VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Pomalu se načítají některé internetové stránky

https://forum.viry.cz:443/viewtopic.php?t=137419

Stránka 2 z 3

Re: Pomalu se načítají některé internetové stránky

Napsal: 16 dub 2014 18:47
od Antusek
Provedu. O tom proxy nic nevím. Nikde jsem nic nevyplňoval. Mám připojení přes kabel UPC.

Re: Pomalu se načítají některé internetové stránky

Napsal: 16 dub 2014 18:54
od Antusek
Posílám log z RSIT. A mohu se zeptat o jaký program se jedná, který je klasika a prověřený (údržba PC)? Díky za další rady.
:)

Logfile of random's system information tool 1.09 (written by random/random)
Run by kuku at 2014-04-16 19:52:08
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 391 GB (82%) free of 477 GB
Total RAM: 2558 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:52:17, on 16.4.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\UVC Video Camera\UVCSti.exe
C:\Program Files\UVC Video Camera\EffectDir\UVCTray.exe
C:\Program Files\EMET\EMET_notifier.exe
C:\Programy\HP\HP Software Update\hpwuschd2.exe
C:\Aviry\Avast\AvastUI.exe
C:\Prográmky\PDF24\pdf24.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Programy\Adobe\Adobe Acrobat Distiller 5.0\Distillr\AcroTray.exe
C:\Windows\system32\taskhost.exe
C:\Programy\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Programy\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Programy\HP\Digital Imaging\bin\hpqbam08.exe
C:\Programy\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Aviry\RSIT\RSIT.exe
C:\Aviry\RSIT\RSIT.exe
C:\Aviry\RSIT\RSIT.exe
C:\Program Files\trend micro\kuku.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=;ftp=;https=;
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programy\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Zonealarm Helper Object - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Aviry\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: WinZip Courier BHO - {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} - C:\PROGRA~1\WINZIP~1\wzwmcie.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programy\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: (no name) - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - (no file)
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [UVCSti] "C:\Program Files\UVC Video Camera\UVCSti.exe"
O4 - HKLM\..\Run: [RunUVC] "C:\Program Files\UVC Video Camera\EffectDir\UVCtray.exe"
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Aviry\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [EMET Notifier] C:\Program Files\EMET\EMET_notifier.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Programy\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
O4 - HKLM\..\Run: [HP Software Update] C:\Programy\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Aviry\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [PDFPrint] C:\Prográmky\PDF24\pdf24.exe
O4 - HKLM\..\Run: [TkBellExe] "c:\program files\real\realplayer\Update\realsched.exe" -osboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 6] "C:\Aviry\Advanced SystemCare 5\ASCTray.exe" /AutoStart (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 6] "C:\Aviry\Advanced SystemCare 5\ASCTray.exe" /AutoStart (User 'Default user')
O4 - Global Startup: Acrobat Assistant.lnk = C:\Programy\Adobe\Adobe Acrobat Distiller 5.0\Distillr\AcroTray.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programy\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: RealPlayer Cloud Service UI.lnk = C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\Programy\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\kuku\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programy\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programy\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Active File Monitor V10 (AdobeActiveFileMonitor10.0) - Adobe Systems Incorporated - C:\Fotoeditory\Adobe Photoshop Elements 10\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Aviry\Avast\AvastSvc.exe
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files\Guard-ICQ\GuardICQ.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: RealPlayer Cloud Service - RealNetworks, Inc. - c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe
O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files\Secunia\PSI\sua.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Aviry\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Aviry\CheckPoint\ZoneAlarm\ZAPrivacyService.exe

--
End of file - 10163 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\kuku\AppData\Roaming\Mozilla\Firefox\Profiles\9x5re7vu.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.com/firefox"
prefs.js - "keyword.URL" - "http://search.zonealarm.com/search?src= ... =&ver=&&q="

"wrc@avast.com"=C:\Aviry\Avast\WebRep\FF
"smartwebprinting@hp.com"=C:\Programy\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
"{8E8D8D12-A43B-4289-994D-DF2C7C0EF736}"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm LTD Toolbar Api
"Path"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3522.0110]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=17.0.6.13]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=17.0.6]
"Description"=RealPlayer Video Downloader (32-bit)
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=17.0.6]
"Description"=RealPlayer Video Downloader for HTML5 (32-bit)
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=17.0.6]
"Description"=RealPlayer Video Downloader for PepperFlash (32-bit)
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=17.0.6.13]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Programy\Adobe\Adobe Reader 10.0\Reader\AIR\nppdf32.dll


C:\Program Files\Mozilla Firefox\searchplugins\
yahoo.xml

C:\Users\kuku\AppData\Roaming\Mozilla\Firefox\Profiles\9x5re7vu.default\extensions\
donottrack@checkpoint.com
staged
{1018e4d6-728f-4b20-ad56-37578a4de76b}
{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

C:\Users\kuku\AppData\Roaming\Mozilla\Firefox\Profiles\9x5re7vu.default\searchplugins\
search.xml
zonealarm.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Programy\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}]
Zonealarm Helper Object - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll [2013-07-22 302992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-02-12 474184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Aviry\Avast\aswWebRepIE.dll [2014-04-11 597816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A8FB70FA-0FDF-4601-9DC4-BFA1B357204F}]
WinZip Courier BHO - C:\PROGRA~1\WINZIP~1\wzwmcie.dll [2011-10-21 356168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2013-11-20 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Programy\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"UVCSti"=C:\Program Files\UVC Video Camera\UVCSti.exe [2010-08-23 245760]
"RunUVC"=C:\Program Files\UVC Video Camera\EffectDir\UVCtray.exe [2010-08-23 7548928]
"ZoneAlarm"=C:\Aviry\CheckPoint\ZoneAlarm\zatray.exe [2013-06-19 73832]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2011-07-20 505720]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-06-16 499608]
"EMET Notifier"=C:\Program Files\EMET\EMET_notifier.exe [2012-05-09 152152]
"hpqSRMon"=C:\Programy\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2010-12-13 135536]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1425208]
"HP Software Update"=C:\Programy\HP\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]
""= []
"AvastUI.exe"=C:\Aviry\Avast\AvastUI.exe [2014-04-11 3854640]
"PDFPrint"=C:\Prográmky\PDF24\pdf24.exe [2013-12-06 186408]
"TkBellExe"=c:\program files\real\realplayer\Update\realsched.exe [2014-03-14 296520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Guard.Mail.ru.gui]
C:\Program Files\Guard-ICQ\GuardICQ.exe [2012-05-04 1564368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Komunikace\Skype\Phone\Skype.exe /minimized /regrun []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acrobat Assistant.lnk - C:\Programy\Adobe\Adobe Acrobat Distiller 5.0\Distillr\AcroTray.exe
HP Digital Imaging Monitor.lnk - C:\Programy\HP\Digital Imaging\bin\hpqtra08.exe
RealPlayer Cloud Service UI.lnk - C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
Secunia PSI Tray.lnk - C:\Program Files\Secunia\PSI\psi_tray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"msacm.siren"=sirenacm.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-04-13 18:41:57 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-04-13 18:41:35 ----D---- C:\ProgramData\Malwarebytes
2014-04-13 18:26:26 ----D---- C:\AdwCleaner
2014-04-11 21:31:00 ----A---- C:\Windows\avastSS.scr
2014-04-09 17:09:24 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-04-09 17:09:23 ----A---- C:\Windows\system32\iologmsg.dll
2014-04-09 17:09:23 ----A---- C:\Windows\system32\drivers\storport.sys
2014-04-09 17:09:23 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2014-04-09 17:09:21 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-04-09 17:09:19 ----A---- C:\Windows\system32\kernel32.dll
2014-04-09 17:09:16 ----A---- C:\Windows\system32\mshtml.dll
2014-03-25 21:07:14 ----N---- C:\Windows\system32\unicows.dll
2014-03-25 21:07:14 ----N---- C:\Windows\system32\msxml4a.dll
2014-03-25 21:07:14 ----N---- C:\Windows\system32\MSLUR71.dll
2014-03-25 21:07:14 ----N---- C:\Windows\system32\MSLUP71.dll
2014-03-25 21:07:14 ----N---- C:\Windows\system32\MFC71u.dll
2014-03-25 21:07:14 ----N---- C:\Windows\system32\MFC71LU.DLL
2014-03-25 21:07:14 ----N---- C:\Windows\system32\MFC71.dll
2014-03-25 21:07:14 ----N---- C:\Windows\system32\mfc70.dll
2014-03-25 21:07:14 ----N---- C:\Windows\system32\atl71.dll
2014-03-25 21:07:13 ----N---- C:\Windows\system32\vorbisenc.dll
2014-03-25 21:07:13 ----N---- C:\Windows\system32\vorbis.dll
2014-03-25 21:07:13 ----N---- C:\Windows\system32\TG_DUMP0708.DLL
2014-03-25 21:07:13 ----N---- C:\Windows\system32\tg_dump.dll
2014-03-25 21:07:13 ----N---- C:\Windows\system32\OggDS.dll
2014-03-25 21:07:13 ----N---- C:\Windows\system32\Ogg.dll
2014-03-25 21:07:13 ----N---- C:\Windows\system32\muzwmts.dll
2014-03-25 21:07:13 ----N---- C:\Windows\system32\muzapp.dll
2014-03-25 21:07:13 ----N---- C:\Windows\system32\muzaf1.dll
2014-03-25 21:07:13 ----A---- C:\Windows\system32\muzapp.exe
2014-03-25 21:07:12 ----N---- C:\Windows\system32\MaDRM.dll
2014-03-25 21:07:09 ----N---- C:\Windows\system32\MAMACExtract.dll
2014-03-25 21:06:58 ----D---- C:\Users\kuku\AppData\Roaming\DataCast
2014-03-25 21:06:56 ----D---- C:\Program Files\MarkAny

