobit
2014-12-08 21:17 - 2014-12-08 21:17 - 00073728 _____ () C:\Windows\system32\config\SAM.iobit
2014-12-08 21:17 - 2014-12-08 21:17 - 00032768 _____ () C:\Windows\system32\config\SECURITY.iobit
2014-12-08 21:05 - 2015-01-07 16:57 - 00000000 ____D () C:\ProgramData\ProductData
2014-12-08 21:05 - 2014-12-08 21:06 - 00000000 ____D () C:\Users\Andrej\AppData\Roaming\ProductData
2014-12-08 21:05 - 2014-12-08 21:05 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-12-08 21:05 - 2014-12-08 21:05 - 00000000 ____D () C:\Users\Andrej\AppData\Roaming\Apple Computer
2014-12-08 21:04 - 2014-12-08 21:07 - 00000000 ____D () C:\Program Files\IObit
2014-12-08 21:04 - 2014-12-08 21:06 - 00000000 ____D () C:\ProgramData\IObit
2014-12-08 21:04 - 2014-12-08 21:05 - 00000000 ____D () C:\Users\Andrej\AppData\Roaming\IObit
2014-12-08 21:04 - 2014-12-08 21:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2014-12-08 21:04 - 2014-12-08 21:04 - 00000000 ____D () C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2014-12-08 21:04 - 2014-12-08 21:04 - 00000000 ____D () C:\Program Files\Common Files\IObit
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-07 21:08 - 2014-01-12 12:54 - 02091312 _____ () C:\Windows\WindowsUpdate.log
2015-01-07 21:06 - 2014-01-25 20:21 - 00000000 ____D () C:\Users\Andrej\AppData\Roaming\Nitro PDF
2015-01-07 21:05 - 2014-04-03 19:50 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-07 21:05 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-07 17:16 - 2014-04-03 19:50 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-07 16:59 - 2014-01-19 20:33 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-05 21:37 - 2009-07-14 05:34 - 00009584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-05 21:37 - 2009-07-14 05:34 - 00009584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-05 20:42 - 2014-01-26 10:07 - 00000000 ____D () C:\AdwCleaner
2014-12-30 12:43 - 2014-09-24 16:40 - 00000000 ____D () C:\Users\Andrej\Documents\OpenTTD
2014-12-30 12:14 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-30 12:09 - 2009-07-14 05:33 - 00488824 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-30 12:00 - 2014-01-12 13:08 - 01851816 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-20 10:59 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-12-20 10:27 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-12-20 10:05 - 2014-01-12 20:35 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-12-16 21:38 - 2014-08-28 10:24 - 00000000 ____D () C:\Users\Andrej\AppData\Local\Flvto Youtube Downloader
2014-12-11 20:57 - 2014-10-19 09:20 - 00000000 ____D () C:\Users\Andrej\AppData\Local\Adobe
2014-12-11 20:57 - 2014-01-19 20:33 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-12-11 20:57 - 2014-01-19 20:33 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-12-08 21:22 - 2014-01-20 20:17 - 00000000 ____D () C:\Users\Andrej\AppData\Roaming\Malwarebytes
2014-12-08 21:22 - 2014-01-20 20:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-08 21:22 - 2014-01-20 20:17 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-12-08 21:17 - 2014-01-12 13:04 - 00000000 ____D () C:\Users\Andrej
2014-12-08 21:14 - 2014-01-12 12:50 - 00000000 ____D () C:\Windows\Panther
2014-12-08 21:12 - 2014-01-26 12:49 - 00000000 ____D () C:\Users\Andrej\AppData\Roaming\uTorrent
Some content of TEMP:
====================
C:\Users\Andrej\AppData\Local\Temp\Quarantine.exe
C:\Users\Andrej\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-30 09:39
==================== End Of Log ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
spomaleny internet
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: spomaleny internet
Zdravim 
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll services.exe svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 %PROGRAMFILES%\Opera\opera.exe /md5 %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
- Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: spomaleny internet
OTL logfile created on: 7. 1. 2015 21:34:54 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Andrej\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy
2,99 Gb Total Physical Memory | 1,75 Gb Available Physical Memory | 58,64% Memory free
5,98 Gb Paging File | 4,60 Gb Available in Paging File | 76,86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 151,42 Gb Total Space | 120,34 Gb Free Space | 79,48% Space Free | Partition Type: NTFS
Drive D: | 299,39 Gb Total Space | 37,94 Gb Free Space | 12,67% Space Free | Partition Type: NTFS
Computer Name: ANDREJ-PC | User Name: Andrej | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2015/01/07 21:30:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Andrej\Desktop\OTL.exe
PRC - [2014/12/15 21:25:21 | 000,337,520 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014/12/15 21:19:01 | 005,227,112 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014/12/08 21:05:10 | 000,182,048 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
PRC - [2014/11/26 16:02:18 | 000,493,568 | ---- | M] (Hotger) -- C:\Program Files\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe
PRC - [2014/11/16 12:38:14 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/11/07 18:54:58 | 002,425,632 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe
PRC - [2014/11/07 18:00:58 | 001,743,136 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe
PRC - [2014/11/04 13:19:48 | 000,815,392 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe
PRC - [2013/07/26 06:48:28 | 000,196,624 | ---- | M] (Nitro PDF Software) -- C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
PRC - [2013/02/24 21:04:04 | 000,704,008 | ---- | M] () -- C:\Windows\System32\C2MP\TrayMenu.exe
PRC - [2011/12/11 21:07:24 | 001,138,312 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe
PRC - [2011/11/23 22:26:56 | 001,464,832 | ---- | M] (SIEMENS AG) -- C:\Program Files\Siemens\WinCC\bin\CCProjectMgr.exe
PRC - [2011/11/23 13:01:10 | 000,098,304 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\commonarchiving\CCDBUtils.exe
PRC - [2011/11/14 20:21:20 | 000,245,248 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe
PRC - [2011/11/14 16:18:46 | 000,163,328 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe
PRC - [2011/11/14 14:47:58 | 000,264,704 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe
PRC - [2011/11/14 14:37:24 | 000,363,008 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\ace\bin\CCAgent.exe
PRC - [2011/11/09 19:51:34 | 000,218,960 | ---- | M] (Siemens AG) -- C:\Program Files\Common Files\Siemens\AlmPanelPlugin\ALMPanelPlugin.exe
PRC - [2011/11/04 01:41:34 | 000,556,168 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe
PRC - [2011/11/04 01:41:30 | 000,412,808 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
PRC - [2011/10/25 11:23:08 | 009,079,296 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\SimNetCom\pniopcac.exe
PRC - [2011/10/24 11:03:54 | 002,087,424 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\SimNetCom\pniomgr.exe
PRC - [2011/05/30 15:40:44 | 000,061,493 | ---- | M] (SIEMENS AG) -- C:\Program Files\Siemens\Step7\S7BIN\s7hspsvx.exe
PRC - [2009/10/15 11:06:52 | 000,053,064 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 9\TscHelp.exe
PRC - [2009/10/15 11:06:50 | 000,066,888 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 9\SnagPriv.exe
PRC - [2009/10/15 11:06:46 | 007,168,328 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 9\SnagitEditor.exe
PRC - [2009/10/15 11:06:46 | 006,287,176 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 9\Snagit32.exe
PRC - [2009/07/14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
========== Modules (No Company Name) ==========
MOD - [2014/12/20 10:26:34 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\eef171dee81858018c3956485fff7ba7\System.Management.ni.dll
MOD - [2014/12/20 10:16:57 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\66df2eefe4c9863dce8aa401bb67eaf6\System.Runtime.Remoting.ni.dll
MOD - [2014/12/20 10:16:54 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\e4f2a7b1e685e937ccefac6ff0a36b27\System.Runtime.DurableInstancing.ni.dll
MOD - [2014/12/20 10:16:53 | 002,647,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\ca261c617636f2ff269d6233b19f97b8\System.Runtime.Serialization.ni.dll
MOD - [2014/12/20 10:16:53 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\4e6da16e44ef441e463e006185b1b5d8\SMDiagnostics.ni.dll
MOD - [2014/12/20 10:16:51 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\706f0cbe7c279c059b52ad8b4bd248d8\System.Xml.Linq.ni.dll
MOD - [2014/12/20 10:16:25 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b9942cb07813f553f6d6374dd4541362\System.Xaml.ni.dll
MOD - [2014/12/20 10:10:18 | 013,102,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\22b02a62cf5c0713597d919d7f983ae5\System.Windows.Forms.ni.dll
MOD - [2014/12/20 10:10:08 | 001,653,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\2c958d61dd28474ec780db9d18d266ae\System.Drawing.ni.dll
MOD - [2014/12/20 10:09:53 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\1c5b741f270fccb3b527b4fc3a8431f3\PresentationFramework.Aero.ni.dll
MOD - [2014/12/20 10:09:51 | 018,000,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\bd3685e578c22d17625390d847973de0\PresentationFramework.ni.dll
MOD - [2014/12/20 10:09:34 | 011,450,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\008fbb2e42b3c2569ff58d651575ff29\PresentationCore.ni.dll
MOD - [2014/12/20 10:09:23 | 003,858,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\c0c7b3ff43f1b29cad7dde24bdbd5b79\WindowsBase.ni.dll
MOD - [2014/12/20 10:09:14 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\68345d6b57fe33c9a94fe6a72ab5e85e\System.Xml.ni.dll
MOD - [2014/12/20 10:09:10 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\6757251401cd9c17d5e608db6e5f964a\System.Configuration.ni.dll
MOD - [2014/12/20 10:09:07 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\b7409080f31b0a702281b68c37bac326\System.Core.ni.dll
MOD - [2014/12/20 10:08:59 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\57e066d0b97757dbd26d59302c3d701a\System.ni.dll
MOD - [2014/12/20 10:08:52 | 014,414,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\e5b31f3bb6508df0dc7c20ddc72f3191\mscorlib.ni.dll
MOD - [2014/12/15 21:25:20 | 003,758,192 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2014/11/16 12:38:19 | 038,562,088 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/10/16 10:26:28 | 000,622,880 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 8\ProductStatistics.dll
MOD - [2013/02/24 21:04:04 | 000,704,008 | ---- | M] () -- C:\Windows\System32\C2MP\TrayMenu.exe
MOD - [2013/01/15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files\IObit\IObit Uninstaller\madexcept_.bpl
MOD - [2013/01/15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 8\madexcept_.bpl
MOD - [2013/01/15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files\IObit\IObit Uninstaller\maddisAsm_.bpl
MOD - [2013/01/15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 8\maddisAsm_.bpl
MOD - [2013/01/15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files\IObit\IObit Uninstaller\madbasic_.bpl
MOD - [2013/01/15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 8\madbasic_.bpl
MOD - [2013/01/15 18:47:56 | 000,893,248 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 8\webres.dll
MOD - [2011/03/02 12:40:52 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2011/02/09 01:56:38 | 000,296,448 | ---- | M] () -- C:\Program Files\Notepad++\NppShell_04.dll
MOD - [2010/01/30 02:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009/10/15 11:06:44 | 004,715,848 | R--- | M] () -- C:\Program Files\TechSmith\Snagit 9\PDFNetC.dll
========== Services (SafeList) ==========
SRV - [2014/12/15 21:25:20 | 000,114,800 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/12/11 20:57:21 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/11/16 12:38:14 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014/11/04 13:33:58 | 002,630,432 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2014/11/04 13:19:48 | 000,815,392 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe -- (AdvancedSystemCareService8)
SRV - [2014/02/11 13:29:41 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2013/07/26 06:48:28 | 000,196,624 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe -- (NitroReaderDriverReadSpool3)
SRV - [2011/12/11 21:07:24 | 001,138,312 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe -- (almservice)
SRV - [2011/11/23 23:21:54 | 000,332,800 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCSsmRTServer.exe -- (CCSsmRTServer)
SRV - [2011/11/23 23:12:26 | 000,072,192 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCProfileServer.exe -- (CCProfileServer)
SRV - [2011/11/23 23:08:46 | 000,119,808 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CcAlgRtServer.exe -- (CCAlgRtServer)
SRV - [2011/11/23 23:06:00 | 000,489,472 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\Bin\CCLicenseService.exe -- (CCLicenseService)
SRV - [2011/11/23 23:00:42 | 000,372,224 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCTextServer.exe -- (CCTextServer)
SRV - [2011/11/23 23:00:36 | 000,091,648 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCTlgServer.exe -- (CCTlgServer)
SRV - [2011/11/23 22:59:04 | 001,311,232 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCUsrAcv.exe -- (CCUsrAcv)
SRV - [2011/11/23 22:34:50 | 000,450,560 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCPackageMgr.exe -- (CCPackageMgr)
SRV - [2011/11/23 22:34:20 | 000,757,760 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCDeltaLoader.exe -- (CCDeltaLoader)
SRV - [2011/11/23 22:32:10 | 000,299,520 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCTMTimeSyncServer.exe -- (CCTMTimeSyncServer)
SRV - [2011/11/23 22:31:10 | 000,646,144 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCNSInfo2Provider.exe -- (CCNSInfo2Provider)
SRV - [2011/11/23 22:30:04 | 000,195,072 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCLBMRTServer.exe -- (CCLBMRTServer)
SRV - [2011/11/23 22:29:40 | 000,436,736 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCCSigRTServer.exe -- (CCCSigRTServer)
SRV - [2011/11/23 22:28:46 | 000,331,776 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCPtmRTServer.exe -- (CCPtmRTServer)
SRV - [2011/11/23 22:26:56 | 001,464,832 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Siemens\WinCC\bin\CCProjectMgr.exe -- (CCProjectMgr)
SRV - [2011/11/23 16:00:22 | 000,188,416 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\UAWrapper\CCRT2UA.exe -- (XR_CCOPC.UAWrapper)
SRV - [2011/11/23 16:00:04 | 000,188,416 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\XMLDataAccess\bin\CCRT2XML.exe -- (XR_CCOPC.XMLWrapper)
SRV - [2011/11/23 15:59:00 | 000,344,064 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\XMLDataAccess\bin\DA2XML.exe -- (CCOPC.XMLWrapper)
SRV - [2011/11/23 15:59:00 | 000,344,064 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\UAWrapper\DA2UA.exe -- (CCOPC.UAWrapper)
SRV - [2011/11/23 13:10:30 | 000,856,064 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\commonarchiving\CCRedundancyAgent.exe -- (CCRedundancyAgent-Service)
SRV - [2011/11/23 13:01:10 | 000,098,304 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\commonarchiving\CCDBUtils.exe -- (CCDBUtils)
SRV - [2011/11/23 12:59:42 | 000,757,760 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\commonarchiving\CCArchiveManager.exe -- (CCArchiveManagerService)
SRV - [2011/11/14 20:31:38 | 000,486,400 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe -- (RedundancyControl)
SRV - [2011/11/14 20:21:20 | 000,245,248 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe -- (CCEServer)
SRV - [2011/11/14 16:18:46 | 000,163,328 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe -- (SCSMonitor)
SRV - [2011/11/14 15:46:46 | 000,101,888 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\ace\bin\SCSFsX.exe -- (SCSFsX)
SRV - [2011/11/14 15:34:08 | 000,198,144 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\ace\bin\RedundancyState.exe -- (RedundancyState)
SRV - [2011/11/14 14:47:58 | 000,264,704 | ---- | M] (SIEMENS AG) [On_Demand | Running] -- C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe -- (CCEClient)
SRV - [2011/11/14 14:37:24 | 000,363,008 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\ace\bin\CCAgent.exe -- (CCAgent)
SRV - [2011/11/10 12:58:36 | 000,716,288 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\Bin\CCPerfMon.exe -- (CCPerfMon)
SRV - [2011/11/04 01:41:34 | 000,556,168 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe -- (S7TraceServiceX)
SRV - [2011/11/04 01:41:30 | 000,412,808 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe -- (s7oiehsx)
SRV - [2011/05/30 15:40:44 | 000,061,493 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Siemens\Step7\S7BIN\s7hspsvx.exe -- (s7hspsvx)
SRV - [2010/03/25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/02/05 03:04:08 | 000,139,488 | ---- | M] (OPC Foundation) [On_Demand | Stopped] -- C:\Windows\System32\OpcEnum.exe -- (OpcEnum)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\HmPci.sys -- (HmPci)
DRV - File not found [Adapter | Auto | Unknown] -- -- (CP5711_1)
DRV - [2014/11/22 10:09:59 | 000,787,800 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsnx.sys -- (aswSnx)
DRV - [2014/11/20 20:43:22 | 000,423,784 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsp.sys -- (aswSP)
DRV - [2014/11/16 12:38:27 | 000,206,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/11/16 12:38:27 | 000,091,496 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswstm.sys -- (aswStm)
DRV - [2014/11/16 12:38:26 | 000,081,768 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2014/11/16 12:38:26 | 000,070,384 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014/11/16 12:38:26 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014/11/16 12:38:26 | 000,024,184 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2014/01/20 19:33:11 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011/10/11 19:13:20 | 000,343,888 | ---- | M] (SIEMENS AG) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SNTIE.SYS -- (SNTIE)
DRV - [2011/09/29 10:48:48 | 000,641,280 | ---- | M] (SIEMENS AG) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\s7ousbu32x.sys -- (s7ousbu32x)
DRV - [2011/09/29 10:47:06 | 000,182,784 | ---- | M] (SIEMENS AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\s7otsadx32.sys -- (s7otsadx32)
DRV - [2011/06/16 19:10:22 | 000,063,104 | ---- | M] (SIEMENS AG) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\s7sn2srtx.sys -- (s7sn2srtx)
DRV - [2011/05/06 05:08:10 | 000,521,216 | ---- | M] (SIEMENS AG) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\S7otranx32.sys -- (S7otranx32)
DRV - [2011/05/06 05:03:22 | 000,087,552 | ---- | M] (SIEMENS AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\S7odpx2x32.sys -- (S7odpx2x32)
DRV - [2011/04/19 19:22:46 | 000,994,944 | ---- | M] (SIEMENS AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cp5711.sys -- (cp5711)
DRV - [2011/04/19 19:22:04 | 000,288,256 | ---- | M] (SIEMENS AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\dpmconv32.sys -- (dpmconv)
DRV - [2011/04/19 19:20:28 | 000,140,288 | ---- | M] (SIEMENS AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsnl2ada32.sys -- (vsnl2ada)
DRV - [2010/03/22 20:35:44 | 000,072,248 | ---- | M] (SIEMENS AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\DPMTRCDD32.sys -- (DPMTRCDD)
DRV - [2009/12/11 15:24:36 | 000,182,304 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/11/06 12:53:58 | 001,227,776 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/07/14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009/07/14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009/07/14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009/07/14 01:11:04 | 000,141,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mqac.sys -- (MQAC)
DRV - [2009/07/14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2004/06/03 11:30:04 | 000,056,080 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\dlc.sys -- (Dlc)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-987201152-1341176263-1292834751-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DC 66 FD F2 FF 36 CF 01 [binary data]
IE - HKU\S-1-5-21-987201152-1341176263-1292834751-1000\..\SearchScopes,DefaultScope = {44970120-AF3C-450E-AAA6-F4E3AF52D246}
IE - HKU\S-1-5-21-987201152-1341176263-1292834751-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-987201152-1341176263-1292834751-1000\..\SearchScopes\{44970120-AF3C-450E-AAA6-F4E3AF52D246}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-987201152-1341176263-1292834751-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-987201152-1341176263-1292834751-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "https://www.google.sk/"
FF - prefs.js..extensions.enabledAddons: %7B66E978CD-981F-47DF-AC42-E3CF417C1467%7D:0.4.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:34.0.5
FF - prefs.js..keyword.url: "http://www.default-search.net/search?si ... &src=ds&p="
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/11/16 12:38:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2014/01/12 20:35:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Extensions
[2015/01/07 17:06:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions
[2014/12/08 21:05:18 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions\iobitascsurfingprotection@iobit.com
[2014/07/12 10:22:43 | 000,023,277 | ---- | M] () (No name found) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions\HomepageNewTab@neocodex.us.xpi
[2014/01/12 20:40:34 | 000,003,793 | ---- | M] () (No name found) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi
[2014/11/16 12:40:03 | 000,979,699 | ---- | M] () (No name found) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/05/01 16:11:38 | 000,008,061 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\searchplugins\yahoo_ff.xml
[2014/12/15 21:25:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/12/15 21:25:21 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2014/12/08 21:10:38 | 000,000,880 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.iobit.com
O1 - Hosts: 127.0.0.1 www.asc55.iobit.com
O2 - BHO: (no name) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - No CLSID value found.
O2 - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-987201152-1341176263-1292834751-1000\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-987201152-1341176263-1292834751-1000..\Run: [Advanced SystemCare 8] C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-987201152-1341176263-1292834751-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-987201152-1341176263-1292834751-1000..\Run: [Flvto Youtube Downloader] C:\Program Files\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe (Hotger)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 9.lnk = C:\Program Files\TechSmith\Snagit 9\Snagit32.exe (TechSmith Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{902C4F20-5398-4BCB-A4F8-01DEC0396CF4}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: x64 - (c:\program files\settings manager\smdmf\x64\sysapcrt.dll) - File not found
O36 - AppCertDlls: x86 - (c:\program files\settings manager\smdmf\sysapcrt.dll) - File not found
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.divxa32 - C:\Windows\System32\DivXa32.acm (Packed With Joy !)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.ffds - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.lags - C:\Windows\System32\Lagarith.dll ( )
Drivers32: vidc.x264 - C:\Windows\System32\x264vfw.dll (x264vfw project)
Drivers32: vidc.xvid - C:\Windows\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2015/01/07 21:30:30 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Andrej\Desktop\OTL.exe
[2015/01/07 21:13:01 | 000,000,000 | ---D | C] -- C:\FRST
[2015/01/07 21:11:49 | 001,115,648 | ---- | C] (Farbar) -- C:\Users\Andrej\Desktop\FRST.exe
========== Files - Modified Within 7 Days ==========
[2015/01/07 21:36:49 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015/01/07 21:30:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Andrej\Desktop\OTL.exe
[2015/01/07 21:16:00 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/01/07 21:11:49 | 001,115,648 | ---- | M] (Farbar) -- C:\Users\Andrej\Desktop\FRST.exe
[2015/01/07 21:05:57 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/01/07 21:05:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/01/07 21:05:09 | 2408,722,432 | -HS- | M] () -- C:\hiberfil.sys
[2015/01/07 16:59:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/01/05 21:37:14 | 000,009,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/01/05 21:37:14 | 000,009,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
========== Files Created - No Company Name ==========
[2014/05/30 10:00:20 | 000,024,184 | ---- | C] () -- C:\Windows\System32\drivers\aswHwid.sys
[2014/01/22 20:21:10 | 000,000,268 | ---- | C] () -- C:\Windows\ODBC.INI
[2014/01/22 20:10:01 | 000,000,000 | ---- | C] () -- C:\Windows\PDLSERV.INI
[2014/01/12 21:09:34 | 000,206,248 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/01/12 21:09:32 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/01/12 19:31:42 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2013/02/24 22:14:24 | 000,038,720 | ---- | C] () -- C:\Windows\System32\dischandler.exe
[2013/02/24 15:05:32 | 003,915,776 | ---- | C] () -- C:\Windows\System32\ffmpeg.dll
[2013/02/24 15:04:30 | 000,112,640 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2013/02/24 15:03:22 | 000,271,360 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2013/02/24 15:03:20 | 000,099,840 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2013/02/24 15:03:18 | 000,157,184 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll
[2013/02/24 15:03:16 | 000,147,456 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll
[2013/02/24 15:03:14 | 000,114,688 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll
[2013/02/24 15:03:12 | 001,525,760 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll
[2013/02/24 15:03:12 | 000,211,968 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll
[2013/02/10 15:15:04 | 000,384,472 | ---- | C] () -- C:\Windows\System32\swscale-lav-2.dll
[2013/02/10 15:15:04 | 000,188,072 | ---- | C] () -- C:\Windows\System32\libbluray.dll
[2013/02/10 15:15:02 | 007,833,552 | ---- | C] () -- C:\Windows\System32\avcodec-lav-54.dll
[2013/02/10 15:15:02 | 001,256,952 | ---- | C] () -- C:\Windows\System32\avformat-lav-54.dll
[2013/02/10 15:15:02 | 000,247,920 | ---- | C] () -- C:\Windows\System32\avutil-lav-52.dll
[2013/02/10 15:15:02 | 000,169,888 | ---- | C] () -- C:\Windows\System32\avfilter-lav-3.dll
[2013/02/10 15:15:02 | 000,165,160 | ---- | C] () -- C:\Windows\System32\avresample-lav-1.dll
========== ZeroAccess Check ==========
[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009/07/14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2014/03/04 20:38:33 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Autodesk
[2014/01/12 21:14:45 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\AVAST Software
[2014/05/01 15:52:05 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Canneverbe Limited
[2014/01/20 19:46:31 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\DAEMON Tools Lite
[2014/01/24 21:01:14 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Downloaded Installations
[2014/01/24 21:03:26 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\FileOpen
[2014/08/28 10:43:21 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\FlvtoConverter
[2014/04/07 17:20:31 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\GHISLER
[2014/12/08 21:05:24 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\IObit
[2014/03/22 22:03:19 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Nitro
[2015/01/07 21:06:06 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Nitro PDF
[2014/01/25 20:24:49 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Notepad++
[2014/03/09 15:28:09 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\PKWARE
[2014/12/08 21:06:30 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\ProductData
[2014/01/25 23:05:48 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Seznam.cz
[2014/01/22 20:21:55 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Siemens
[2014/04/06 14:28:04 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\SIEMENS AG
[2014/07/04 18:47:15 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\SketchUp
[2014/12/08 21:12:21 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\uTorrent
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009/07/14 05:53:46 | 000,032,528 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/07/14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2014/01/19 20:33:43 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014/04/03 19:50:26 | 000,000,920 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014/04/03 19:50:27 | 000,000,924 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< >
< MD5 for: ATAPI.SYS >
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\System32\autochk.exe
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
< MD5 for: CDROM.SYS >
[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys
[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys
[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\explorer.exe
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SoftwareDistribution\Download\b23c9e49177e4877c3c32ef3b38f35ad\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\SoftwareDistribution\Download\b23c9e49177e4877c3c32ef3b38f35ad\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: HAL.DLL >
[2009/07/14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\System32\hal.dll
[2009/07/14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
< MD5 for: SCECLI.DLL >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
< MD5 for: SERVICES.EXE >
[2009/07/14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009/07/14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2014/10/01 11:09:16 | 000,761,656 | ---- | M] (MalwareBytes) MD5=C0AFB3C7E6C7CA3F6E42FF242BBBCB1F -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
< MD5 for: TCPIP.SYS >
[2009/07/14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\System32\drivers\tcpip.sys
[2009/07/14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013/01/03 06:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\SoftwareDistribution\Download\23d7661dc2a73222aa66aa721bf7026c\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2013/01/04 05:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\SoftwareDistribution\Download\23d7661dc2a73222aa66aa721bf7026c\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2013/01/03 06:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\SoftwareDistribution\Download\23d7661dc2a73222aa66aa721bf7026c\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2013/01/04 05:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\SoftwareDistribution\Download\23d7661dc2a73222aa66aa721bf7026c\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
< MD5 for: USERINIT.EXE >
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\SoftwareDistribution\Download\b23c9e49177e4877c3c32ef3b38f35ad\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\SoftwareDistribution\Download\b23c9e49177e4877c3c32ef3b38f35ad\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\System32\winlogon.exe
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2014/10/01 11:09:16 | 000,761,656 | ---- | M] (MalwareBytes) MD5=C0AFB3C7E6C7CA3F6E42FF242BBBCB1F -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
< >
< %systemroot%*.* /U /s >
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2014/01/19 20:50:22 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Adobe
[2014/12/08 21:05:18 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Apple Computer
[2014/03/04 20:38:33 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Autodesk
[2014/01/12 21:14:45 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\AVAST Software
[2014/05/01 15:52:05 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Canneverbe Limited