======List of files/folders modified in the last 1 month======

2014-04-16 19:52:17 ----D---- C:\Windows\Temp
2014-04-16 19:52:17 ----D---- C:\Windows\Prefetch
2014-04-16 19:52:11 ----D---- C:\Program Files\trend micro
2014-04-16 08:57:31 ----D---- C:\Windows\system32\config
2014-04-16 08:23:50 ----D---- C:\Windows\system32\Tasks
2014-04-16 08:23:16 ----D---- C:\Windows
2014-04-15 22:31:45 ----D---- C:\Byliny
2014-04-15 21:18:19 ----D---- C:\Windows\System32
2014-04-15 21:12:32 ----D---- C:\Windows\system32\drivers
2014-04-15 20:19:54 ----D---- C:\Aviry
2014-04-15 17:49:29 ----D---- C:\Prezentace 2014
2014-04-15 16:37:07 ----D---- C:\Windows\system32\FxsTmp
2014-04-15 08:54:20 ----SHD---- C:\System Volume Information
2014-04-14 09:10:19 ----D---- C:\Dopisy
2014-04-13 21:11:05 ----D---- C:\Album fotografií
2014-04-13 18:41:35 ----HD---- C:\ProgramData
2014-04-13 18:39:15 ----D---- C:\Programy - instalace
2014-04-12 22:39:40 ----D---- C:\Windows\inf
2014-04-12 18:22:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-04-11 21:31:00 ----A---- C:\Windows\system32\aswBoot.exe
2014-04-11 11:54:03 ----D---- C:\Stati 2014
2014-04-10 22:40:03 ----D---- C:\Windows\debug
2014-04-10 12:51:52 ----D---- C:\Windows\rescache
2014-04-10 08:50:12 ----D---- C:\Windows\winsxs
2014-04-10 08:48:23 ----D---- C:\Windows\system32\cs-CZ
2014-04-10 08:48:21 ----D---- C:\Windows\system32\DriverStore
2014-04-09 22:31:44 ----SHD---- C:\Windows\Installer
2014-04-09 22:31:43 ----SHD---- C:\Config.Msi
2014-04-09 22:30:21 ----D---- C:\Windows\system32\MRT
2014-04-09 22:28:42 ----A---- C:\Windows\system32\MRT.exe
2014-04-09 17:09:09 ----D---- C:\Windows\system32\catroot2
2014-04-09 17:09:09 ----D---- C:\Windows\system32\catroot
2014-04-09 15:43:05 ----D---- C:\Program Files\Opera
2014-04-06 13:57:01 ----D---- C:\články
2014-03-28 23:17:55 ----RD---- C:\Program Files
2014-03-28 12:14:44 ----D---- C:\Recepty
2014-03-27 00:11:13 ----D---- C:\Stati 2012
2014-03-25 21:06:55 ----HD---- C:\Program Files\InstallShield Installation Information
2014-03-24 09:42:39 ----D---- C:\Stati 2013

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-04-11 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-04-11 180760]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2010-03-19 45648]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2012-10-31 20624]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-04-11 81768]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-04-11 776976]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-04-11 411552]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2013-06-13 455704]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-04-11 67824]
R3 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-04-11 67264]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2012-06-19 3240400]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver; C:\Windows\System32\Drivers\nx6000.sys [2010-12-13 30576]
R3 NVNET;NVIDIA nForce Ethernet Driver; C:\Windows\system32\DRIVERS\nvmf6232.sys [2010-08-12 298216]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2010-03-22 18944]
R3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys [2011-12-16 15544]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x86; C:\Windows\system32\DRIVERS\Apfiltr.sys [2011-05-25 305488]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 Cam3820;Cam3820 PC Camera Driver; C:\Windows\System32\Drivers\cam3820a.sys [2010-08-25 369024]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-07-28 49088]
S3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-04-15 107736]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-14 347264]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-09 14848]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-12-09 49664]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10; C:\Fotoeditory\Adobe Photoshop Elements 10\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-09-14 169624]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 avast! Antivirus;avast! Antivirus; C:\Aviry\Avast\AvastSvc.exe [2014-04-11 50344]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-03-03 1363584]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-03-03 1748608]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2010-12-13 135536]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-02-10 634144]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [2014-02-12 39568]
R2 RealPlayer Cloud Service;RealPlayer Cloud Service; c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe [2014-03-14 1141336]
R2 RealPlayerUpdateSvc;RealPlayer Update Service; C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-02-12 23552]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [2012-09-24 1328736]
R2 Secunia Update Agent;Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [2012-09-24 656480]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 1713904]
R2 ZAPrivacyService;ZoneAlarm Privacy Service; C:\Aviry\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [2013-06-18 54160]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files\Guard-ICQ\GuardICQ.exe [2012-05-04 1564368]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-13 116648]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-10 1266464]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 vsmon;TrueVector Internet Monitor; C:\Aviry\CheckPoint\ZoneAlarm\vsmon.exe [2013-06-19 2445304]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-13 257928]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2014-01-10 1512640]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-13 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-01 108032]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-05 119408]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-05-04 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 ATMsrvc;ATM Service; C:\Windows\System32\ATMsrvc.exe [2000-05-24 15360]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Re: Pomalu se načítají některé internetové stránky

Napsal: 16 dub 2014 19:45
od Márty84
Zopakujte tedy jeste sken s RogueKillerem, jestli proxy jeste najde.