[2014/01/20 19:46:31 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\DAEMON Tools Lite
[2014/01/24 21:01:14 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Downloaded Installations
[2014/01/24 21:03:26 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\FileOpen
[2014/08/28 10:43:21 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\FlvtoConverter
[2014/04/07 17:20:31 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\GHISLER
[2014/02/25 22:14:07 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Help
[2014/01/12 13:05:06 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Identities
[2014/01/12 20:13:02 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\InstallShield
[2014/12/08 21:05:24 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\IObit
[2014/01/19 20:50:22 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Macromedia
[2014/12/08 21:22:26 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Malwarebytes
[2009/07/14 10:20:06 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Media Center Programs
[2014/05/11 17:57:13 | 000,000,000 | --SD | M] -- C:\Users\Andrej\AppData\Roaming\Microsoft
[2014/01/12 20:35:32 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Mozilla
[2014/03/22 22:03:19 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Nitro
[2015/01/07 21:06:06 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Nitro PDF
[2014/01/25 20:24:49 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Notepad++
[2014/03/09 15:28:09 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\PKWARE
[2014/12/08 21:06:30 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\ProductData
[2014/01/25 23:05:48 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Seznam.cz
[2014/01/22 20:21:55 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Siemens
[2014/04/06 14:28:04 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\SIEMENS AG
[2014/07/04 18:47:15 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\SketchUp
[2014/12/08 21:12:21 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\uTorrent
[2014/11/24 21:07:26 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\vlc
[2014/01/12 13:51:12 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2014/01/12 13:21:48 | 001,431,040 | R--- | M] () -- C:\Users\Andrej\AppData\Roaming\Microsoft\Installer\{5C47C8B6-77FF-4FC7-A388-66FCF9CFC24C}\Icon0E6ED660.exe
[2014/11/16 12:44:40 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Users\Andrej\AppData\Roaming\uTorrent\uTorrent.exe
[2014/01/26 12:51:17 | 001,307,736 | ---- | M] (BitTorrent Inc.) -- C:\Users\Andrej\AppData\Roaming\uTorrent\updates\3.3.2_30488.exe
[2014/04/29 12:13:24 | 001,270,352 | ---- | M] (BitTorrent Inc.) -- C:\Users\Andrej\AppData\Roaming\uTorrent\updates\3.4.1_30888.exe
[2014/05/11 17:05:23 | 001,272,400 | ---- | M] (BitTorrent Inc.) -- C:\Users\Andrej\AppData\Roaming\uTorrent\updates\3.4.1_31139.exe
[2014/06/16 18:18:57 | 001,267,536 | ---- | M] (BitTorrent Inc.) -- C:\Users\Andrej\AppData\Roaming\uTorrent\updates\3.4.1_31395.exe
[2014/07/05 10:46:12 | 001,322,832 | ---- | M] (BitTorrent Inc.) -- C:\Users\Andrej\AppData\Roaming\uTorrent\updates\3.4.2_32126.exe
[2014/09/15 10:22:06 | 001,414,992 | ---- | M] (BitTorrent Inc.) -- C:\Users\Andrej\AppData\Roaming\uTorrent\updates\3.4.2_33870.exe
[2014/11/09 11:42:33 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Users\Andrej\AppData\Roaming\uTorrent\updates\3.4.2_34944.exe
[2014/11/16 12:44:40 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Users\Andrej\AppData\Roaming\uTorrent\updates\3.4.2_35702.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2015/01/07 16:59:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2015/01/07 21:05:57 | 000,000,920 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2015/01/07 21:16:00 | 000,000,924 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2015/01/05 21:37:14 | 000,009,584 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/01/05 21:37:14 | 000,009,584 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2013/10/28 09:29:38 | 003,675,352 | ---- | M] (Disc Soft Ltd)
"Advanced SystemCare 8" = "C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto -- [2014/11/07 18:54:58 | 002,425,632 | ---- | M] (IObit)
"Flvto Youtube Downloader" = "C:\Program Files\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe" /minimize -- [2014/11/26 16:02:18 | 000,493,568 | ---- | M] (Hotger)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2014/12/15 21:25:21 | 000,337,520 | ---- | M] (Mozilla Corporation) MD5=DADDD62BEDC91BC96CFC794A2CA0D94A -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009/07/14 02:17:29 | 000,673,048 | ---- | M] (Microsoft Corporation) MD5=2C32E3E596CFE660353753EABEFB0540 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2015/01/07 21:36:49 | 000,000,512 | ---- | M] () MD5=B6FFDE4D41037C10526CEB53FCC6231B -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2014/12/08 20:52:55 | 000,014,373 | ---- | M] () -- \Users\Andrej\AppData\Roaming\uTorrent\IObit Advanced SystemCare PRO 8.0.3.588 Final Incl. Crack [ATOM].torrent
< *keygen* /s >
< *loader* /s >
[2013/02/08 11:31:33 | 000,024,392 | ---- | M] () -- \Program Files\Autodesk\DWG TrueView 2014\AecLoader.arx
[2012/05/25 02:55:49 | 000,003,208 | ---- | M] () -- \Program Files\Autodesk\DWG TrueView 2014\GeoMapHtml\assets\icon\ajax-loader.gif
[2014/11/16 12:38:14 | 000,072,480 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2008/04/21 21:19:04 | 000,061,952 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7Debug\coloader80.dll
[2008/04/21 16:21:56 | 000,004,608 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7Debug\coloader80.tlb
[2010/03/24 20:12:34 | 000,249,680 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010/03/24 20:12:34 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2014/11/26 16:02:18 | 000,493,568 | ---- | M] () -- \Program Files\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe
[2014/11/24 10:24:10 | 000,004,529 | ---- | M] () -- \Program Files\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe.config
[2014/12/16 21:39:20 | 000,176,255 | ---- | M] () -- \Program Files\Flvto Youtube Downloader\UninstallFlvtoYoutubeDownloader.exe
[2014/11/26 16:02:18 | 000,013,312 | ---- | M] () -- \Program Files\Flvto Youtube Downloader\de-DE\FlvtoYoutubeDownloader.resources.dll
[2014/11/26 16:02:18 | 000,012,288 | ---- | M] () -- \Program Files\Flvto Youtube Downloader\en-US\FlvtoYoutubeDownloader.resources.dll
[2014/11/26 16:02:18 | 000,013,312 | ---- | M] () -- \Program Files\Flvto Youtube Downloader\it-IT\FlvtoYoutubeDownloader.resources.dll
[2014/11/26 16:02:18 | 000,013,312 | ---- | M] () -- \Program Files\Flvto Youtube Downloader\pt-PT\FlvtoYoutubeDownloader.resources.dll
[2014/10/31 10:14:34 | 000,979,232 | ---- | M] () -- \Program Files\IObit\Advanced SystemCare 8\ActionCenterDownloader.exe
[2015/01/07 21:07:11 | 002,158,880 | ---- | M] () -- \Program Files\IObit\IObit Uninstaller\Downloader.exe
[2005/10/14 03:49:48 | 000,017,624 | ---- | M] () -- \Program Files\Microsoft SQL Server\90\Tools\Binn\SqlResourceLoader.dll
[2005/10/14 03:49:48 | 000,017,624 | ---- | M] () -- \Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SqlResourceLoader.dll
[2005/10/14 01:49:48 | 000,017,624 | ---- | M] () -- \Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\SqlResourceLoader.dll
[2010/07/28 04:38:12 | 000,008,787 | ---- | M] () -- \Program Files\Notepad++\user.manual\sites\all\modules\fancy_login\images\ajax-loader.gif
[2011/06/30 13:40:52 | 000,012,288 | ---- | M] () -- \Program Files\Siemens\S7-PCT\bin\Siemens.Simatic.Pct.ApplicationLoader.exe
[2008/09/04 12:04:14 | 000,002,375 | ---- | M] () -- \Program Files\Siemens\S7-PCT\bin\Siemens.Simatic.Pct.ApplicationLoader.exe.config
[2011/03/08 09:40:44 | 000,000,000 | ---- | M] () -- \Program Files\Siemens\S7-PCT\bin\Siemens.Simatic.Pct.ApplicationLoader.exe.local
[2011/11/23 22:34:20 | 000,757,760 | ---- | M] () -- \Program Files\Siemens\WinCC\bin\CCDeltaLoader.exe
[2011/11/15 02:46:54 | 000,092,672 | ---- | M] () -- \Program Files\Siemens\WinCC\bin\CCDeltaLoaderenu.lng
[2011/11/23 23:03:22 | 000,100,352 | ---- | M] () -- \Program Files\Siemens\WinCC\bin\CCRtsLoader.exe
[2014/06/03 18:34:02 | 000,040,004 | ---- | M] () -- \Program Files\Siemens\WinCC\diagnose\CCDeltaLoader.Log
[2011/11/23 22:07:04 | 000,010,876 | ---- | M] () -- \Program Files\Siemens\WinCC\interfaces\CCDeltaLoaderIntern.tlb
[2011/11/23 22:10:02 | 000,001,240 | ---- | M] () -- \Program Files\Siemens\WinCC\interfaces\CCDmRtLoader.tlb
[2014/05/27 08:39:38 | 000,000,231 | ---- | M] () -- \Program Files\SketchUp\SketchUp 2014\ShippedExtensions\su_advancedcameratools\actloader.rb
[2014/05/27 08:39:38 | 000,000,517 | ---- | M] () -- \Program Files\SketchUp\SketchUp 2014\ShippedExtensions\su_dynamiccomponents\ruby\dcloader.rb
[2014/05/27 08:39:40 | 000,030,681 | ---- | M] () -- \Program Files\SketchUp\SketchUp 2014\ShippedExtensions\su_webtextures\webtextures_loader.rb
[2011/05/26 21:46:58 | 000,002,020 | ---- | M] () -- \Program Files\SketchUp\SketchUp 2014\Tools\ZLoader__RoundCorner.rb
[2009/04/10 20:37:18 | 000,000,058 | ---- | M] () -- \Program Files\SketchUp\SketchUp 2014\Tools\ROUNDCORNER_Dir_23\__loader.rb
[2014/05/27 08:39:40 | 000,000,164 | ---- | M] () -- \Program Files\SketchUp\SketchUp 2014\Tools\RubyStdLib\rake\default_loader.rb
[2014/05/27 08:39:40 | 000,000,341 | ---- | M] () -- \Program Files\SketchUp\SketchUp 2014\Tools\RubyStdLib\rake\rake_test_loader.rb
[2015/01/07 21:07:11 | 000,055,004 | ---- | M] () -- \ProgramData\IObit\ASCDownloader\Downloader.log
[2014/12/16 21:39:19 | 000,002,039 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Flvto Youtube Downloader\Flvto Youtube Downloader.lnk
[2014/12/16 21:39:20 | 000,001,024 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Flvto Youtube Downloader\Uninstall Flvto Youtube Downloader.lnk
[2014/02/05 13:23:26 | 000,002,192 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Siemens Automation\SIMATIC\STEP 7\NCM S7\Firmware Loader.lnk
[2015/01/07 21:07:11 | 000,055,004 | ---- | M] () -- \Users\All Users\IObit\ASCDownloader\Downloader.log
[2014/12/16 21:39:19 | 000,002,039 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Flvto Youtube Downloader\Flvto Youtube Downloader.lnk
[2014/12/16 21:39:20 | 000,001,024 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Flvto Youtube Downloader\Uninstall Flvto Youtube Downloader.lnk
[2014/02/05 13:23:26 | 000,002,192 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Siemens Automation\SIMATIC\STEP 7\NCM S7\Firmware Loader.lnk
[2014/01/20 19:43:58 | 000,057,728 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2014/01/20 19:43:58 | 000,057,728 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2014/01/20 19:43:58 | 000,057,728 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2014/01/20 19:43:59 | 000,057,728 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin3\dt_dadget_loader.png
[2014/01/20 19:43:59 | 000,057,728 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin4\dt_dadget_loader.png
[2014/01/20 19:43:59 | 000,061,770 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin5\dt_dadget_loader.png
[2014/01/20 19:43:59 | 000,061,770 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin6\dt_dadget_loader.png
[2014/05/27 08:39:38 | 000,000,231 | ---- | M] () -- \Users\Andrej\AppData\Roaming\SketchUp\SketchUp 2014\SketchUp\Plugins\su_advancedcameratools\actloader.rb
[2014/05/27 08:39:38 | 000,000,517 | ---- | M] () -- \Users\Andrej\AppData\Roaming\SketchUp\SketchUp 2014\SketchUp\Plugins\su_dynamiccomponents\ruby\dcloader.rb
[2014/05/27 08:39:40 | 000,030,681 | ---- | M] () -- \Users\Andrej\AppData\Roaming\SketchUp\SketchUp 2014\SketchUp\Plugins\su_webtextures\webtextures_loader.rb
[2005/09/23 04:24:22 | 000,061,440 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\0C364DD1A05A49347B4E85590CF2E9D0\9.0.1399\FL_coloader80_dll_128691_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
[2005/09/22 23:23:44 | 000,004,608 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\0C364DD1A05A49347B4E85590CF2E9D0\9.0.1399\FL_coloader80_tlb_128927_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
[2014/02/05 13:35:11 | 000,003,262 | R--- | M] () -- \Windows\Installer\{D596A641-C584-4667-8802-50FE80241A2E}\Siemens.Simatic.Pct.ApplicationLoader.exe.ico
[2015/01/07 21:08:26 | 000,211,340 | ---- | M] () -- \Windows\Prefetch\FLVTOYOUTUBEDOWNLOADER.EXE-6A3105AC.pf
[2012/11/30 05:56:23 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4406d799e312fb134137b38979f418fe\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:44:10 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4406d799e312fb134137b38979f418fe\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:45:15 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4406d799e312fb134137b38979f418fe\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4406d799e312fb134137b38979f418fe\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009/07/14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009/07/14 09:43:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009/07/14 09:43:57 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009/07/14 09:43:57 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2009/07/14 03:17:55 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009/07/14 03:17:55 | 000,507,568 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9_winload.exe_75835076
[2009/07/14 03:17:55 | 000,442,920 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9_winresume.exe_85cd1215
[2009/07/14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009/07/14 09:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009/07/14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009/07/14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Andrej\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy
2,99 Gb Total Physical Memory | 1,75 Gb Available Physical Memory | 58,64% Memory free
5,98 Gb Paging File | 4,60 Gb Available in Paging File | 76,86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 151,42 Gb Total Space | 120,34 Gb Free Space | 79,48% Space Free | Partition Type: NTFS
Drive D: | 299,39 Gb Total Space | 37,94 Gb Free Space | 12,67% Space Free | Partition Type: NTFS
Computer Name: ANDREJ-PC | User Name: Andrej | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2015/01/07 21:30:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Andrej\Desktop\OTL.exe
PRC - [2014/12/15 21:25:21 | 000,337,520 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014/12/15 21:19:01 | 005,227,112 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014/12/08 21:05:10 | 000,182,048 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
PRC - [2014/11/26 16:02:18 | 000,493,568 | ---- | M] (Hotger) -- C:\Program Files\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe
PRC - [2014/11/16 12:38:14 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/11/07 18:54:58 | 002,425,632 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe
PRC - [2014/11/07 18:00:58 | 001,743,136 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe
PRC - [2014/11/04 13:19:48 | 000,815,392 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe
PRC - [2013/07/26 06:48:28 | 000,196,624 | ---- | M] (Nitro PDF Software) -- C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
PRC - [2013/02/24 21:04:04 | 000,704,008 | ---- | M] () -- C:\Windows\System32\C2MP\TrayMenu.exe
PRC - [2011/12/11 21:07:24 | 001,138,312 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe
PRC - [2011/11/23 22:26:56 | 001,464,832 | ---- | M] (SIEMENS AG) -- C:\Program Files\Siemens\WinCC\bin\CCProjectMgr.exe
PRC - [2011/11/23 13:01:10 | 000,098,304 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\commonarchiving\CCDBUtils.exe
PRC - [2011/11/14 20:21:20 | 000,245,248 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe
PRC - [2011/11/14 16:18:46 | 000,163,328 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe
PRC - [2011/11/14 14:47:58 | 000,264,704 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe
PRC - [2011/11/14 14:37:24 | 000,363,008 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\ace\bin\CCAgent.exe
PRC - [2011/11/09 19:51:34 | 000,218,960 | ---- | M] (Siemens AG) -- C:\Program Files\Common Files\Siemens\AlmPanelPlugin\ALMPanelPlugin.exe
PRC - [2011/11/04 01:41:34 | 000,556,168 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe
PRC - [2011/11/04 01:41:30 | 000,412,808 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
PRC - [2011/10/25 11:23:08 | 009,079,296 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\SimNetCom\pniopcac.exe
PRC - [2011/10/24 11:03:54 | 002,087,424 | ---- | M] (SIEMENS AG) -- C:\Program Files\Common Files\Siemens\SimNetCom\pniomgr.exe
PRC - [2011/05/30 15:40:44 | 000,061,493 | ---- | M] (SIEMENS AG) -- C:\Program Files\Siemens\Step7\S7BIN\s7hspsvx.exe
PRC - [2009/10/15 11:06:52 | 000,053,064 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 9\TscHelp.exe
PRC - [2009/10/15 11:06:50 | 000,066,888 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 9\SnagPriv.exe
PRC - [2009/10/15 11:06:46 | 007,168,328 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 9\SnagitEditor.exe
PRC - [2009/10/15 11:06:46 | 006,287,176 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 9\Snagit32.exe
PRC - [2009/07/14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
========== Modules (No Company Name) ==========
MOD - [2014/12/20 10:26:34 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\eef171dee81858018c3956485fff7ba7\System.Management.ni.dll
MOD - [2014/12/20 10:16:57 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\66df2eefe4c9863dce8aa401bb67eaf6\System.Runtime.Remoting.ni.dll
MOD - [2014/12/20 10:16:54 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\e4f2a7b1e685e937ccefac6ff0a36b27\System.Runtime.DurableInstancing.ni.dll
MOD - [2014/12/20 10:16:53 | 002,647,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\ca261c617636f2ff269d6233b19f97b8\System.Runtime.Serialization.ni.dll
MOD - [2014/12/20 10:16:53 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\4e6da16e44ef441e463e006185b1b5d8\SMDiagnostics.ni.dll
MOD - [2014/12/20 10:16:51 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\706f0cbe7c279c059b52ad8b4bd248d8\System.Xml.Linq.ni.dll
MOD - [2014/12/20 10:16:25 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b9942cb07813f553f6d6374dd4541362\System.Xaml.ni.dll
MOD - [2014/12/20 10:10:18 | 013,102,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\22b02a62cf5c0713597d919d7f983ae5\System.Windows.Forms.ni.dll
MOD - [2014/12/20 10:10:08 | 001,653,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\2c958d61dd28474ec780db9d18d266ae\System.Drawing.ni.dll
MOD - [2014/12/20 10:09:53 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\1c5b741f270fccb3b527b4fc3a8431f3\PresentationFramework.Aero.ni.dll
MOD - [2014/12/20 10:09:51 | 018,000,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\bd3685e578c22d17625390d847973de0\PresentationFramework.ni.dll
MOD - [2014/12/20 10:09:34 | 011,450,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\008fbb2e42b3c2569ff58d651575ff29\PresentationCore.ni.dll
MOD - [2014/12/20 10:09:23 | 003,858,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\c0c7b3ff43f1b29cad7dde24bdbd5b79\WindowsBase.ni.dll
MOD - [2014/12/20 10:09:14 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\68345d6b57fe33c9a94fe6a72ab5e85e\System.Xml.ni.dll
MOD - [2014/12/20 10:09:10 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\6757251401cd9c17d5e608db6e5f964a\System.Configuration.ni.dll
MOD - [2014/12/20 10:09:07 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\b7409080f31b0a702281b68c37bac326\System.Core.ni.dll
MOD - [2014/12/20 10:08:59 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\57e066d0b97757dbd26d59302c3d701a\System.ni.dll
MOD - [2014/12/20 10:08:52 | 014,414,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\e5b31f3bb6508df0dc7c20ddc72f3191\mscorlib.ni.dll
MOD - [2014/12/15 21:25:20 | 003,758,192 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2014/11/16 12:38:19 | 038,562,088 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/10/16 10:26:28 | 000,622,880 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 8\ProductStatistics.dll
MOD - [2013/02/24 21:04:04 | 000,704,008 | ---- | M] () -- C:\Windows\System32\C2MP\TrayMenu.exe
MOD - [2013/01/15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files\IObit\IObit Uninstaller\madexcept_.bpl
MOD - [2013/01/15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 8\madexcept_.bpl
MOD - [2013/01/15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files\IObit\IObit Uninstaller\maddisAsm_.bpl
MOD - [2013/01/15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 8\maddisAsm_.bpl
MOD - [2013/01/15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files\IObit\IObit Uninstaller\madbasic_.bpl
MOD - [2013/01/15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 8\madbasic_.bpl
MOD - [2013/01/15 18:47:56 | 000,893,248 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 8\webres.dll
MOD - [2011/03/02 12:40:52 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2011/02/09 01:56:38 | 000,296,448 | ---- | M] () -- C:\Program Files\Notepad++\NppShell_04.dll
MOD - [2010/01/30 02:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009/10/15 11:06:44 | 004,715,848 | R--- | M] () -- C:\Program Files\TechSmith\Snagit 9\PDFNetC.dll
========== Services (SafeList) ==========
SRV - [2014/12/15 21:25:20 | 000,114,800 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/12/11 20:57:21 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/11/16 12:38:14 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014/11/04 13:33:58 | 002,630,432 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2014/11/04 13:19:48 | 000,815,392 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe -- (AdvancedSystemCareService8)
SRV - [2014/02/11 13:29:41 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2013/07/26 06:48:28 | 000,196,624 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe -- (NitroReaderDriverReadSpool3)
SRV - [2011/12/11 21:07:24 | 001,138,312 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe -- (almservice)
SRV - [2011/11/23 23:21:54 | 000,332,800 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCSsmRTServer.exe -- (CCSsmRTServer)
SRV - [2011/11/23 23:12:26 | 000,072,192 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCProfileServer.exe -- (CCProfileServer)
SRV - [2011/11/23 23:08:46 | 000,119,808 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CcAlgRtServer.exe -- (CCAlgRtServer)
SRV - [2011/11/23 23:06:00 | 000,489,472 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\Bin\CCLicenseService.exe -- (CCLicenseService)
SRV - [2011/11/23 23:00:42 | 000,372,224 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCTextServer.exe -- (CCTextServer)
SRV - [2011/11/23 23:00:36 | 000,091,648 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCTlgServer.exe -- (CCTlgServer)
SRV - [2011/11/23 22:59:04 | 001,311,232 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCUsrAcv.exe -- (CCUsrAcv)
SRV - [2011/11/23 22:34:50 | 000,450,560 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCPackageMgr.exe -- (CCPackageMgr)
SRV - [2011/11/23 22:34:20 | 000,757,760 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCDeltaLoader.exe -- (CCDeltaLoader)
SRV - [2011/11/23 22:32:10 | 000,299,520 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCTMTimeSyncServer.exe -- (CCTMTimeSyncServer)
SRV - [2011/11/23 22:31:10 | 000,646,144 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCNSInfo2Provider.exe -- (CCNSInfo2Provider)
SRV - [2011/11/23 22:30:04 | 000,195,072 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCLBMRTServer.exe -- (CCLBMRTServer)
SRV - [2011/11/23 22:29:40 | 000,436,736 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCCSigRTServer.exe -- (CCCSigRTServer)
SRV - [2011/11/23 22:28:46 | 000,331,776 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\bin\CCPtmRTServer.exe -- (CCPtmRTServer)
SRV - [2011/11/23 22:26:56 | 001,464,832 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Siemens\WinCC\bin\CCProjectMgr.exe -- (CCProjectMgr)
SRV - [2011/11/23 16:00:22 | 000,188,416 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\UAWrapper\CCRT2UA.exe -- (XR_CCOPC.UAWrapper)
SRV - [2011/11/23 16:00:04 | 000,188,416 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\XMLDataAccess\bin\CCRT2XML.exe -- (XR_CCOPC.XMLWrapper)
SRV - [2011/11/23 15:59:00 | 000,344,064 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\XMLDataAccess\bin\DA2XML.exe -- (CCOPC.XMLWrapper)
SRV - [2011/11/23 15:59:00 | 000,344,064 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Siemens\WinCC\OPC\UAWrapper\DA2UA.exe -- (CCOPC.UAWrapper)
SRV - [2011/11/23 13:10:30 | 000,856,064 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\commonarchiving\CCRedundancyAgent.exe -- (CCRedundancyAgent-Service)
SRV - [2011/11/23 13:01:10 | 000,098,304 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\commonarchiving\CCDBUtils.exe -- (CCDBUtils)
SRV - [2011/11/23 12:59:42 | 000,757,760 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\commonarchiving\CCArchiveManager.exe -- (CCArchiveManagerService)
SRV - [2011/11/14 20:31:38 | 000,486,400 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe -- (RedundancyControl)
SRV - [2011/11/14 20:21:20 | 000,245,248 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe -- (CCEServer)
SRV - [2011/11/14 16:18:46 | 000,163,328 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe -- (SCSMonitor)
SRV - [2011/11/14 15:46:46 | 000,101,888 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\ace\bin\SCSFsX.exe -- (SCSFsX)
SRV - [2011/11/14 15:34:08 | 000,198,144 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\ace\bin\RedundancyState.exe -- (RedundancyState)
SRV - [2011/11/14 14:47:58 | 000,264,704 | ---- | M] (SIEMENS AG) [On_Demand | Running] -- C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe -- (CCEClient)
SRV - [2011/11/14 14:37:24 | 000,363,008 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\ace\bin\CCAgent.exe -- (CCAgent)
SRV - [2011/11/10 12:58:36 | 000,716,288 | ---- | M] (SIEMENS AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Siemens\Bin\CCPerfMon.exe -- (CCPerfMon)
SRV - [2011/11/04 01:41:34 | 000,556,168 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe -- (S7TraceServiceX)
SRV - [2011/11/04 01:41:30 | 000,412,808 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe -- (s7oiehsx)
SRV - [2011/05/30 15:40:44 | 000,061,493 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Program Files\Siemens\Step7\S7BIN\s7hspsvx.exe -- (s7hspsvx)
SRV - [2010/03/25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/02/05 03:04:08 | 000,139,488 | ---- | M] (OPC Foundation) [On_Demand | Stopped] -- C:\Windows\System32\OpcEnum.exe -- (OpcEnum)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\HmPci.sys -- (HmPci)
DRV - File not found [Adapter | Auto | Unknown] -- -- (CP5711_1)
DRV - [2014/11/22 10:09:59 | 000,787,800 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsnx.sys -- (aswSnx)
DRV - [2014/11/20 20:43:22 | 000,423,784 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsp.sys -- (aswSP)
DRV - [2014/11/16 12:38:27 | 000,206,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/11/16 12:38:27 | 000,091,496 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswstm.sys -- (aswStm)
DRV - [2014/11/16 12:38:26 | 000,081,768 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2014/11/16 12:38:26 | 000,070,384 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014/11/16 12:38:26 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014/11/16 12:38:26 | 000,024,184 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2014/01/20 19:33:11 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011/10/11 19:13:20 | 000,343,888 | ---- | M] (SIEMENS AG) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SNTIE.SYS -- (SNTIE)
DRV - [2011/09/29 10:48:48 | 000,641,280 | ---- | M] (SIEMENS AG) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\s7ousbu32x.sys -- (s7ousbu32x)
DRV - [2011/09/29 10:47:06 | 000,182,784 | ---- | M] (SIEMENS AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\s7otsadx32.sys -- (s7otsadx32)
DRV - [2011/06/16 19:10:22 | 000,063,104 | ---- | M] (SIEMENS AG) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\s7sn2srtx.sys -- (s7sn2srtx)
DRV - [2011/05/06 05:08:10 | 000,521,216 | ---- | M] (SIEMENS AG) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\S7otranx32.sys -- (S7otranx32)
DRV - [2011/05/06 05:03:22 | 000,087,552 | ---- | M] (SIEMENS AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\S7odpx2x32.sys -- (S7odpx2x32)
DRV - [2011/04/19 19:22:46 | 000,994,944 | ---- | M] (SIEMENS AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cp5711.sys -- (cp5711)
DRV - [2011/04/19 19:22:04 | 000,288,256 | ---- | M] (SIEMENS AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\dpmconv32.sys -- (dpmconv)
DRV - [2011/04/19 19:20:28 | 000,140,288 | ---- | M] (SIEMENS AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsnl2ada32.sys -- (vsnl2ada)
DRV - [2010/03/22 20:35:44 | 000,072,248 | ---- | M] (SIEMENS AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\DPMTRCDD32.sys -- (DPMTRCDD)
DRV - [2009/12/11 15:24:36 | 000,182,304 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/11/06 12:53:58 | 001,227,776 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/07/14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009/07/14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009/07/14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009/07/14 01:11:04 | 000,141,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mqac.sys -- (MQAC)
DRV - [2009/07/14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2004/06/03 11:30:04 | 000,056,080 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\dlc.sys -- (Dlc)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-987201152-1341176263-1292834751-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DC 66 FD F2 FF 36 CF 01 [binary data]
IE - HKU\S-1-5-21-987201152-1341176263-1292834751-1000\..\SearchScopes,DefaultScope = {44970120-AF3C-450E-AAA6-F4E3AF52D246}
IE - HKU\S-1-5-21-987201152-1341176263-1292834751-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-987201152-1341176263-1292834751-1000\..\SearchScopes\{44970120-AF3C-450E-AAA6-F4E3AF52D246}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-987201152-1341176263-1292834751-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-987201152-1341176263-1292834751-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "https://www.google.sk/"
FF - prefs.js..extensions.enabledAddons: %7B66E978CD-981F-47DF-AC42-E3CF417C1467%7D:0.4.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:34.0.5
FF - prefs.js..keyword.url: "http://www.default-search.net/search?si ... &src=ds&p="
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/11/16 12:38:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2014/01/12 20:35:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Extensions
[2015/01/07 17:06:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions
[2014/12/08 21:05:18 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions\iobitascsurfingprotection@iobit.com
[2014/07/12 10:22:43 | 000,023,277 | ---- | M] () (No name found) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions\HomepageNewTab@neocodex.us.xpi
[2014/01/12 20:40:34 | 000,003,793 | ---- | M] () (No name found) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi
[2014/11/16 12:40:03 | 000,979,699 | ---- | M] () (No name found) -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/05/01 16:11:38 | 000,008,061 | ---- | M] () -- C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\searchplugins\yahoo_ff.xml
[2014/12/15 21:25:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/12/15 21:25:21 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2014/12/08 21:10:38 | 000,000,880 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.iobit.com
O1 - Hosts: 127.0.0.1 www.asc55.iobit.com
O2 - BHO: (no name) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - No CLSID value found.