:!: Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
:arrow: Spustte RogueKiller jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte


Antusek píše:A mohu se zeptat o jaký program se jedná, který je klasika a prověřený (údržba PC)?
CCleaner, Defraggler. Bohate staci.

Re: Pomalu se načítají některé internetové stránky

Napsal: 16 dub 2014 21:06
od Antusek
Provedu. CCleaner používám a Deffrager mám taky.

Re: Pomalu se načítají některé internetové stránky

Napsal: 17 dub 2014 03:27
od Márty84
Tak jo, pockam na log, podle toho pak budem pokracovat.

Re: Pomalu se načítají některé internetové stránky

Napsal: 17 dub 2014 16:16
od Antusek
Vkládám log a díky za další rady.

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : kuku [Práva správce]
Mód : Kontrola -- Datum : 04/17/2014 17:13:08
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 1 ¤¤¤
[PROXY IE][PUM] HKCU\[...]\Internet Settings : ProxyServer (hxxp=;ftp=;hxxps=; [Country: (Private Address) (XX), City: (Private Address)]) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] IAT @explorer.exe (GetProcAddress) : KERNEL32.dll -> HOOKED (C:\Windows\system32\apphelp.dll @ 0x755CFFF6)
[Address] EAT @explorer.exe (DllGetClassObject) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6CF9D)
[Address] EAT @explorer.exe (IEnumString_Next_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6E000)
[Address] EAT @explorer.exe (IEnumString_Reset_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6E029)
[Address] EAT @explorer.exe (IPropertyBag2_Write_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6E049)
[Address] EAT @explorer.exe (IWICBitmapClipper_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DD2A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportAnimation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6EA9A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportLossless_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6EABD)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportMultiframe_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6EAE0)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6E9D3)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceManufacturer_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6E9F6)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceModels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6EA1F)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetFileExtensions_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6EA71)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetMimeTypes_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6EA48)
[Address] EAT @explorer.exe (IWICBitmapDecoder_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D845)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6E9AA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetDecoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D822)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrameCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D9A2)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D868)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D8DA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetPreview_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DC74)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6E9D3)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DC05)
[Address] EAT @explorer.exe (IWICBitmapEncoder_CreateNewFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DB87)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetEncoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DB5E)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D9A2)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DB32)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DBDC)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DBB3)
[Address] EAT @explorer.exe (IWICBitmapFlipRotator_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DD2A)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D88E)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D8DA)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D8B7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D9C5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6EB03)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DFB7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DB06)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DA17)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D9E5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DADD)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_WriteSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DA71)
[Address] EAT @explorer.exe (IWICBitmapLock_GetDataPointer_STA_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D7FC)
[Address] EAT @explorer.exe (IWICBitmapLock_GetStride_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DC25)
[Address] EAT @explorer.exe (IWICBitmapScaler_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DCFE)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D822)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPixels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DC48)
[Address] EAT @explorer.exe (IWICBitmapSource_GetPixelFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DC25)
[Address] EAT @explorer.exe (IWICBitmapSource_GetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D7FC)
[Address] EAT @explorer.exe (IWICBitmapSource_GetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D91D)
[Address] EAT @explorer.exe (IWICBitmap_Lock_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6E981)
[Address] EAT @explorer.exe (IWICBitmap_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DC74)
[Address] EAT @explorer.exe (IWICBitmap_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DC97)
[Address] EAT @explorer.exe (IWICColorContext_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6EB75)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateMetadataWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D7AA)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateQueryWriterFromBlockWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D7D3)
[Address] EAT @explorer.exe (IWICComponentInfo_GetAuthor_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6E958)
[Address] EAT @explorer.exe (IWICComponentInfo_GetCLSID_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DC25)
[Address] EAT @explorer.exe (IWICComponentInfo_GetFriendlyName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6E9AA)
[Address] EAT @explorer.exe (IWICComponentInfo_GetSpecVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D88E)
[Address] EAT @explorer.exe (IWICComponentInfo_GetVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6E981)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D8FD)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DC25)
[Address] EAT @explorer.exe (IWICFormatConverter_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DCC7)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapClipper_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D557)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFlipRotator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D580)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHBITMAP_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D6BA)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHICON_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D6E6)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D656)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D62D)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapScaler_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D52E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D68B)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateComponentInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D4D9)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFileHandle_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D4A1)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFilename_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D466)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D42E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateEncoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D5D2)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromDecoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D70C)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromFrameDecode_Proxu) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D732)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFormatConverter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D505)
[Address] EAT @explorer.exe (IWICImagingFactory_CreatePalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DADD)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D781)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D758)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D5A9)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DC25)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetReaderByIndex_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DFB7)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetEnumerator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D822)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetLocation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6E049)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_RemoveMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D8DA)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_SetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DFDA)
[Address] EAT @explorer.exe (IWICPalette_GetColorCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D96C)
[Address] EAT @explorer.exe (IWICPalette_GetColors_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D88E)
[Address] EAT @explorer.exe (IWICPalette_GetType_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D845)
[Address] EAT @explorer.exe (IWICPalette_HasAlpha_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D9A2)
[Address] EAT @explorer.exe (IWICPalette_InitializeCustom_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6EB75)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D943)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D822)
[Address] EAT @explorer.exe (IWICPalette_InitializePredefined_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D91D)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetBitsPerPixel_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6EB03)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DD50)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelMask_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6EB26)
[Address] EAT @explorer.exe (IWICStream_InitializeFromIStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DD50)
[Address] EAT @explorer.exe (IWICStream_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DD73)
[Address] EAT @explorer.exe (WICConvertBitmapSource) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DDB8)