O2 - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-987201152-1341176263-1292834751-1000\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-987201152-1341176263-1292834751-1000..\Run: [Advanced SystemCare 8] C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-987201152-1341176263-1292834751-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-987201152-1341176263-1292834751-1000..\Run: [Flvto Youtube Downloader] C:\Program Files\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe (Hotger)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 9.lnk = C:\Program Files\TechSmith\Snagit 9\Snagit32.exe (TechSmith Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{902C4F20-5398-4BCB-A4F8-01DEC0396CF4}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: x64 - (c:\program files\settings manager\smdmf\x64\sysapcrt.dll) - File not found
O36 - AppCertDlls: x86 - (c:\program files\settings manager\smdmf\sysapcrt.dll) - File not found
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.divxa32 - C:\Windows\System32\DivXa32.acm (Packed With Joy !)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.ffds - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.lags - C:\Windows\System32\Lagarith.dll ( )
Drivers32: vidc.x264 - C:\Windows\System32\x264vfw.dll (x264vfw project)
Drivers32: vidc.xvid - C:\Windows\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2015/01/07 21:30:30 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Andrej\Desktop\OTL.exe
[2015/01/07 21:13:01 | 000,000,000 | ---D | C] -- C:\FRST
[2015/01/07 21:11:49 | 001,115,648 | ---- | C] (Farbar) -- C:\Users\Andrej\Desktop\FRST.exe
========== Files - Modified Within 7 Days ==========
[2015/01/07 21:36:49 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015/01/07 21:30:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Andrej\Desktop\OTL.exe
[2015/01/07 21:16:00 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/01/07 21:11:49 | 001,115,648 | ---- | M] (Farbar) -- C:\Users\Andrej\Desktop\FRST.exe
[2015/01/07 21:05:57 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/01/07 21:05:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/01/07 21:05:09 | 2408,722,432 | -HS- | M] () -- C:\hiberfil.sys
[2015/01/07 16:59:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/01/05 21:37:14 | 000,009,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/01/05 21:37:14 | 000,009,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
========== Files Created - No Company Name ==========
[2014/05/30 10:00:20 | 000,024,184 | ---- | C] () -- C:\Windows\System32\drivers\aswHwid.sys
[2014/01/22 20:21:10 | 000,000,268 | ---- | C] () -- C:\Windows\ODBC.INI
[2014/01/22 20:10:01 | 000,000,000 | ---- | C] () -- C:\Windows\PDLSERV.INI
[2014/01/12 21:09:34 | 000,206,248 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/01/12 21:09:32 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/01/12 19:31:42 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2013/02/24 22:14:24 | 000,038,720 | ---- | C] () -- C:\Windows\System32\dischandler.exe
[2013/02/24 15:05:32 | 003,915,776 | ---- | C] () -- C:\Windows\System32\ffmpeg.dll
[2013/02/24 15:04:30 | 000,112,640 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2013/02/24 15:03:22 | 000,271,360 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2013/02/24 15:03:20 | 000,099,840 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2013/02/24 15:03:18 | 000,157,184 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll
[2013/02/24 15:03:16 | 000,147,456 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll
[2013/02/24 15:03:14 | 000,114,688 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll
[2013/02/24 15:03:12 | 001,525,760 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll
[2013/02/24 15:03:12 | 000,211,968 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll
[2013/02/10 15:15:04 | 000,384,472 | ---- | C] () -- C:\Windows\System32\swscale-lav-2.dll
[2013/02/10 15:15:04 | 000,188,072 | ---- | C] () -- C:\Windows\System32\libbluray.dll
[2013/02/10 15:15:02 | 007,833,552 | ---- | C] () -- C:\Windows\System32\avcodec-lav-54.dll
[2013/02/10 15:15:02 | 001,256,952 | ---- | C] () -- C:\Windows\System32\avformat-lav-54.dll
[2013/02/10 15:15:02 | 000,247,920 | ---- | C] () -- C:\Windows\System32\avutil-lav-52.dll
[2013/02/10 15:15:02 | 000,169,888 | ---- | C] () -- C:\Windows\System32\avfilter-lav-3.dll
[2013/02/10 15:15:02 | 000,165,160 | ---- | C] () -- C:\Windows\System32\avresample-lav-1.dll
========== ZeroAccess Check ==========
[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009/07/14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2014/03/04 20:38:33 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Autodesk
[2014/01/12 21:14:45 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\AVAST Software
[2014/05/01 15:52:05 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Canneverbe Limited
[2014/01/20 19:46:31 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\DAEMON Tools Lite
[2014/01/24 21:01:14 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Downloaded Installations
[2014/01/24 21:03:26 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\FileOpen
[2014/08/28 10:43:21 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\FlvtoConverter
[2014/04/07 17:20:31 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\GHISLER
[2014/12/08 21:05:24 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\IObit
[2014/03/22 22:03:19 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Nitro
[2015/01/07 21:06:06 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Nitro PDF
[2014/01/25 20:24:49 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Notepad++
[2014/03/09 15:28:09 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\PKWARE
[2014/12/08 21:06:30 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\ProductData
[2014/01/25 23:05:48 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Seznam.cz
[2014/01/22 20:21:55 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Siemens
[2014/04/06 14:28:04 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\SIEMENS AG
[2014/07/04 18:47:15 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\SketchUp
[2014/12/08 21:12:21 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\uTorrent
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009/07/14 05:53:46 | 000,032,528 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/07/14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2014/01/19 20:33:43 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014/04/03 19:50:26 | 000,000,920 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014/04/03 19:50:27 | 000,000,924 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< >
< MD5 for: ATAPI.SYS >
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\System32\autochk.exe
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
< MD5 for: CDROM.SYS >
[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys
[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys
[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\explorer.exe
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SoftwareDistribution\Download\b23c9e49177e4877c3c32ef3b38f35ad\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\SoftwareDistribution\Download\b23c9e49177e4877c3c32ef3b38f35ad\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: HAL.DLL >
[2009/07/14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\System32\hal.dll
[2009/07/14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
< MD5 for: SCECLI.DLL >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
< MD5 for: SERVICES.EXE >
[2009/07/14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009/07/14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2014/10/01 11:09:16 | 000,761,656 | ---- | M] (MalwareBytes) MD5=C0AFB3C7E6C7CA3F6E42FF242BBBCB1F -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
< MD5 for: TCPIP.SYS >
[2009/07/14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\System32\drivers\tcpip.sys
[2009/07/14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013/01/03 06:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\SoftwareDistribution\Download\23d7661dc2a73222aa66aa721bf7026c\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2013/01/04 05:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\SoftwareDistribution\Download\23d7661dc2a73222aa66aa721bf7026c\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2013/01/03 06:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\SoftwareDistribution\Download\23d7661dc2a73222aa66aa721bf7026c\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2013/01/04 05:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\SoftwareDistribution\Download\23d7661dc2a73222aa66aa721bf7026c\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
< MD5 for: USERINIT.EXE >
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\SoftwareDistribution\Download\b23c9e49177e4877c3c32ef3b38f35ad\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\SoftwareDistribution\Download\b23c9e49177e4877c3c32ef3b38f35ad\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\System32\winlogon.exe
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2014/10/01 11:09:16 | 000,761,656 | ---- | M] (MalwareBytes) MD5=C0AFB3C7E6C7CA3F6E42FF242BBBCB1F -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
< >
< %systemroot%*.* /U /s >
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2014/01/19 20:50:22 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Adobe
[2014/12/08 21:05:18 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Apple Computer
[2014/03/04 20:38:33 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Autodesk
[2014/01/12 21:14:45 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\AVAST Software
[2014/05/01 15:52:05 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Canneverbe Limited
[2014/01/20 19:46:31 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\DAEMON Tools Lite
[2014/01/24 21:01:14 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Downloaded Installations
[2014/01/24 21:03:26 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\FileOpen
[2014/08/28 10:43:21 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\FlvtoConverter
[2014/04/07 17:20:31 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\GHISLER
[2014/02/25 22:14:07 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Help
[2014/01/12 13:05:06 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Identities
[2014/01/12 20:13:02 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\InstallShield
[2014/12/08 21:05:24 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\IObit
[2014/01/19 20:50:22 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Macromedia
[2014/12/08 21:22:26 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Malwarebytes
[2009/07/14 10:20:06 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Media Center Programs
[2014/05/11 17:57:13 | 000,000,000 | --SD | M] -- C:\Users\Andrej\AppData\Roaming\Microsoft
[2014/01/12 20:35:32 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Mozilla
[2014/03/22 22:03:19 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Nitro
[2015/01/07 21:06:06 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Nitro PDF
[2014/01/25 20:24:49 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Notepad++
[2014/03/09 15:28:09 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\PKWARE
[2014/12/08 21:06:30 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\ProductData
[2014/01/25 23:05:48 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Seznam.cz
[2014/01/22 20:21:55 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\Siemens
[2014/04/06 14:28:04 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\SIEMENS AG
[2014/07/04 18:47:15 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\SketchUp
[2014/12/08 21:12:21 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\uTorrent
[2014/11/24 21:07:26 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\vlc
[2014/01/12 13:51:12 | 000,000,000 | ---D | M] -- C:\Users\Andrej\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2014/01/12 13:21:48 | 001,431,040 | R--- | M] () -- C:\Users\Andrej\AppData\Roaming\Microsoft\Installer\{5C47C8B6-77FF-4FC7-A388-66FCF9CFC24C}\Icon0E6ED660.exe
[2014/11/16 12:44:40 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Users\Andrej\AppData\Roaming\uTorrent\uTorrent.exe
[2014/01/26 12:51:17 | 001,307,736 | ---- | M] (BitTorrent Inc.) -- C:\Users\Andrej\AppData\Roaming\uTorrent\updates\3.3.2_30488.exe
[2014/04/29 12:13:24 | 001,270,352 | ---- | M] (BitTorrent Inc.) -- C:\Users\Andrej\AppData\Roaming\uTorrent\updates\3.4.1_30888.exe
[2014/05/11 17:05:23 | 001,272,400 | ---- | M] (BitTorrent Inc.) -- C:\Users\Andrej\AppData\Roaming\uTorrent\updates\3.4.1_31139.exe
[2014/06/16 18:18:57 | 001,267,536 | ---- | M] (BitTorrent Inc.) -- C:\Users\Andrej\AppData\Roaming\uTorrent\updates\3.4.1_31395.exe
[2014/07/05 10:46:12 | 001,322,832 | ---- | M] (BitTorrent Inc.) -- C:\Users\Andrej\AppData\Roaming\uTorrent\updates\3.4.2_32126.exe
[2014/09/15 10:22:06 | 001,414,992 | ---- | M] (BitTorrent Inc.) -- C:\Users\Andrej\AppData\Roaming\uTorrent\updates\3.4.2_33870.exe
[2014/11/09 11:42:33 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Users\Andrej\AppData\Roaming\uTorrent\updates\3.4.2_34944.exe
[2014/11/16 12:44:40 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Users\Andrej\AppData\Roaming\uTorrent\updates\3.4.2_35702.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2015/01/07 16:59:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2015/01/07 21:05:57 | 000,000,920 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2015/01/07 21:16:00 | 000,000,924 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2015/01/05 21:37:14 | 000,009,584 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/01/05 21:37:14 | 000,009,584 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2013/10/28 09:29:38 | 003,675,352 | ---- | M] (Disc Soft Ltd)
"Advanced SystemCare 8" = "C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto -- [2014/11/07 18:54:58 | 002,425,632 | ---- | M] (IObit)
"Flvto Youtube Downloader" = "C:\Program Files\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe" /minimize -- [2014/11/26 16:02:18 | 000,493,568 | ---- | M] (Hotger)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2014/12/15 21:25:21 | 000,337,520 | ---- | M] (Mozilla Corporation) MD5=DADDD62BEDC91BC96CFC794A2CA0D94A -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009/07/14 02:17:29 | 000,673,048 | ---- | M] (Microsoft Corporation) MD5=2C32E3E596CFE660353753EABEFB0540 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2015/01/07 21:36:49 | 000,000,512 | ---- | M] () MD5=B6FFDE4D41037C10526CEB53FCC6231B -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2014/12/08 20:52:55 | 000,014,373 | ---- | M] () -- \Users\Andrej\AppData\Roaming\uTorrent\IObit Advanced SystemCare PRO 8.0.3.588 Final Incl. Crack [ATOM].torrent
< *keygen* /s >
< *loader* /s >
[2013/02/08 11:31:33 | 000,024,392 | ---- | M] () -- \Program Files\Autodesk\DWG TrueView 2014\AecLoader.arx
[2012/05/25 02:55:49 | 000,003,208 | ---- | M] () -- \Program Files\Autodesk\DWG TrueView 2014\GeoMapHtml\assets\icon\ajax-loader.gif
[2014/11/16 12:38:14 | 000,072,480 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2008/04/21 21:19:04 | 000,061,952 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7Debug\coloader80.dll
[2008/04/21 16:21:56 | 000,004,608 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7Debug\coloader80.tlb
[2010/03/24 20:12:34 | 000,249,680 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010/03/24 20:12:34 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2014/11/26 16:02:18 | 000,493,568 | ---- | M] () -- \Program Files\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe
[2014/11/24 10:24:10 | 000,004,529 | ---- | M] () -- \Program Files\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe.config
[2014/12/16 21:39:20 | 000,176,255 | ---- | M] () -- \Program Files\Flvto Youtube Downloader\UninstallFlvtoYoutubeDownloader.exe
[2014/11/26 16:02:18 | 000,013,312 | ---- | M] () -- \Program Files\Flvto Youtube Downloader\de-DE\FlvtoYoutubeDownloader.resources.dll
[2014/11/26 16:02:18 | 000,012,288 | ---- | M] () -- \Program Files\Flvto Youtube Downloader\en-US\FlvtoYoutubeDownloader.resources.dll
[2014/11/26 16:02:18 | 000,013,312 | ---- | M] () -- \Program Files\Flvto Youtube Downloader\it-IT\FlvtoYoutubeDownloader.resources.dll
[2014/11/26 16:02:18 | 000,013,312 | ---- | M] () -- \Program Files\Flvto Youtube Downloader\pt-PT\FlvtoYoutubeDownloader.resources.dll
[2014/10/31 10:14:34 | 000,979,232 | ---- | M] () -- \Program Files\IObit\Advanced SystemCare 8\ActionCenterDownloader.exe
[2015/01/07 21:07:11 | 002,158,880 | ---- | M] () -- \Program Files\IObit\IObit Uninstaller\Downloader.exe
[2005/10/14 03:49:48 | 000,017,624 | ---- | M] () -- \Program Files\Microsoft SQL Server\90\Tools\Binn\SqlResourceLoader.dll
[2005/10/14 03:49:48 | 000,017,624 | ---- | M] () -- \Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SqlResourceLoader.dll
[2005/10/14 01:49:48 | 000,017,624 | ---- | M] () -- \Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\SqlResourceLoader.dll
[2010/07/28 04:38:12 | 000,008,787 | ---- | M] () -- \Program Files\Notepad++\user.manual\sites\all\modules\fancy_login\images\ajax-loader.gif
[2011/06/30 13:40:52 | 000,012,288 | ---- | M] () -- \Program Files\Siemens\S7-PCT\bin\Siemens.Simatic.Pct.ApplicationLoader.exe
[2008/09/04 12:04:14 | 000,002,375 | ---- | M] () -- \Program Files\Siemens\S7-PCT\bin\Siemens.Simatic.Pct.ApplicationLoader.exe.config
[2011/03/08 09:40:44 | 000,000,000 | ---- | M] () -- \Program Files\Siemens\S7-PCT\bin\Siemens.Simatic.Pct.ApplicationLoader.exe.local
[2011/11/23 22:34:20 | 000,757,760 | ---- | M] () -- \Program Files\Siemens\WinCC\bin\CCDeltaLoader.exe
[2011/11/15 02:46:54 | 000,092,672 | ---- | M] () -- \Program Files\Siemens\WinCC\bin\CCDeltaLoaderenu.lng
[2011/11/23 23:03:22 | 000,100,352 | ---- | M] () -- \Program Files\Siemens\WinCC\bin\CCRtsLoader.exe
[2014/06/03 18:34:02 | 000,040,004 | ---- | M] () -- \Program Files\Siemens\WinCC\diagnose\CCDeltaLoader.Log
[2011/11/23 22:07:04 | 000,010,876 | ---- | M] () -- \Program Files\Siemens\WinCC\interfaces\CCDeltaLoaderIntern.tlb
[2011/11/23 22:10:02 | 000,001,240 | ---- | M] () -- \Program Files\Siemens\WinCC\interfaces\CCDmRtLoader.tlb
[2014/05/27 08:39:38 | 000,000,231 | ---- | M] () -- \Program Files\SketchUp\SketchUp 2014\ShippedExtensions\su_advancedcameratools\actloader.rb
[2014/05/27 08:39:38 | 000,000,517 | ---- | M] () -- \Program Files\SketchUp\SketchUp 2014\ShippedExtensions\su_dynamiccomponents\ruby\dcloader.rb
[2014/05/27 08:39:40 | 000,030,681 | ---- | M] () -- \Program Files\SketchUp\SketchUp 2014\ShippedExtensions\su_webtextures\webtextures_loader.rb
[2011/05/26 21:46:58 | 000,002,020 | ---- | M] () -- \Program Files\SketchUp\SketchUp 2014\Tools\ZLoader__RoundCorner.rb
[2009/04/10 20:37:18 | 000,000,058 | ---- | M] () -- \Program Files\SketchUp\SketchUp 2014\Tools\ROUNDCORNER_Dir_23\__loader.rb
[2014/05/27 08:39:40 | 000,000,164 | ---- | M] () -- \Program Files\SketchUp\SketchUp 2014\Tools\RubyStdLib\rake\default_loader.rb
[2014/05/27 08:39:40 | 000,000,341 | ---- | M] () -- \Program Files\SketchUp\SketchUp 2014\Tools\RubyStdLib\rake\rake_test_loader.rb
[2015/01/07 21:07:11 | 000,055,004 | ---- | M] () -- \ProgramData\IObit\ASCDownloader\Downloader.log
[2014/12/16 21:39:19 | 000,002,039 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Flvto Youtube Downloader\Flvto Youtube Downloader.lnk
[2014/12/16 21:39:20 | 000,001,024 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Flvto Youtube Downloader\Uninstall Flvto Youtube Downloader.lnk
[2014/02/05 13:23:26 | 000,002,192 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Siemens Automation\SIMATIC\STEP 7\NCM S7\Firmware Loader.lnk
[2015/01/07 21:07:11 | 000,055,004 | ---- | M] () -- \Users\All Users\IObit\ASCDownloader\Downloader.log
[2014/12/16 21:39:19 | 000,002,039 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Flvto Youtube Downloader\Flvto Youtube Downloader.lnk
[2014/12/16 21:39:20 | 000,001,024 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Flvto Youtube Downloader\Uninstall Flvto Youtube Downloader.lnk
[2014/02/05 13:23:26 | 000,002,192 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Siemens Automation\SIMATIC\STEP 7\NCM S7\Firmware Loader.lnk
[2014/01/20 19:43:58 | 000,057,728 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2014/01/20 19:43:58 | 000,057,728 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2014/01/20 19:43:58 | 000,057,728 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2014/01/20 19:43:59 | 000,057,728 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin3\dt_dadget_loader.png
[2014/01/20 19:43:59 | 000,057,728 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin4\dt_dadget_loader.png
[2014/01/20 19:43:59 | 000,061,770 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin5\dt_dadget_loader.png
[2014/01/20 19:43:59 | 000,061,770 | ---- | M] () -- \Users\Andrej\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin6\dt_dadget_loader.png
[2014/05/27 08:39:38 | 000,000,231 | ---- | M] () -- \Users\Andrej\AppData\Roaming\SketchUp\SketchUp 2014\SketchUp\Plugins\su_advancedcameratools\actloader.rb
[2014/05/27 08:39:38 | 000,000,517 | ---- | M] () -- \Users\Andrej\AppData\Roaming\SketchUp\SketchUp 2014\SketchUp\Plugins\su_dynamiccomponents\ruby\dcloader.rb
[2014/05/27 08:39:40 | 000,030,681 | ---- | M] () -- \Users\Andrej\AppData\Roaming\SketchUp\SketchUp 2014\SketchUp\Plugins\su_webtextures\webtextures_loader.rb
[2005/09/23 04:24:22 | 000,061,440 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\0C364DD1A05A49347B4E85590CF2E9D0\9.0.1399\FL_coloader80_dll_128691_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
[2005/09/22 23:23:44 | 000,004,608 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\0C364DD1A05A49347B4E85590CF2E9D0\9.0.1399\FL_coloader80_tlb_128927_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
[2014/02/05 13:35:11 | 000,003,262 | R--- | M] () -- \Windows\Installer\{D596A641-C584-4667-8802-50FE80241A2E}\Siemens.Simatic.Pct.ApplicationLoader.exe.ico
[2015/01/07 21:08:26 | 000,211,340 | ---- | M] () -- \Windows\Prefetch\FLVTOYOUTUBEDOWNLOADER.EXE-6A3105AC.pf
[2012/11/30 05:56:23 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4406d799e312fb134137b38979f418fe\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:44:10 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4406d799e312fb134137b38979f418fe\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:45:15 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4406d799e312fb134137b38979f418fe\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4406d799e312fb134137b38979f418fe\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009/07/14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009/07/14 09:43:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009/07/14 09:43:57 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009/07/14 09:43:57 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2009/07/14 03:17:55 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009/07/14 03:17:55 | 000,507,568 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9_winload.exe_75835076
[2009/07/14 03:17:55 | 000,442,920 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9_winresume.exe_85cd1215
[2009/07/14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009/07/14 09:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009/07/14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009/07/14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
< End of report >
Re: spomaleny internet
Extras.txt sa nevytvoril. Spravil som niečo zle?
Vždy tu nájdem zaujímavé čítanie: iobit advanced systemcare
Odinštalujem keď budem doma.
Vždy tu nájdem zaujímavé čítanie: iobit advanced systemcare
Odinštalujem keď budem doma.
Re: spomaleny internet
Sken Malwarebytes Anti-Malware nič som nemazal len popri čakaní na odpoveď som preskenoval.
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 8. 1. 2015
Čas skenování: 21:10:00
Protokol:
Správce: Ano
Verze: 2.00.4.1028
Databáze malwaru: v2015.01.08.14
Databáze rootkitů: v2015.01.07.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Sebeobrany: Vypnuto
OS: Windows 7
CPU: x86
Souborový systém: NTFS
Uživatel: Andrej
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 316390
Uplynulý čas: 13 min, 30 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Varovat
PUM: Zapnuto
Procesy: 0
(Žádné zákerné zjištěny položek)
Moduly: 0
(Žádné zákerné zjištěny položek)
Klíče registru: 4
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\SmdmF, , [7985856f3c4d181e4899641a22e1926e],
PUP.Optional.Spigot.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\cikkkfooompgefbcjlgdjejfdknkheaj, , [e11d2dc75a2f93a3d1d70073966dc937],
PUP.Optional.Linkey.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\fpmeembnagmagppkgghhfjfdfajdfcah, , [2cd24ea67e0b270ff1e5227d1de60af6],
PUP.Optional.Spigot.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\gpiifgmgnfdiblgpaepbmfdkcheicgof, , [32cc35bfa7e284b21e8b13609f64a759],
Hodnoty registru: 2
PUP.Optional.SettingsManager, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER\APPCERTDLLS|x64, c:\program files\settings manager\smdmf\x64\sysapcrt.dll, , [25d983714b3e191d89d9bbc79e6519e7]
PUP.Optional.SettingsManager, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER\APPCERTDLLS|x86, c:\program files\settings manager\smdmf\sysapcrt.dll, , [6698d1238801d462adb5d6ac758e56aa]
Data registru: 0
(Žádné zákerné zjištěny položek)
Složky: 1
PUP.Optional.SettingsManager.A, C:\ProgramData\smdmf, , [9b63b0442d5c87aff06fd47e867d619f],
Soubory: 3
PUP.Optional.OpenCandy, C:\Users\Andrej\AppData\Local\Flvto Youtube Downloader\FlvtoConverterSetupV0.6.0.exe, , [50aef10316739a9cb51b852ee3225ba5],
PUP.Optional.Spigot.A, C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\searchplugins\yahoo_ff.xml, , [b04e24d0b1d84fe73fd6f96f2cd7817f],
PUP.Optional.SettingsManager.A, C:\ProgramData\smdmf\stats.cfg, , [9b63b0442d5c87aff06fd47e867d619f],
Fyzické sektory: 0
(Žádné zákerné zjištěny položek)
(end)
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 8. 1. 2015
Čas skenování: 21:10:00
Protokol:
Správce: Ano
Verze: 2.00.4.1028
Databáze malwaru: v2015.01.08.14
Databáze rootkitů: v2015.01.07.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Sebeobrany: Vypnuto
OS: Windows 7
CPU: x86
Souborový systém: NTFS
Uživatel: Andrej
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 316390
Uplynulý čas: 13 min, 30 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Varovat
PUM: Zapnuto
Procesy: 0
(Žádné zákerné zjištěny položek)
Moduly: 0
(Žádné zákerné zjištěny položek)
Klíče registru: 4
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\SmdmF, , [7985856f3c4d181e4899641a22e1926e],
PUP.Optional.Spigot.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\cikkkfooompgefbcjlgdjejfdknkheaj, , [e11d2dc75a2f93a3d1d70073966dc937],
PUP.Optional.Linkey.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\fpmeembnagmagppkgghhfjfdfajdfcah, , [2cd24ea67e0b270ff1e5227d1de60af6],
PUP.Optional.Spigot.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\gpiifgmgnfdiblgpaepbmfdkcheicgof, , [32cc35bfa7e284b21e8b13609f64a759],
Hodnoty registru: 2
PUP.Optional.SettingsManager, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER\APPCERTDLLS|x64, c:\program files\settings manager\smdmf\x64\sysapcrt.dll, , [25d983714b3e191d89d9bbc79e6519e7]
PUP.Optional.SettingsManager, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER\APPCERTDLLS|x86, c:\program files\settings manager\smdmf\sysapcrt.dll, , [6698d1238801d462adb5d6ac758e56aa]
Data registru: 0
(Žádné zákerné zjištěny položek)
Složky: 1
PUP.Optional.SettingsManager.A, C:\ProgramData\smdmf, , [9b63b0442d5c87aff06fd47e867d619f],
Soubory: 3
PUP.Optional.OpenCandy, C:\Users\Andrej\AppData\Local\Flvto Youtube Downloader\FlvtoConverterSetupV0.6.0.exe, , [50aef10316739a9cb51b852ee3225ba5],
PUP.Optional.Spigot.A, C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\searchplugins\yahoo_ff.xml, , [b04e24d0b1d84fe73fd6f96f2cd7817f],
PUP.Optional.SettingsManager.A, C:\ProgramData\smdmf\stats.cfg, , [9b63b0442d5c87aff06fd47e867d619f],
Fyzické sektory: 0
(Žádné zákerné zjištěny položek)
(end)
Re: spomaleny internet
Vsechny nalezy smazte, pak sken zopakujte, jestli se nam nic nevratilo
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: spomaleny internet
MBAM všetko zmazané
Nový sken čistý
Pripájam nový log z FRST
==============================================================================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-01-2015
Ran by Andrej (administrator) on ANDREJ-PC on 09-01-2015 20:29:58
Running from C:\Users\Andrej\Desktop
Loaded Profile: Andrej (Available profiles: Andrej)
Platform: Microsoft Windows 7 Ultimate (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\ace\bin\CCAgent.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe
(SIEMENS AG) C:\Program Files\Siemens\WinCC\bin\CCProjectMgr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\AlmPanelPlugin\ALMPanelPlugin.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe
(Nitro PDF Software) C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
(SIEMENS AG) C:\Program Files\Siemens\Step7\S7BIN\s7hspsvx.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\commonarchiving\CCDBUtils.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\SimNetCom\pniomgr.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\SimNetCom\pniopcac.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Hotger) C:\Program Files\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe
() C:\Windows\System32\C2MP\TrayMenu.exe
(TechSmith Corporation) C:\Program Files\TechSmith\Snagit 9\Snagit32.exe
(TechSmith Corporation) C:\Program Files\TechSmith\Snagit 9\TscHelp.exe
(TechSmith Corporation) C:\Program Files\TechSmith\Snagit 9\SnagPriv.exe
(TechSmith Corporation) C:\Program Files\TechSmith\Snagit 9\SnagitEditor.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-09] (AVAST Software)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKU\S-1-5-21-987201152-1341176263-1292834751-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-987201152-1341176263-1292834751-1000\...\Run: [Flvto Youtube Downloader] => C:\Program Files\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe [493568 2014-11-26] (Hotger)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TrayMenu.lnk
ShortcutTarget: TrayMenu.lnk -> C:\Windows\System32\C2MP\TrayMenu.exe ()
Startup: C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 9.lnk
ShortcutTarget: Snagit 9.lnk -> C:\Program Files\TechSmith\Snagit 9\Snagit32.exe (TechSmith Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-987201152-1341176263-1292834751-1000 -> DefaultScope {44970120-AF3C-450E-AAA6-F4E3AF52D246} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
SearchScopes: HKU\S-1-5-21-987201152-1341176263-1292834751-1000 -> {44970120-AF3C-450E-AAA6-F4E3AF52D246} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
BHO: No Name -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> No File
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - No Name - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - No File
Toolbar: HKU\S-1-5-21-987201152-1341176263-1292834751-1000 -> No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default
FF NewTab: about:home
FF SelectedSearchEngine: Google
FF Homepage: https://www.google.sk/
FF Keyword.URL: hxxp://www.default-search.net/search?sid=503&a ... &src=ds&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Extension: Homepage New Tab - C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\Extensions\HomepageNewTab@neocodex.us.xpi [2014-01-12]
FF Extension: New Tab Homepage - C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\Extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi [2014-01-12]
FF Extension: Adblock Plus - C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-19]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-12]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-16]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 almservice; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe [1138312 2011-12-11] (SIEMENS AG) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-16] (AVAST Software)
R2 CCAgent; C:\Program Files\Common Files\Siemens\ACE\bin\CCAgent.exe [363008 2011-11-14] (SIEMENS AG) [File not signed]
S3 CCAlgRtServer; C:\Program Files\Siemens\WinCC\bin\CcAlgRtServer.exe [119808 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCArchiveManagerService; C:\Program Files\Common Files\Siemens\CommonArchiving\CCArchiveManager.exe [757760 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCCSigRTServer; C:\Program Files\Siemens\WinCC\bin\CCCSigRTServer.exe [436736 2011-11-23] (SIEMENS AG) [File not signed]
R2 CCDBUtils; C:\Program Files\Common Files\Siemens\CommonArchiving\CCDBUtils.exe [98304 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCDeltaLoader; C:\Program Files\Siemens\WinCC\bin\CCDeltaLoader.exe [757760 2011-11-23] (SIEMENS AG) [File not signed]
R3 CCEClient; C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe [264704 2011-11-14] (SIEMENS AG) [File not signed]
R2 CCEServer; C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe [245248 2011-11-14] (SIEMENS AG) [File not signed]
S3 CCLBMRTServer; C:\Program Files\Siemens\WinCC\bin\CCLBMRTServer.exe [195072 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCLicenseService; C:\Program Files\Common Files\Siemens\bin\CCLicenseService.exe [489472 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCNSInfo2Provider; C:\Program Files\Siemens\WinCC\bin\CCNSInfo2Provider.exe [646144 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCOPC.UAWrapper; C:\Program Files\Siemens\WinCC\opc\UAWrapper\DA2UA.exe [344064 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCOPC.XMLWrapper; C:\Program Files\Siemens\WinCC\opc\XMLDataAccess\bin\DA2XML.exe [344064 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCPackageMgr; C:\Program Files\Siemens\WinCC\bin\CCPackageMgr.exe [450560 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCPerfMon; C:\Program Files\Common Files\Siemens\bin\CCPerfMon.exe [716288 2011-11-10] (SIEMENS AG) [File not signed]
S3 CCProfileServer; C:\Program Files\Siemens\WinCC\bin\CCProfileServer.exe [72192 2011-11-23] (SIEMENS AG) [File not signed]
R2 CCProjectMgr; C:\Program Files\Siemens\WinCC\bin\CCProjectMgr.exe [1464832 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCPtmRTServer; C:\Program Files\Siemens\WinCC\bin\CCPtmRTServer.exe [331776 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCRedundancyAgent-Service; C:\Program Files\Common Files\Siemens\CommonArchiving\CCRedundancyAgent.exe [856064 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCSsmRTServer; C:\Program Files\Siemens\WinCC\bin\CCSsmRTServer.exe [332800 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCTextServer; C:\Program Files\Siemens\WinCC\bin\CCTextServer.exe [372224 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCTlgServer; C:\Program Files\Siemens\WinCC\bin\CCTlgServer.exe [91648 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCTMTimeSyncServer; C:\Program Files\Siemens\WinCC\bin\CCTMTimeSyncServer.exe [299520 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCUsrAcv; C:\Program Files\Siemens\WinCC\bin\CCUsrAcv.exe [1311232 2011-11-23] (SIEMENS AG) [File not signed]
R2 MsDtsServer; C:\Program Files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe [202592 2010-12-10] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [8704 2009-07-14] (Microsoft Corporation)
R2 MSSQL$WINCC; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 MSSQL$WINCCFLEXEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [196624 2013-07-26] (Nitro PDF Software)
S3 OpcEnum; C:\Windows\system32\OPCEnum.exe [139488 2009-02-05] (OPC Foundation)
S3 RedundancyControl; C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe [486400 2011-11-14] (SIEMENS AG) [File not signed]
S3 RedundancyState; C:\Program Files\Common Files\Siemens\ace\bin\RedundancyState.exe [198144 2011-11-14] (SIEMENS AG) [File not signed]
R2 s7hspsvx; C:\Program Files\Siemens\Step7\s7bin\s7hspsvx.exe [61493 2011-05-30] (SIEMENS AG) [File not signed]
R2 s7oiehsx; C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe [412808 2011-11-04] (SIEMENS AG) [File not signed]
R2 S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe [556168 2011-11-04] (SIEMENS AG) [File not signed]
S3 SCSFsX; C:\Program Files\Common Files\Siemens\ACE\bin\SCSFsX.exe [101888 2011-11-14] (SIEMENS AG) [File not signed]
R2 SCSMonitor; C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe [163328 2011-11-14] (SIEMENS AG) [File not signed]
S3 SQLAgent$WINCC; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE [346976 2010-12-10] (Microsoft Corporation)
S3 XR_CCOPC.UAWrapper; C:\Program Files\Siemens\WinCC\opc\UAWrapper\CCRT2UA.exe [188416 2011-11-23] (SIEMENS AG) [File not signed]
S3 XR_CCOPC.XMLWrapper; C:\Program Files\Siemens\WinCC\opc\XMLDataAccess\bin\CCRT2XML.exe [188416 2011-11-23] (SIEMENS AG) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-11-16] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2014-11-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-11-16] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-11-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2014-11-20] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2014-11-16] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2014-11-16] ()
S3 cp5711; C:\Windows\System32\Drivers\cp5711.sys [994944 2011-04-19] (SIEMENS AG)
R1 Dlc; C:\Windows\System32\DRIVERS\dlc.sys [56080 2004-06-03] (Microsoft Corporation) [File not signed]
R1 dpmconv; C:\Windows\System32\DRIVERS\dpmconv32.sys [288256 2011-04-19] (SIEMENS AG)
R1 DPMTRCDD; C:\Windows\System32\DRIVERS\DPMTRCDD32.sys [72248 2010-03-22] (SIEMENS AG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-01-20] (Disc Soft Ltd)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [141824 2009-07-14] (Microsoft Corporation)
R3 S7odpx2x32; C:\Windows\System32\Drivers\S7odpx2x32.sys [87552 2011-05-06] (SIEMENS AG)
R2 S7otranx32; C:\Windows\System32\Drivers\S7otranx32.sys [521216 2011-05-06] (SIEMENS AG)
R3 s7otsadx32; C:\Windows\System32\Drivers\s7otsadx32.sys [182784 2011-09-29] (SIEMENS AG)
R2 s7ousbu32x; C:\Windows\System32\DRIVERS\s7ousbu32x.sys [641280 2011-09-29] (SIEMENS AG)
R2 s7sn2srtx; C:\Windows\System32\DRIVERS\s7sn2srtx.sys [63104 2011-06-16] (SIEMENS AG) [File not signed]
R2 SNTIE; C:\Windows\System32\DRIVERS\sntie.sys [343888 2011-10-11] (SIEMENS AG)
R1 vsnl2ada; C:\Windows\System32\DRIVERS\vsnl2ada32.sys [140288 2011-04-19] (SIEMENS AG)
U2 CP5711_1; No ImagePath
S3 HmPci; \??\C:\Windows\system32\drivers\HmPci.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-09 20:29 - 2015-01-09 20:30 - 00017159 _____ () C:\Users\Andrej\Desktop\FRST.txt
2015-01-07 21:30 - 2015-01-07 21:30 - 00602112 _____ (OldTimer Tools) C:\Users\Andrej\Desktop\OTL.exe