[Address] EAT @explorer.exe (WICCreateBitmapFromSection) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DF8D)
[Address] EAT @explorer.exe (WICCreateBitmapFromSectionEx) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DE8C)
[Address] EAT @explorer.exe (WICCreateColorContext_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6EB52)
[Address] EAT @explorer.exe (WICCreateImagingFactory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D02B)
[Address] EAT @explorer.exe (WICGetMetadataContentSize) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6E61D)
[Address] EAT @explorer.exe (WICMapGuidToShortName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D0EC)
[Address] EAT @explorer.exe (WICMapSchemaToName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D2E0)
[Address] EAT @explorer.exe (WICMapShortNameToGuid) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D217)
[Address] EAT @explorer.exe (WICMatchMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6E072)
[Address] EAT @explorer.exe (WICSerializeMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6E1B4)
[Address] EAT @explorer.exe (WICSetEncoderFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DD99)
[Address] EAT @explorer.exe (BeginBufferedAnimation) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741A09AE)
[Address] EAT @explorer.exe (BeginBufferedPaint) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741949A1)
[Address] EAT @explorer.exe (BeginPanningFeedback) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C0731)
[Address] EAT @explorer.exe (BufferedPaintClear) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74196395)
[Address] EAT @explorer.exe (BufferedPaintInit) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7419940E)
[Address] EAT @explorer.exe (BufferedPaintRenderAnimation) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741A08ED)
[Address] EAT @explorer.exe (BufferedPaintSetAlpha) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741AE6B3)
[Address] EAT @explorer.exe (BufferedPaintStopAllAnimations) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741AD395)
[Address] EAT @explorer.exe (BufferedPaintUnInit) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741994AB)
[Address] EAT @explorer.exe (CloseThemeData) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74196A18)
[Address] EAT @explorer.exe (DrawThemeBackground) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74193982)
[Address] EAT @explorer.exe (DrawThemeBackgroundEx) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741AD9DA)
[Address] EAT @explorer.exe (DrawThemeEdge) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741B3B52)
[Address] EAT @explorer.exe (DrawThemeIcon) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C35E7)
[Address] EAT @explorer.exe (DrawThemeParentBackground) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741953E5)
[Address] EAT @explorer.exe (DrawThemeParentBackgroundEx) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741951BF)
[Address] EAT @explorer.exe (DrawThemeText) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74194EA1)
[Address] EAT @explorer.exe (DrawThemeTextEx) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741963E6)
[Address] EAT @explorer.exe (EnableThemeDialogTexture) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7419FCAF)
[Address] EAT @explorer.exe (EnableTheming) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C2FEB)
[Address] EAT @explorer.exe (EndBufferedAnimation) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74193F9A)
[Address] EAT @explorer.exe (EndBufferedPaint) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74193F9A)
[Address] EAT @explorer.exe (EndPanningFeedback) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C06CC)
[Address] EAT @explorer.exe (GetBufferedPaintBits) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74194BAF)
[Address] EAT @explorer.exe (GetBufferedPaintDC) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741A04BC)
[Address] EAT @explorer.exe (GetBufferedPaintTargetDC) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741A0473)
[Address] EAT @explorer.exe (GetBufferedPaintTargetRect) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C2E7F)
[Address] EAT @explorer.exe (GetCurrentThemeName) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741A05DD)
[Address] EAT @explorer.exe (GetThemeAppProperties) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741A0FB1)
[Address] EAT @explorer.exe (GetThemeBackgroundContentRect) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7419CD2E)
[Address] EAT @explorer.exe (GetThemeBackgroundExtent) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7419F8BF)
[Address] EAT @explorer.exe (GetThemeBackgroundRegion) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741A165D)
[Address] EAT @explorer.exe (GetThemeBitmap) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7419BF93)
[Address] EAT @explorer.exe (GetThemeBool) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74197C1F)
[Address] EAT @explorer.exe (GetThemeColor) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7419616C)
[Address] EAT @explorer.exe (GetThemeDocumentationProperty) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C2932)
[Address] EAT @explorer.exe (GetThemeEnumValue) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7419616C)
[Address] EAT @explorer.exe (GetThemeFilename) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C2412)
[Address] EAT @explorer.exe (GetThemeFont) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7419FF21)
[Address] EAT @explorer.exe (GetThemeInt) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7419616C)
[Address] EAT @explorer.exe (GetThemeIntList) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C23B1)
[Address] EAT @explorer.exe (GetThemeMargins) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741986E9)
[Address] EAT @explorer.exe (GetThemeMetric) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741A06E2)
[Address] EAT @explorer.exe (GetThemePartSize) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7419CDB1)
[Address] EAT @explorer.exe (GetThemePosition) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C2350)
[Address] EAT @explorer.exe (GetThemePropertyOrigin) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741B3FBB)
[Address] EAT @explorer.exe (GetThemeRect) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741A3611)
[Address] EAT @explorer.exe (GetThemeStream) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741A39D9)
[Address] EAT @explorer.exe (GetThemeString) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C22E4)
[Address] EAT @explorer.exe (GetThemeSysBool) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C3172)
[Address] EAT @explorer.exe (GetThemeSysColor) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741B3274)
[Address] EAT @explorer.exe (GetThemeSysColorBrush) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C301E)
[Address] EAT @explorer.exe (GetThemeSysFont) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C29C4)
[Address] EAT @explorer.exe (GetThemeSysInt) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C2BD3)
[Address] EAT @explorer.exe (GetThemeSysSize) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C320B)
[Address] EAT @explorer.exe (GetThemeSysString) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C2B3F)
[Address] EAT @explorer.exe (GetThemeTextExtent) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74192D57)
[Address] EAT @explorer.exe (GetThemeTextMetrics) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7419F992)
[Address] EAT @explorer.exe (GetThemeTransitionDuration) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741A1081)
[Address] EAT @explorer.exe (GetWindowTheme) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7419DF46)
[Address] EAT @explorer.exe (HitTestThemeBackground) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741A3CE3)
[Address] EAT @explorer.exe (IsAppThemed) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7419F869)
[Address] EAT @explorer.exe (IsCompositionActive) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74192E9A)
[Address] EAT @explorer.exe (IsThemeActive) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7419F785)
[Address] EAT @explorer.exe (IsThemeBackgroundPartiallyTransparent) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741960AB)
[Address] EAT @explorer.exe (IsThemeDialogTextureEnabled) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C312B)
[Address] EAT @explorer.exe (IsThemePartDefined) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741985B4)
[Address] EAT @explorer.exe (OpenThemeData) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741973D2)
[Address] EAT @explorer.exe (OpenThemeDataEx) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741B3D43)
[Address] EAT @explorer.exe (SetThemeAppProperties) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C3296)
[Address] EAT @explorer.exe (SetWindowTheme) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741A0134)
[Address] EAT @explorer.exe (SetWindowThemeAttribute) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741ACFE6)
[Address] EAT @explorer.exe (ThemeInitApiHook) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7419B176)
[Address] EAT @explorer.exe (UpdatePanningFeedback) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C068D)
[Address] EAT @explorer.exe (DriverProc) : wkscli.dll -> HOOKED (C:\Windows\system32\wdmaud.drv @ 0x73683FEE)
[Address] EAT @explorer.exe (midMessage) : wkscli.dll -> HOOKED (C:\Windows\system32\wdmaud.drv @ 0x7368817A)
[Address] EAT @explorer.exe (modMessage) : wkscli.dll -> HOOKED (C:\Windows\system32\wdmaud.drv @ 0x73687F0C)
[Address] EAT @explorer.exe (mxdMessage) : wkscli.dll -> HOOKED (C:\Windows\system32\wdmaud.drv @ 0x73683F5C)
[Address] EAT @explorer.exe (widMessage) : wkscli.dll -> HOOKED (C:\Windows\system32\wdmaud.drv @ 0x736865C3)
[Address] EAT @explorer.exe (wodMessage) : wkscli.dll -> HOOKED (C:\Windows\system32\wdmaud.drv @ 0x73684AB6)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) SAMSUNG HD503HI ATA Device +++++
--- User ---
[MBR] 64ee73ab9dd303dad9a4eec756fe3f9f
[BSP] 542a19f7936496f09b6c1d5556d64aa1 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Generic USB SD Reader USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

+++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ USB) Generic USB CF Reader USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

+++++ PhysicalDrive3: (\\.\PHYSICALDRIVE3 @ USB) Generic USB SM Reader USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

+++++ PhysicalDrive4: (\\.\PHYSICALDRIVE4 @ USB) Generic USB MS Reader USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

Dokončeno : << RKreport[0]_S_04172014_171308.txt >>
RKreport[0]_S_04162014_221144.txt

Re: Pomalu se načítají některé internetové stránky

Napsal: 17 dub 2014 16:22
od Antusek
Omylem jsem nespustil jako správce. Tak tedy vkládám ještě jednou a díky za další rady.