2015-01-07 21:13 - 2015-01-09 20:30 - 00000000 ____D () C:\FRST
2015-01-07 21:11 - 2015-01-07 21:11 - 01115648 _____ (Farbar) C:\Users\Andrej\Desktop\FRST.exe
2014-12-30 12:09 - 2015-01-09 20:09 - 00003418 _____ () C:\Windows\PFRO.log
2014-12-30 12:09 - 2015-01-09 20:09 - 00000448 _____ () C:\Windows\setupact.log
2014-12-30 12:09 - 2014-12-30 12:09 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-30 12:08 - 2014-12-30 12:08 - 00000000 ____D () C:\Users\Andrej\AppData\Local\Hotger
2014-12-30 12:07 - 2014-12-30 12:07 - 02377216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-12-30 12:07 - 2014-12-30 12:07 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-30 12:07 - 2014-12-30 12:07 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-12-30 12:07 - 2014-12-30 12:07 - 00194488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-12-30 12:06 - 2014-12-30 12:06 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-30 12:06 - 2014-12-30 12:06 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-12-30 12:06 - 2014-12-30 12:06 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-12-30 12:06 - 2014-12-30 12:06 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-12-30 12:06 - 2014-12-30 12:06 - 00221696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-12-30 12:06 - 2014-12-30 12:06 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-12-30 12:06 - 2014-12-30 12:06 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-12-30 12:06 - 2014-12-30 12:06 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-12-30 12:05 - 2014-12-30 12:05 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-12-16 21:43 - 2014-12-16 21:43 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-12-16 21:42 - 2014-12-16 21:42 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys
2014-12-16 21:39 - 2014-12-16 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flvto Youtube Downloader
2014-12-16 21:38 - 2014-12-16 21:39 - 00000000 ____D () C:\Program Files\Flvto Youtube Downloader
2014-12-15 21:25 - 2014-12-15 21:25 - 00000000 ____D () C:\Program Files\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-09 20:22 - 2014-01-12 12:54 - 01053382 _____ () C:\Windows\WindowsUpdate.log
2015-01-09 20:16 - 2014-04-03 19:50 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-09 20:11 - 2014-12-08 21:22 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-09 20:10 - 2014-01-25 20:21 - 00000000 ____D () C:\Users\Andrej\AppData\Roaming\Nitro PDF
2015-01-09 20:09 - 2014-04-03 19:50 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-09 20:09 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-09 20:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system
2015-01-09 20:08 - 2014-08-28 10:24 - 00000000 ____D () C:\Users\Andrej\AppData\Local\Flvto Youtube Downloader
2015-01-09 19:59 - 2014-01-19 20:33 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-08 21:09 - 2014-12-08 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-08 21:09 - 2014-12-08 21:22 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-01-08 20:24 - 2014-12-08 21:04 - 00000000 ____D () C:\Program Files\IObit
2015-01-08 20:22 - 2014-12-08 21:05 - 00000000 ____D () C:\ProgramData\ProductData
2015-01-08 20:22 - 2014-12-08 21:04 - 00000000 ____D () C:\ProgramData\IObit
2015-01-07 21:36 - 2014-01-25 13:50 - 00000512 _____ () C:\PhysicalMBR.bin
2015-01-05 21:37 - 2009-07-14 05:34 - 00009584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-05 21:37 - 2009-07-14 05:34 - 00009584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-05 20:42 - 2014-01-26 10:07 - 00000000 ____D () C:\AdwCleaner
2014-12-30 12:43 - 2014-09-24 16:40 - 00000000 ____D () C:\Users\Andrej\Documents\OpenTTD
2014-12-30 12:14 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-30 12:09 - 2009-07-14 05:33 - 00488824 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-30 12:00 - 2014-01-12 13:08 - 01851816 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-20 10:59 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-12-20 10:27 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-12-20 10:05 - 2014-01-12 20:35 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-12-11 20:57 - 2014-10-19 09:20 - 00000000 ____D () C:\Users\Andrej\AppData\Local\Adobe
2014-12-11 20:57 - 2014-01-19 20:33 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-12-11 20:57 - 2014-01-19 20:33 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
Some content of TEMP:
====================
C:\Users\Andrej\AppData\Local\Temp\Quarantine.exe
C:\Users\Andrej\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-08 21:39
==================== End Of Log ============================
Nový sken čistý
Pripájam nový log z FRST
==============================================================================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-01-2015
Ran by Andrej (administrator) on ANDREJ-PC on 09-01-2015 20:29:58
Running from C:\Users\Andrej\Desktop
Loaded Profile: Andrej (Available profiles: Andrej)
Platform: Microsoft Windows 7 Ultimate (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\ace\bin\CCAgent.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe
(SIEMENS AG) C:\Program Files\Siemens\WinCC\bin\CCProjectMgr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\AlmPanelPlugin\ALMPanelPlugin.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe
(Nitro PDF Software) C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
(SIEMENS AG) C:\Program Files\Siemens\Step7\S7BIN\s7hspsvx.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\commonarchiving\CCDBUtils.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\SimNetCom\pniomgr.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\SimNetCom\pniopcac.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Hotger) C:\Program Files\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe
() C:\Windows\System32\C2MP\TrayMenu.exe
(TechSmith Corporation) C:\Program Files\TechSmith\Snagit 9\Snagit32.exe
(TechSmith Corporation) C:\Program Files\TechSmith\Snagit 9\TscHelp.exe
(TechSmith Corporation) C:\Program Files\TechSmith\Snagit 9\SnagPriv.exe
(TechSmith Corporation) C:\Program Files\TechSmith\Snagit 9\SnagitEditor.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-09] (AVAST Software)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKU\S-1-5-21-987201152-1341176263-1292834751-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-987201152-1341176263-1292834751-1000\...\Run: [Flvto Youtube Downloader] => C:\Program Files\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe [493568 2014-11-26] (Hotger)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TrayMenu.lnk
ShortcutTarget: TrayMenu.lnk -> C:\Windows\System32\C2MP\TrayMenu.exe ()
Startup: C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 9.lnk
ShortcutTarget: Snagit 9.lnk -> C:\Program Files\TechSmith\Snagit 9\Snagit32.exe (TechSmith Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-987201152-1341176263-1292834751-1000 -> DefaultScope {44970120-AF3C-450E-AAA6-F4E3AF52D246} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
SearchScopes: HKU\S-1-5-21-987201152-1341176263-1292834751-1000 -> {44970120-AF3C-450E-AAA6-F4E3AF52D246} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
BHO: No Name -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> No File
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - No Name - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - No File
Toolbar: HKU\S-1-5-21-987201152-1341176263-1292834751-1000 -> No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default
FF NewTab: about:home
FF SelectedSearchEngine: Google
FF Homepage: https://www.google.sk/
FF Keyword.URL: hxxp://www.default-search.net/search?sid=503&a ... &src=ds&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Extension: Homepage New Tab - C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\Extensions\HomepageNewTab@neocodex.us.xpi [2014-01-12]
FF Extension: New Tab Homepage - C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\Extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi [2014-01-12]
FF Extension: Adblock Plus - C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\6wbztzam.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-19]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-12]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-16]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 almservice; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe [1138312 2011-12-11] (SIEMENS AG) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-16] (AVAST Software)
R2 CCAgent; C:\Program Files\Common Files\Siemens\ACE\bin\CCAgent.exe [363008 2011-11-14] (SIEMENS AG) [File not signed]
S3 CCAlgRtServer; C:\Program Files\Siemens\WinCC\bin\CcAlgRtServer.exe [119808 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCArchiveManagerService; C:\Program Files\Common Files\Siemens\CommonArchiving\CCArchiveManager.exe [757760 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCCSigRTServer; C:\Program Files\Siemens\WinCC\bin\CCCSigRTServer.exe [436736 2011-11-23] (SIEMENS AG) [File not signed]
R2 CCDBUtils; C:\Program Files\Common Files\Siemens\CommonArchiving\CCDBUtils.exe [98304 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCDeltaLoader; C:\Program Files\Siemens\WinCC\bin\CCDeltaLoader.exe [757760 2011-11-23] (SIEMENS AG) [File not signed]
R3 CCEClient; C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe [264704 2011-11-14] (SIEMENS AG) [File not signed]
R2 CCEServer; C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe [245248 2011-11-14] (SIEMENS AG) [File not signed]
S3 CCLBMRTServer; C:\Program Files\Siemens\WinCC\bin\CCLBMRTServer.exe [195072 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCLicenseService; C:\Program Files\Common Files\Siemens\bin\CCLicenseService.exe [489472 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCNSInfo2Provider; C:\Program Files\Siemens\WinCC\bin\CCNSInfo2Provider.exe [646144 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCOPC.UAWrapper; C:\Program Files\Siemens\WinCC\opc\UAWrapper\DA2UA.exe [344064 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCOPC.XMLWrapper; C:\Program Files\Siemens\WinCC\opc\XMLDataAccess\bin\DA2XML.exe [344064 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCPackageMgr; C:\Program Files\Siemens\WinCC\bin\CCPackageMgr.exe [450560 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCPerfMon; C:\Program Files\Common Files\Siemens\bin\CCPerfMon.exe [716288 2011-11-10] (SIEMENS AG) [File not signed]
S3 CCProfileServer; C:\Program Files\Siemens\WinCC\bin\CCProfileServer.exe [72192 2011-11-23] (SIEMENS AG) [File not signed]
R2 CCProjectMgr; C:\Program Files\Siemens\WinCC\bin\CCProjectMgr.exe [1464832 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCPtmRTServer; C:\Program Files\Siemens\WinCC\bin\CCPtmRTServer.exe [331776 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCRedundancyAgent-Service; C:\Program Files\Common Files\Siemens\CommonArchiving\CCRedundancyAgent.exe [856064 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCSsmRTServer; C:\Program Files\Siemens\WinCC\bin\CCSsmRTServer.exe [332800 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCTextServer; C:\Program Files\Siemens\WinCC\bin\CCTextServer.exe [372224 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCTlgServer; C:\Program Files\Siemens\WinCC\bin\CCTlgServer.exe [91648 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCTMTimeSyncServer; C:\Program Files\Siemens\WinCC\bin\CCTMTimeSyncServer.exe [299520 2011-11-23] (SIEMENS AG) [File not signed]
S3 CCUsrAcv; C:\Program Files\Siemens\WinCC\bin\CCUsrAcv.exe [1311232 2011-11-23] (SIEMENS AG) [File not signed]
R2 MsDtsServer; C:\Program Files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe [202592 2010-12-10] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [8704 2009-07-14] (Microsoft Corporation)
R2 MSSQL$WINCC; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 MSSQL$WINCCFLEXEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [196624 2013-07-26] (Nitro PDF Software)
S3 OpcEnum; C:\Windows\system32\OPCEnum.exe [139488 2009-02-05] (OPC Foundation)
S3 RedundancyControl; C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe [486400 2011-11-14] (SIEMENS AG) [File not signed]
S3 RedundancyState; C:\Program Files\Common Files\Siemens\ace\bin\RedundancyState.exe [198144 2011-11-14] (SIEMENS AG) [File not signed]
R2 s7hspsvx; C:\Program Files\Siemens\Step7\s7bin\s7hspsvx.exe [61493 2011-05-30] (SIEMENS AG) [File not signed]
R2 s7oiehsx; C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe [412808 2011-11-04] (SIEMENS AG) [File not signed]
R2 S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe [556168 2011-11-04] (SIEMENS AG) [File not signed]
S3 SCSFsX; C:\Program Files\Common Files\Siemens\ACE\bin\SCSFsX.exe [101888 2011-11-14] (SIEMENS AG) [File not signed]
R2 SCSMonitor; C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe [163328 2011-11-14] (SIEMENS AG) [File not signed]
S3 SQLAgent$WINCC; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE [346976 2010-12-10] (Microsoft Corporation)
S3 XR_CCOPC.UAWrapper; C:\Program Files\Siemens\WinCC\opc\UAWrapper\CCRT2UA.exe [188416 2011-11-23] (SIEMENS AG) [File not signed]
S3 XR_CCOPC.XMLWrapper; C:\Program Files\Siemens\WinCC\opc\XMLDataAccess\bin\CCRT2XML.exe [188416 2011-11-23] (SIEMENS AG) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-11-16] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2014-11-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-11-16] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-11-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2014-11-20] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2014-11-16] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2014-11-16] ()
S3 cp5711; C:\Windows\System32\Drivers\cp5711.sys [994944 2011-04-19] (SIEMENS AG)
R1 Dlc; C:\Windows\System32\DRIVERS\dlc.sys [56080 2004-06-03] (Microsoft Corporation) [File not signed]
R1 dpmconv; C:\Windows\System32\DRIVERS\dpmconv32.sys [288256 2011-04-19] (SIEMENS AG)
R1 DPMTRCDD; C:\Windows\System32\DRIVERS\DPMTRCDD32.sys [72248 2010-03-22] (SIEMENS AG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-01-20] (Disc Soft Ltd)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [141824 2009-07-14] (Microsoft Corporation)
R3 S7odpx2x32; C:\Windows\System32\Drivers\S7odpx2x32.sys [87552 2011-05-06] (SIEMENS AG)
R2 S7otranx32; C:\Windows\System32\Drivers\S7otranx32.sys [521216 2011-05-06] (SIEMENS AG)
R3 s7otsadx32; C:\Windows\System32\Drivers\s7otsadx32.sys [182784 2011-09-29] (SIEMENS AG)
R2 s7ousbu32x; C:\Windows\System32\DRIVERS\s7ousbu32x.sys [641280 2011-09-29] (SIEMENS AG)
R2 s7sn2srtx; C:\Windows\System32\DRIVERS\s7sn2srtx.sys [63104 2011-06-16] (SIEMENS AG) [File not signed]
R2 SNTIE; C:\Windows\System32\DRIVERS\sntie.sys [343888 2011-10-11] (SIEMENS AG)
R1 vsnl2ada; C:\Windows\System32\DRIVERS\vsnl2ada32.sys [140288 2011-04-19] (SIEMENS AG)
U2 CP5711_1; No ImagePath
S3 HmPci; \??\C:\Windows\system32\drivers\HmPci.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-09 20:29 - 2015-01-09 20:30 - 00017159 _____ () C:\Users\Andrej\Desktop\FRST.txt
2015-01-07 21:30 - 2015-01-07 21:30 - 00602112 _____ (OldTimer Tools) C:\Users\Andrej\Desktop\OTL.exe
2015-01-07 21:13 - 2015-01-09 20:30 - 00000000 ____D () C:\FRST
2015-01-07 21:11 - 2015-01-07 21:11 - 01115648 _____ (Farbar) C:\Users\Andrej\Desktop\FRST.exe
2014-12-30 12:09 - 2015-01-09 20:09 - 00003418 _____ () C:\Windows\PFRO.log
2014-12-30 12:09 - 2015-01-09 20:09 - 00000448 _____ () C:\Windows\setupact.log
2014-12-30 12:09 - 2014-12-30 12:09 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-30 12:08 - 2014-12-30 12:08 - 00000000 ____D () C:\Users\Andrej\AppData\Local\Hotger
2014-12-30 12:07 - 2014-12-30 12:07 - 02377216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-12-30 12:07 - 2014-12-30 12:07 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-30 12:07 - 2014-12-30 12:07 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-12-30 12:07 - 2014-12-30 12:07 - 00194488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-12-30 12:06 - 2014-12-30 12:06 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-30 12:06 - 2014-12-30 12:06 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-12-30 12:06 - 2014-12-30 12:06 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-12-30 12:06 - 2014-12-30 12:06 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-12-30 12:06 - 2014-12-30 12:06 - 00221696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-12-30 12:06 - 2014-12-30 12:06 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-12-30 12:06 - 2014-12-30 12:06 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-12-30 12:06 - 2014-12-30 12:06 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-12-30 12:05 - 2014-12-30 12:05 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-12-16 21:43 - 2014-12-16 21:43 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-12-16 21:42 - 2014-12-16 21:42 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys
2014-12-16 21:39 - 2014-12-16 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flvto Youtube Downloader
2014-12-16 21:38 - 2014-12-16 21:39 - 00000000 ____D () C:\Program Files\Flvto Youtube Downloader
2014-12-15 21:25 - 2014-12-15 21:25 - 00000000 ____D () C:\Program Files\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-09 20:22 - 2014-01-12 12:54 - 01053382 _____ () C:\Windows\WindowsUpdate.log
2015-01-09 20:16 - 2014-04-03 19:50 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-09 20:11 - 2014-12-08 21:22 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-09 20:10 - 2014-01-25 20:21 - 00000000 ____D () C:\Users\Andrej\AppData\Roaming\Nitro PDF
2015-01-09 20:09 - 2014-04-03 19:50 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-09 20:09 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-09 20:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system
2015-01-09 20:08 - 2014-08-28 10:24 - 00000000 ____D () C:\Users\Andrej\AppData\Local\Flvto Youtube Downloader
2015-01-09 19:59 - 2014-01-19 20:33 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-08 21:09 - 2014-12-08 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-08 21:09 - 2014-12-08 21:22 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-01-08 20:24 - 2014-12-08 21:04 - 00000000 ____D () C:\Program Files\IObit
2015-01-08 20:22 - 2014-12-08 21:05 - 00000000 ____D () C:\ProgramData\ProductData
2015-01-08 20:22 - 2014-12-08 21:04 - 00000000 ____D () C:\ProgramData\IObit
2015-01-07 21:36 - 2014-01-25 13:50 - 00000512 _____ () C:\PhysicalMBR.bin
2015-01-05 21:37 - 2009-07-14 05:34 - 00009584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-05 21:37 - 2009-07-14 05:34 - 00009584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-05 20:42 - 2014-01-26 10:07 - 00000000 ____D () C:\AdwCleaner
2014-12-30 12:43 - 2014-09-24 16:40 - 00000000 ____D () C:\Users\Andrej\Documents\OpenTTD
2014-12-30 12:14 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-30 12:09 - 2009-07-14 05:33 - 00488824 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-30 12:00 - 2014-01-12 13:08 - 01851816 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-20 10:59 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-12-20 10:27 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-12-20 10:05 - 2014-01-12 20:35 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-12-11 20:57 - 2014-10-19 09:20 - 00000000 ____D () C:\Users\Andrej\AppData\Local\Adobe
2014-12-11 20:57 - 2014-01-19 20:33 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-12-11 20:57 - 2014-01-19 20:33 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
Some content of TEMP:
====================
C:\Users\Andrej\AppData\Local\Temp\Quarantine.exe
C:\Users\Andrej\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-08 21:39
==================== End Of Log ============================
Re: spomaleny internet
Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation) HKU\S-1-5-21-987201152-1341176263-1292834751-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd) HKU\S-1-5-21-987201152-1341176263-1292834751-1000\...\Run: [Flvto Youtube Downloader] => C:\Program Files\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe [493568 2014-11-26] (Hotger) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TrayMenu.lnk SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-987201152-1341176263-1292834751-1000 -> DefaultScope {44970120-AF3C-450E-AAA6-F4E3AF52D246} URL = http://search.yahoo.com/search?fr=chr-g ... =888596&p={searchTerms} SearchScopes: HKU\S-1-5-21-987201152-1341176263-1292834751-1000 -> {44970120-AF3C-450E-AAA6-F4E3AF52D246} URL = http://search.yahoo.com/search?fr=chr-g ... =888596&p={searchTerms} BHO: No Name -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> No File BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll No File Toolbar: HKLM - No Name - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - No File Toolbar: HKU\S-1-5-21-987201152-1341176263-1292834751-1000 -> No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File FF Keyword.URL: hxxp://www.default-search.net/search?si ... &src=ds&p= U2 CP5711_1; No ImagePath S3 HmPci; \??\C:\Windows\system32\drivers\HmPci.sys [X] 2015-01-09 20:29 - 2015-01-09 20:30 - 00017159 _____ () C:\Users\Andrej\Desktop\FRST.txt 2015-01-07 21:30 - 2015-01-07 21:30 - 00602112 _____ (OldTimer Tools) C:\Users\Andrej\Desktop\OTL.exe 2015-01-07 21:11 - 2015-01-07 21:11 - 01115648 _____ (Farbar) C:\Users\Andrej\Desktop\FRST.exe 2014-12-30 12:09 - 2015-01-09 20:09 - 00003418 _____ () C:\Windows\PFRO.log 2014-12-30 12:09 - 2015-01-09 20:09 - 00000448 _____ () C:\Windows\setupact.log 2014-12-30 12:09 - 2014-12-30 12:09 - 00000000 _____ () C:\Windows\setuperr.log C:\Windows\Tasks\Adobe Flash Player Updater.job C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job Hosts: EmptyTemp: Reboot: End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: spomaleny internet
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 07-01-2015
Ran by Andrej at 2015-01-10 15:36:35 Run:1
Running from C:\Users\Andrej\Desktop
Loaded Profile: Andrej (Available profiles: Andrej)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKU\S-1-5-21-987201152-1341176263-1292834751-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-987201152-1341176263-1292834751-1000\...\Run: [Flvto Youtube Downloader] => C:\Program Files\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe [493568 2014-11-26] (Hotger)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TrayMenu.lnk
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-987201152-1341176263-1292834751-1000 -> DefaultScope {44970120-AF3C-450E-AAA6-F4E3AF52D246} URL = http://search.yahoo.com/search?fr=chr-g ... =888596&p={searchTerms}
SearchScopes: HKU\S-1-5-21-987201152-1341176263-1292834751-1000 -> {44970120-AF3C-450E-AAA6-F4E3AF52D246} URL = http://search.yahoo.com/search?fr=chr-g ... =888596&p={searchTerms}
BHO: No Name -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> No File
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll No File
Toolbar: HKLM - No Name - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - No File
Toolbar: HKU\S-1-5-21-987201152-1341176263-1292834751-1000 -> No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
FF Keyword.URL: hxxp://www.default-search.net/search?si ... &src=ds&p=
U2 CP5711_1; No ImagePath
S3 HmPci; \??\C:\Windows\system32\drivers\HmPci.sys [X]
2015-01-09 20:29 - 2015-01-09 20:30 - 00017159 _____ () C:\Users\Andrej\Desktop\FRST.txt
2015-01-07 21:30 - 2015-01-07 21:30 - 00602112 _____ (OldTimer Tools) C:\Users\Andrej\Desktop\OTL.exe
2015-01-07 21:11 - 2015-01-07 21:11 - 01115648 _____ (Farbar) C:\Users\Andrej\Desktop\FRST.exe
2014-12-30 12:09 - 2015-01-09 20:09 - 00003418 _____ () C:\Windows\PFRO.log
2014-12-30 12:09 - 2015-01-09 20:09 - 00000448 _____ () C:\Windows\setupact.log
2014-12-30 12:09 - 2014-12-30 12:09 - 00000000 _____ () C:\Windows\setuperr.log
C:\Windows\Tasks\Adobe Flash Player Updater.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\BCSSync => value deleted successfully.
HKU\S-1-5-21-987201152-1341176263-1292834751-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-987201152-1341176263-1292834751-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Flvto Youtube Downloader => value deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TrayMenu.lnk => Moved successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-21-987201152-1341176263-1292834751-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-987201152-1341176263-1292834751-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{44970120-AF3C-450E-AAA6-F4E3AF52D246}" => Key deleted successfully.
HKCR\CLSID\{44970120-AF3C-450E-AAA6-F4E3AF52D246} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}" => Key deleted successfully.
HKCR\CLSID\{00C6482D-C502-44C8-8409-FCE54AD9C208} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}" => Key deleted successfully.
"HKCR\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} => value deleted successfully.
HKCR\CLSID\{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} => Key not found.
HKU\S-1-5-21-987201152-1341176263-1292834751-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} => value deleted successfully.
HKCR\CLSID\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} => Key not found.
Firefox Keyword.URL deleted successfully.
CP5711_1 => Service deleted successfully.
HmPci => Service deleted successfully.
C:\Users\Andrej\Desktop\FRST.txt => Moved successfully.
C:\Users\Andrej\Desktop\OTL.exe => Moved successfully.
C:\Users\Andrej\Desktop\FRST.exe => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\Windows\setupact.log => Moved successfully.
C:\Windows\setuperr.log => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 151.2 MB temporary data.
The system needed a reboot.
==== End of Fixlog 15:37:17 ====
Ran by Andrej at 2015-01-10 15:36:35 Run:1
Running from C:\Users\Andrej\Desktop
Loaded Profile: Andrej (Available profiles: Andrej)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKU\S-1-5-21-987201152-1341176263-1292834751-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-987201152-1341176263-1292834751-1000\...\Run: [Flvto Youtube Downloader] => C:\Program Files\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe [493568 2014-11-26] (Hotger)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TrayMenu.lnk
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-987201152-1341176263-1292834751-1000 -> DefaultScope {44970120-AF3C-450E-AAA6-F4E3AF52D246} URL = http://search.yahoo.com/search?fr=chr-g ... =888596&p={searchTerms}
SearchScopes: HKU\S-1-5-21-987201152-1341176263-1292834751-1000 -> {44970120-AF3C-450E-AAA6-F4E3AF52D246} URL = http://search.yahoo.com/search?fr=chr-g ... =888596&p={searchTerms}
BHO: No Name -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> No File
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll No File
Toolbar: HKLM - No Name - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - No File
Toolbar: HKU\S-1-5-21-987201152-1341176263-1292834751-1000 -> No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
FF Keyword.URL: hxxp://www.default-search.net/search?si ... &src=ds&p=
U2 CP5711_1; No ImagePath
S3 HmPci; \??\C:\Windows\system32\drivers\HmPci.sys [X]
2015-01-09 20:29 - 2015-01-09 20:30 - 00017159 _____ () C:\Users\Andrej\Desktop\FRST.txt
2015-01-07 21:30 - 2015-01-07 21:30 - 00602112 _____ (OldTimer Tools) C:\Users\Andrej\Desktop\OTL.exe
2015-01-07 21:11 - 2015-01-07 21:11 - 01115648 _____ (Farbar) C:\Users\Andrej\Desktop\FRST.exe
2014-12-30 12:09 - 2015-01-09 20:09 - 00003418 _____ () C:\Windows\PFRO.log
2014-12-30 12:09 - 2015-01-09 20:09 - 00000448 _____ () C:\Windows\setupact.log
2014-12-30 12:09 - 2014-12-30 12:09 - 00000000 _____ () C:\Windows\setuperr.log
C:\Windows\Tasks\Adobe Flash Player Updater.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\BCSSync => value deleted successfully.
HKU\S-1-5-21-987201152-1341176263-1292834751-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-987201152-1341176263-1292834751-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Flvto Youtube Downloader => value deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TrayMenu.lnk => Moved successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-21-987201152-1341176263-1292834751-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-987201152-1341176263-1292834751-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{44970120-AF3C-450E-AAA6-F4E3AF52D246}" => Key deleted successfully.
HKCR\CLSID\{44970120-AF3C-450E-AAA6-F4E3AF52D246} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}" => Key deleted successfully.
HKCR\CLSID\{00C6482D-C502-44C8-8409-FCE54AD9C208} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}" => Key deleted successfully.
"HKCR\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} => value deleted successfully.
HKCR\CLSID\{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} => Key not found.
HKU\S-1-5-21-987201152-1341176263-1292834751-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} => value deleted successfully.
HKCR\CLSID\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} => Key not found.
Firefox Keyword.URL deleted successfully.
CP5711_1 => Service deleted successfully.
HmPci => Service deleted successfully.
C:\Users\Andrej\Desktop\FRST.txt => Moved successfully.
C:\Users\Andrej\Desktop\OTL.exe => Moved successfully.
C:\Users\Andrej\Desktop\FRST.exe => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\Windows\setupact.log => Moved successfully.
C:\Windows\setuperr.log => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 151.2 MB temporary data.
The system needed a reboot.
==== End of Fixlog 15:37:17 ====
Re: spomaleny internet
Jak se chova PC???
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: spomaleny internet
Šlape ako hodinky.
Veľmi pekne ďakujem za Váš čas a ochotu.
Veľmi pekne ďakujem za Váš čas a ochotu.
Re: spomaleny internet
Tak jeste uklidime 
DelFix https://toolslib.net/downloads/finish/2/
Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič
A pokud nejsou problemy ci dotazy, je to z me strany vse 
DelFix https://toolslib.net/downloads/finish/2/
- Stahnete a spustte
- Ponechte zatrzitkou pouze u volby Remote disinfection tools
- Kliknete na Run
Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standardPanel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: spomaleny internet
Ešte raz ďakujem a prajem pekný deň. 
Re: spomaleny internet
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?