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : kuku [Práva správce]
Mód : Kontrola -- Datum : 04/17/2014 17:21:09
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 1 ¤¤¤
[PROXY IE][PUM] HKCU\[...]\Internet Settings : ProxyServer (hxxp=;ftp=;hxxps=; [Country: (Private Address) (XX), City: (Private Address)]) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] IAT @explorer.exe (GetProcAddress) : KERNEL32.dll -> HOOKED (C:\Windows\system32\apphelp.dll @ 0x755CFFF6)
[Address] EAT @explorer.exe (DllGetClassObject) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6CF9D)
[Address] EAT @explorer.exe (IEnumString_Next_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6E000)
[Address] EAT @explorer.exe (IEnumString_Reset_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6E029)
[Address] EAT @explorer.exe (IPropertyBag2_Write_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6E049)
[Address] EAT @explorer.exe (IWICBitmapClipper_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DD2A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportAnimation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6EA9A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportLossless_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6EABD)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportMultiframe_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6EAE0)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6E9D3)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceManufacturer_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6E9F6)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceModels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6EA1F)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetFileExtensions_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6EA71)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetMimeTypes_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6EA48)
[Address] EAT @explorer.exe (IWICBitmapDecoder_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D845)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6E9AA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetDecoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D822)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrameCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D9A2)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D868)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D8DA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetPreview_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DC74)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6E9D3)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DC05)
[Address] EAT @explorer.exe (IWICBitmapEncoder_CreateNewFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DB87)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetEncoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DB5E)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D9A2)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DB32)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DBDC)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DBB3)
[Address] EAT @explorer.exe (IWICBitmapFlipRotator_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DD2A)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D88E)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D8DA)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D8B7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D9C5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6EB03)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DFB7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DB06)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DA17)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D9E5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DADD)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_WriteSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DA71)
[Address] EAT @explorer.exe (IWICBitmapLock_GetDataPointer_STA_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D7FC)
[Address] EAT @explorer.exe (IWICBitmapLock_GetStride_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DC25)
[Address] EAT @explorer.exe (IWICBitmapScaler_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DCFE)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D822)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPixels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DC48)
[Address] EAT @explorer.exe (IWICBitmapSource_GetPixelFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DC25)
[Address] EAT @explorer.exe (IWICBitmapSource_GetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D7FC)
[Address] EAT @explorer.exe (IWICBitmapSource_GetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D91D)
[Address] EAT @explorer.exe (IWICBitmap_Lock_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6E981)
[Address] EAT @explorer.exe (IWICBitmap_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DC74)
[Address] EAT @explorer.exe (IWICBitmap_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DC97)
[Address] EAT @explorer.exe (IWICColorContext_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6EB75)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateMetadataWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D7AA)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateQueryWriterFromBlockWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D7D3)
[Address] EAT @explorer.exe (IWICComponentInfo_GetAuthor_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6E958)
[Address] EAT @explorer.exe (IWICComponentInfo_GetCLSID_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DC25)
[Address] EAT @explorer.exe (IWICComponentInfo_GetFriendlyName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6E9AA)
[Address] EAT @explorer.exe (IWICComponentInfo_GetSpecVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D88E)
[Address] EAT @explorer.exe (IWICComponentInfo_GetVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6E981)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D8FD)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DC25)
[Address] EAT @explorer.exe (IWICFormatConverter_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DCC7)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapClipper_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D557)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFlipRotator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D580)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHBITMAP_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D6BA)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHICON_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D6E6)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D656)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D62D)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapScaler_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D52E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D68B)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateComponentInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D4D9)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFileHandle_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D4A1)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFilename_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D466)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D42E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateEncoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D5D2)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromDecoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D70C)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromFrameDecode_Proxc!6è”ðø"Ò) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D732)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFormatConverter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D505)
[Address] EAT @explorer.exe (IWICImagingFactory_CreatePalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DADD)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D781)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D758)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D5A9)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DC25)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetReaderByIndex_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DFB7)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetEnumerator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D822)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetLocation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6E049)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_RemoveMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D8DA)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_SetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DFDA)
[Address] EAT @explorer.exe (IWICPalette_GetColorCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D96C)
[Address] EAT @explorer.exe (IWICPalette_GetColors_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D88E)
[Address] EAT @explorer.exe (IWICPalette_GetType_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D845)
[Address] EAT @explorer.exe (IWICPalette_HasAlpha_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D9A2)
[Address] EAT @explorer.exe (IWICPalette_InitializeCustom_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6EB75)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D943)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D822)
[Address] EAT @explorer.exe (IWICPalette_InitializePredefined_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D91D)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetBitsPerPixel_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6EB03)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DD50)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelMask_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6EB26)
[Address] EAT @explorer.exe (IWICStream_InitializeFromIStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DD50)
[Address] EAT @explorer.exe (IWICStream_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DD73)
[Address] EAT @explorer.exe (WICConvertBitmapSource) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DDB8)
[Address] EAT @explorer.exe (WICCreateBitmapFromSection) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DF8D)
[Address] EAT @explorer.exe (WICCreateBitmapFromSectionEx) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DE8C)
[Address] EAT @explorer.exe (WICCreateColorContext_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6EB52)
[Address] EAT @explorer.exe (WICCreateImagingFactory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D02B)
[Address] EAT @explorer.exe (WICGetMetadataContentSize) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6E61D)
[Address] EAT @explorer.exe (WICMapGuidToShortName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D0EC)
[Address] EAT @explorer.exe (WICMapSchemaToName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D2E0)
[Address] EAT @explorer.exe (WICMapShortNameToGuid) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6D217)
[Address] EAT @explorer.exe (WICMatchMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6E072)
[Address] EAT @explorer.exe (WICSerializeMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6E1B4)
[Address] EAT @explorer.exe (WICSetEncoderFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73C6DD99)
[Address] EAT @explorer.exe (BeginBufferedAnimation) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741A09AE)
[Address] EAT @explorer.exe (BeginBufferedPaint) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741949A1)
[Address] EAT @explorer.exe (BeginPanningFeedback) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C0731)
[Address] EAT @explorer.exe (BufferedPaintClear) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74196395)
[Address] EAT @explorer.exe (BufferedPaintInit) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7419940E)
[Address] EAT @explorer.exe (BufferedPaintRenderAnimation) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741A08ED)
[Address] EAT @explorer.exe (BufferedPaintSetAlpha) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741AE6B3)
[Address] EAT @explorer.exe (BufferedPaintStopAllAnimations) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741AD395)
[Address] EAT @explorer.exe (BufferedPaintUnInit) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741994AB)
[Address] EAT @explorer.exe (CloseThemeData) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74196A18)
[Address] EAT @explorer.exe (DrawThemeBackground) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74193982)
[Address] EAT @explorer.exe (DrawThemeBackgroundEx) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741AD9DA)
[Address] EAT @explorer.exe (DrawThemeEdge) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741B3B52)
[Address] EAT @explorer.exe (DrawThemeIcon) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C35E7)
[Address] EAT @explorer.exe (DrawThemeParentBackground) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741953E5)
[Address] EAT @explorer.exe (DrawThemeParentBackgroundEx) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741951BF)
[Address] EAT @explorer.exe (DrawThemeText) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74194EA1)
[Address] EAT @explorer.exe (DrawThemeTextEx) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741963E6)
[Address] EAT @explorer.exe (EnableThemeDialogTexture) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7419FCAF)
[Address] EAT @explorer.exe (EnableTheming) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C2FEB)
[Address] EAT @explorer.exe (EndBufferedAnimation) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74193F9A)
[Address] EAT @explorer.exe (EndBufferedPaint) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74193F9A)
[Address] EAT @explorer.exe (EndPanningFeedback) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C06CC)
[Address] EAT @explorer.exe (GetBufferedPaintBits) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74194BAF)
[Address] EAT @explorer.exe (GetBufferedPaintDC) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741A04BC)
[Address] EAT @explorer.exe (GetBufferedPaintTargetDC) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741A0473)
[Address] EAT @explorer.exe (GetBufferedPaintTargetRect) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C2E7F)
[Address] EAT @explorer.exe (GetCurrentThemeName) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741A05DD)
[Address] EAT @explorer.exe (GetThemeAppProperties) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741A0FB1)
[Address] EAT @explorer.exe (GetThemeBackgroundContentRect) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7419CD2E)
[Address] EAT @explorer.exe (GetThemeBackgroundExtent) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7419F8BF)
[Address] EAT @explorer.exe (GetThemeBackgroundRegion) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741A165D)
[Address] EAT @explorer.exe (GetThemeBitmap) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7419BF93)
[Address] EAT @explorer.exe (GetThemeBool) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74197C1F)
[Address] EAT @explorer.exe (GetThemeColor) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7419616C)
[Address] EAT @explorer.exe (GetThemeDocumentationProperty) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C2932)
[Address] EAT @explorer.exe (GetThemeEnumValue) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7419616C)
[Address] EAT @explorer.exe (GetThemeFilename) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C2412)
[Address] EAT @explorer.exe (GetThemeFont) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7419FF21)
[Address] EAT @explorer.exe (GetThemeInt) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7419616C)
[Address] EAT @explorer.exe (GetThemeIntList) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C23B1)
[Address] EAT @explorer.exe (GetThemeMargins) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741986E9)
[Address] EAT @explorer.exe (GetThemeMetric) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741A06E2)
[Address] EAT @explorer.exe (GetThemePartSize) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7419CDB1)
[Address] EAT @explorer.exe (GetThemePosition) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C2350)
[Address] EAT @explorer.exe (GetThemePropertyOrigin) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741B3FBB)
[Address] EAT @explorer.exe (GetThemeRect) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741A3611)
[Address] EAT @explorer.exe (GetThemeStream) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741A39D9)
[Address] EAT @explorer.exe (GetThemeString) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C22E4)
[Address] EAT @explorer.exe (GetThemeSysBool) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C3172)
[Address] EAT @explorer.exe (GetThemeSysColor) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741B3274)
[Address] EAT @explorer.exe (GetThemeSysColorBrush) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C301E)
[Address] EAT @explorer.exe (GetThemeSysFont) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C29C4)
[Address] EAT @explorer.exe (GetThemeSysInt) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C2BD3)
[Address] EAT @explorer.exe (GetThemeSysSize) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C320B)
[Address] EAT @explorer.exe (GetThemeSysString) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C2B3F)
[Address] EAT @explorer.exe (GetThemeTextExtent) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74192D57)
[Address] EAT @explorer.exe (GetThemeTextMetrics) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7419F992)
[Address] EAT @explorer.exe (GetThemeTransitionDuration) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741A1081)
[Address] EAT @explorer.exe (GetWindowTheme) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7419DF46)
[Address] EAT @explorer.exe (HitTestThemeBackground) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741A3CE3)
[Address] EAT @explorer.exe (IsAppThemed) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7419F869)
[Address] EAT @explorer.exe (IsCompositionActive) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74192E9A)
[Address] EAT @explorer.exe (IsThemeActive) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7419F785)
[Address] EAT @explorer.exe (IsThemeBackgroundPartiallyTransparent) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741960AB)
[Address] EAT @explorer.exe (IsThemeDialogTextureEnabled) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C312B)
[Address] EAT @explorer.exe (IsThemePartDefined) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741985B4)
[Address] EAT @explorer.exe (OpenThemeData) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741973D2)
[Address] EAT @explorer.exe (OpenThemeDataEx) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741B3D43)
[Address] EAT @explorer.exe (SetThemeAppProperties) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C3296)
[Address] EAT @explorer.exe (SetWindowTheme) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741A0134)
[Address] EAT @explorer.exe (SetWindowThemeAttribute) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741ACFE6)
[Address] EAT @explorer.exe (ThemeInitApiHook) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7419B176)
[Address] EAT @explorer.exe (UpdatePanningFeedback) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x741C068D)
[Address] EAT @explorer.exe (DriverProc) : wkscli.dll -> HOOKED (C:\Windows\system32\wdmaud.drv @ 0x73683FEE)
[Address] EAT @explorer.exe (midMessage) : wkscli.dll -> HOOKED (C:\Windows\system32\wdmaud.drv @ 0x7368817A)
[Address] EAT @explorer.exe (modMessage) : wkscli.dll -> HOOKED (C:\Windows\system32\wdmaud.drv @ 0x73687F0C)
[Address] EAT @explorer.exe (mxdMessage) : wkscli.dll -> HOOKED (C:\Windows\system32\wdmaud.drv @ 0x73683F5C)
[Address] EAT @explorer.exe (widMessage) : wkscli.dll -> HOOKED (C:\Windows\system32\wdmaud.drv @ 0x736865C3)
[Address] EAT @explorer.exe (wodMessage) : wkscli.dll -> HOOKED (C:\Windows\system32\wdmaud.drv @ 0x73684AB6)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) SAMSUNG HD503HI ATA Device +++++
--- User ---
[MBR] 64ee73ab9dd303dad9a4eec756fe3f9f
[BSP] 542a19f7936496f09b6c1d5556d64aa1 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Generic USB SD Reader USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

+++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ USB) Generic USB CF Reader USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

+++++ PhysicalDrive3: (\\.\PHYSICALDRIVE3 @ USB) Generic USB SM Reader USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

+++++ PhysicalDrive4: (\\.\PHYSICALDRIVE4 @ USB) Generic USB MS Reader USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

Dokončeno : << RKreport[0]_S_04172014_172109.txt >>
RKreport[0]_S_04162014_221144.txt;RKreport[0]_S_04172014_171308.txt

Re: Pomalu se načítají některé internetové stránky

Napsal: 17 dub 2014 18:17
od Márty84
:arrow: Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Oprava Proxy)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete Oprava Proxy a Zprava
Objevi se log. Ten mi sem vlozte.

Re: Pomalu se načítají některé internetové stránky

Napsal: 17 dub 2014 18:37
od Antusek
Vkládám log a díky.

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : kuku [Práva správce]
Mód : Oprava Proxy -- Datum : 04/17/2014 19:36:57
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

Dokončeno : << RKreport[0]_PR_04172014_193657.txt >>
RKreport[0]_S_04162014_221144.txt;RKreport[0]_S_04172014_171308.txt;RKreport[0]_S_04172014_172109.txt
RKreport[0]_S_04172014_193643.txt

Re: Pomalu se načítají některé internetové stránky

Napsal: 18 dub 2014 17:51
od Márty84
:!: Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

Re: Pomalu se načítají některé internetové stránky

Napsal: 18 dub 2014 22:35
od Antusek
Tak jsem udělal vše dle pokynů. Sken byl trošku delší. Pak se objevila hláška Cannot create log a musel jsem to potvrdit a nikde log nevidím a v PC to také nic nenašlo. Na tomto PC budu až v pondělí večer a apk udělám další kroky dle vašich rad. Přeji hezké velikonoce a díky za další postup. :???: :)

Re: Pomalu se načítají některé internetové stránky

Napsal: 18 dub 2014 22:47
od Márty84
:arrow: Pokud se log nevytvoril, zkuste OTL spustit podle stejneho navodu znovu, ale s timto upravenym skriptem.

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Vam take krasne Velikonoce :) Tak v pondeli, pripadne v utery :bye:

Re: Pomalu se načítají některé internetové stránky

Napsal: 21 dub 2014 17:43
od Antusek
Udělal jsem vše dle pokynů. Tentokrát to log vytvořilo. Díky za další rady je-li to již o.k. a v PC již nic není za havěť.

OTL logfile created on: 21.4.2014 18:02:33 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\kuku\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,50 Gb Total Physical Memory | 1,52 Gb Available Physical Memory | 60,96% Memory free
4,99 Gb Paging File | 3,52 Gb Available in Paging File | 70,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,66 Gb Total Space | 381,52 Gb Free Space | 81,93% Space Free | Partition Type: NTFS

Computer Name: KUKU-PC | User Name: kuku | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.04.18 22:41:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\kuku\Desktop\OTL.exe
PRC - [2014.04.11 21:30:57 | 003,854,640 | ---- | M] (AVAST Software) -- C:\Aviry\Avast\AvastUI.exe
PRC - [2014.04.11 21:30:57 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Aviry\Avast\AvastSvc.exe
PRC - [2014.04.02 03:58:05 | 000,841,032 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014.03.14 20:04:39 | 001,141,336 | ---- | M] (RealNetworks, Inc.) -- c:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
PRC - [2014.03.14 20:04:39 | 000,814,176 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
PRC - [2014.03.14 20:04:37 | 000,296,520 | ---- | M] (RealNetworks, Inc.) -- c:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2014.03.03 10:53:02 | 001,363,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014.03.03 10:52:32 | 001,748,608 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2014.02.12 17:29:36 | 000,023,552 | ---- | M] () -- C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
PRC - [2014.02.12 15:42:10 | 000,039,568 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013.12.18 20:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.12.06 10:06:50 | 000,186,408 | ---- | M] (Geek Software GmbH) -- C:\Prográmky\PDF24\pdf24.exe
PRC - [2013.06.19 23:13:16 | 002,445,304 | ---- | M] (Check Point Software Technologies LTD) -- C:\Aviry\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2013.06.19 22:41:38 | 000,073,832 | ---- | M] (Check Point Software Technologies LTD) -- C:\Aviry\CheckPoint\ZoneAlarm\zatray.exe
PRC - [2013.06.18 03:34:34 | 000,054,160 | ---- | M] (Check Point Software Technologies, Ltd.) -- C:\Aviry\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
PRC - [2013.02.10 02:35:07 | 001,821,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2013.02.10 02:35:07 | 000,866,592 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2012.11.23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012.09.24 14:46:16 | 001,328,736 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2012.09.24 14:46:16 | 000,656,480 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2012.09.24 14:46:14 | 000,573,536 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2012.05.09 14:25:58 | 000,152,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\EMET\EMET_notifier.exe
PRC - [2011.09.14 22:06:38 | 000,169,624 | ---- | M] (Adobe Systems Incorporated) -- C:\Fotoeditory\Adobe Photoshop Elements 10\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2011.06.16 17:00:28 | 000,315,256 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.12.13 15:37:46 | 000,135,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2010.08.23 17:40:08 | 007,548,928 | ---- | M] (Alcor Micro Corp.) -- C:\Program Files\UVC Video Camera\EffectDir\UVCTray.exe
PRC - [2010.08.23 17:39:58 | 000,245,760 | ---- | M] (Alcor Micro Corp.) -- C:\Program Files\UVC Video Camera\UVCSti.exe
PRC - [2010.05.04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2001.03.15 08:18:18 | 000,049,254 | ---- | M] (Adobe Systems Inc.) -- C:\Programy\Adobe\Adobe Acrobat Distiller 5.0\Distillr\AcroTray.exe


========== Modules (No Company Name) ==========

MOD - [2014.04.02 03:58:03 | 000,390,472 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.116\ppgooglenaclpluginchrome.dll
MOD - [2014.04.02 03:57:59 | 004,081,480 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.116\pdf.dll
MOD - [2014.04.02 03:57:54 | 000,674,632 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.116\libglesv2.dll
MOD - [2014.04.02 03:57:53 | 000,093,000 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.116\libegl.dll
MOD - [2014.04.02 03:57:52 | 001,647,432 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll
MOD - [2014.04.02 03:57:49 | 000,065,352 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll
MOD - [2014.02.14 09:42:22 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014.02.14 09:42:14 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014.02.14 09:41:44 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014.02.14 09:41:31 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2013.12.04 23:18:36 | 019,336,120 | ---- | M] () -- C:\Aviry\Avast\libcef.dll
MOD - [2008.09.03 15:28:24 | 000,319,488 | ---- | M] () -- C:\Archivace\WinRAR\rarlng.dll
MOD - [2008.08.29 10:55:00 | 000,132,608 | ---- | M] () -- C:\Archivace\WinRAR\RarExt.dll


========== Services (SafeList) ==========

SRV - [2014.04.11 21:30:57 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Aviry\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014.03.14 20:04:39 | 001,141,336 | ---- | M] (RealNetworks, Inc.) [Auto | Running] -- c:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe -- (RealPlayer Cloud Service)
SRV - [2014.03.13 09:56:06 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.03.03 10:53:02 | 001,363,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014.03.03 10:52:32 | 001,748,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014.03.01 05:38:23 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014.02.12 17:29:36 | 000,023,552 | ---- | M] () [Auto | Running] -- C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe -- (RealPlayerUpdateSvc)
SRV - [2014.02.12 15:42:10 | 000,039,568 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2013.12.18 20:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.12.05 21:36:33 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.10.23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.06.19 23:13:16 | 002,445,304 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Aviry\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2013.06.18 03:34:34 | 000,054,160 | ---- | M] (Check Point Software Technologies, Ltd.) [Auto | Running] -- C:\Aviry\CheckPoint\ZoneAlarm\ZAPrivacyService.exe -- (ZAPrivacyService)
SRV - [2013.05.27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.02.10 05:20:39 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.09.24 14:46:16 | 001,328,736 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2012.09.24 14:46:16 | 000,656,480 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2012.05.04 17:41:19 | 001,564,368 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Guard-ICQ\GuardICQ.exe -- (Guard.Mail.ru)
SRV - [2012.05.04 13:37:02 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011.09.14 22:06:38 | 000,169,624 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Fotoeditory\Adobe Photoshop Elements 10\Elements 10 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor10.0)
SRV - [2010.12.13 15:37:46 | 000,135,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2010.05.04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2000.05.24 15:20:36 | 000,015,360 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\System32\ATMsrvc.exe -- (ATMsrvc)


========== Driver Services (SafeList) ==========

DRV - [2014.04.15 19:41:41 | 000,107,736 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - [2014.04.11 21:31:01 | 000,776,976 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014.04.11 21:31:01 | 000,180,760 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014.04.11 21:31:01 | 000,067,264 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\aswstm.sys -- (aswStm)
DRV - [2014.04.11 21:31:00 | 000,411,552 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2014.04.11 21:31:00 | 000,081,768 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2014.04.11 21:31:00 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014.04.11 21:31:00 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013.06.13 16:34:14 | 000,455,704 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant)
DRV - [2013.02.10 05:20:39 | 008,944,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012.12.09 23:49:41 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012.12.09 23:49:41 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012.10.31 00:51:56 | 000,020,624 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2011.12.16 16:19:54 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2011.05.25 21:50:30 | 000,305,488 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2010.12.13 15:37:46 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.08.25 16:52:22 | 000,369,024 | ---- | M] (CamVendor) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cam3820a.sys -- (Cam3820)
DRV - [2010.08.12 13:07:48 | 000,298,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2010.03.22 19:29:08 | 000,018,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2009.07.14 00:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2007.06.18 14:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2566555506-497672473-4049909881-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
IE - HKU\S-1-5-21-2566555506-497672473-4049909881-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
IE - HKU\S-1-5-21-2566555506-497672473-4049909881-1001\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2566555506-497672473-4049909881-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2566555506-497672473-4049909881-1001\..\SearchScopes\{024132BB-12E7-496F-924E-FB2A66DDD9E9}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-2566555506-497672473-4049909881-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-2566555506-497672473-4049909881-1001\..\SearchScopes\{F98A78FA-88C1-4982-8635-63DA07C23203}: "URL" = http://search.zonealarm.com/search?src= ... er=&&r=941
IE - HKU\S-1-5-21-2566555506-497672473-4049909881-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Search By ZoneAlarm"
FF - prefs.js..browser.search.order.1: "Search By ZoneAlarm"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=198484"
FF - prefs.js..browser.search.selectedEngine: "Search By ZoneAlarm"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/firefox"
FF - prefs.js..extensions.enabledAddons: donottrack%40checkpoint.com:2.2.5.1213
FF - prefs.js..extensions.enabledAddons: requestpolicy%40requestpolicy.com:0.5.28
FF - prefs.js..extensions.enabledAddons: %7B097d3191-e6fa-4728-9826-b533d755359d%7D:0.7.21
FF - prefs.js..extensions.enabledAddons: %7B1018e4d6-728f-4b20-ad56-37578a4de76b%7D:4.2.16
FF - prefs.js..extensions.enabledAddons: %7B19503e42-ca3c-4c27-b1e2-9cdb2170ee34%7D:1.5.5.95
FF - prefs.js..extensions.enabledAddons: %7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:7.5
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20131118
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2013.75
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - prefs.js..keyword.URL: "http://search.zonealarm.com/search?src= ... =&ver=&&q="
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3522.0110: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=17.0.6.13: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=17.0.6: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=17.0.6: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=17.0.6: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=17.0.6.13: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programy\Adobe\Adobe Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Aviry\Avast\WebRep\FF [2014.04.11 21:31:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Programy\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.11.25 14:14:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014.03.14 20:05:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8E8D8D12-A43B-4289-994D-DF2C7C0EF736}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2014.03.14 20:05:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Programy\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.11.25 14:14:52 | 000,000,000 | ---D | M]

[2012.05.14 16:08:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kuku\AppData\Roaming\Mozilla\Extensions
[2014.02.28 12:30:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kuku\AppData\Roaming\Mozilla\Firefox\Profiles\9x5re7vu.default\extensions
[2014.01.12 13:38:32 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\kuku\AppData\Roaming\Mozilla\Firefox\Profiles\9x5re7vu.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2014.01.12 13:38:32 | 000,000,000 | ---D | M] (WOT) -- C:\Users\kuku\AppData\Roaming\Mozilla\Firefox\Profiles\9x5re7vu.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2014.01.12 13:38:31 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\kuku\AppData\Roaming\Mozilla\Firefox\Profiles\9x5re7vu.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013.01.10 12:45:54 | 000,000,000 | ---D | M] (ZoneAlarm Do Not Track) -- C:\Users\kuku\AppData\Roaming\Mozilla\Firefox\Profiles\9x5re7vu.default\extensions\donottrack@checkpoint.com
[2014.02.28 12:30:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kuku\AppData\Roaming\Mozilla\Firefox\Profiles\9x5re7vu.default\extensions\staged
[2014.02.28 12:30:47 | 001,388,203 | ---- | M] () (No name found) -- C:\Users\kuku\AppData\Roaming\Mozilla\Firefox\Profiles\9x5re7vu.default\extensions\firefox@ghostery.com.xpi
[2014.01.12 13:38:33 | 000,160,837 | ---- | M] () (No name found) -- C:\Users\kuku\AppData\Roaming\Mozilla\Firefox\Profiles\9x5re7vu.default\extensions\requestpolicy@requestpolicy.com.xpi
[2014.01.09 11:08:40 | 000,130,099 | ---- | M] () (No name found) -- C:\Users\kuku\AppData\Roaming\Mozilla\Firefox\Profiles\9x5re7vu.default\extensions\searchy@searchy.xpi
[2014.01.12 13:38:32 | 000,475,779 | ---- | M] () (No name found) -- C:\Users\kuku\AppData\Roaming\Mozilla\Firefox\Profiles\9x5re7vu.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi
[2014.01.12 13:38:32 | 000,382,345 | ---- | M] () (No name found) -- C:\Users\kuku\AppData\Roaming\Mozilla\Firefox\Profiles\9x5re7vu.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
[2014.01.12 13:38:32 | 000,152,142 | ---- | M] () (No name found) -- C:\Users\kuku\AppData\Roaming\Mozilla\Firefox\Profiles\9x5re7vu.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2013.01.10 12:42:52 | 000,007,919 | ---- | M] () (No name found) -- C:\Users\kuku\AppData\Roaming\Mozilla\Firefox\Profiles\9x5re7vu.default\extensions\donottrack@checkpoint.com\chrome\content\ff\view_expiry.js
[2014.02.28 12:30:45 | 000,384,428 | ---- | M] () (No name found) -- C:\Users\kuku\AppData\Roaming\Mozilla\Firefox\Profiles\9x5re7vu.default\extensions\staged\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
[2014.02.28 12:30:45 | 000,152,142 | ---- | M] () (No name found) -- C:\Users\kuku\AppData\Roaming\Mozilla\Firefox\Profiles\9x5re7vu.default\extensions\staged\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2014.01.07 22:49:25 | 000,002,112 | ---- | M] () -- C:\Users\kuku\AppData\Roaming\Mozilla\Firefox\Profiles\9x5re7vu.default\searchplugins\search.xml
[2013.08.18 20:52:34 | 000,001,502 | ---- | M] () -- C:\Users\kuku\AppData\Roaming\Mozilla\Firefox\Profiles\9x5re7vu.default\searchplugins\zonealarm.xml
[2014.03.16 17:27:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014.01.12 13:38:09 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014.02.28 14:05:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\browser\extensions
[2014.02.28 14:05:09 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014.04.11 21:31:02 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\AVIRY\AVAST\WEBREP\FF

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://search.zonealarm.com/?Source=Hom ... 24810bb64e
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\34.0.1847.116\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programy\Adobe\Adobe Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Advanced SystemCare 6 Opera Plugin (Enabled) = C:\Aviry\Advanced SystemCare 5\BrowerProtect\np_Asc_plugin.dll
CHR - plugin: npFFApi (Enabled) = C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
CHR - plugin: RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
CHR - plugin: RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
CHR - plugin: RealDownloader Plugin (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprpplugin.dll
CHR - Extension: YouTube = C:\Users\kuku\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhledvn Google = C:\Users\kuku\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Skype Click to Call = C:\Users\kuku\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.2.15747.10003_0\
CHR - Extension: Peněženka Google = C:\Users\kuku\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\kuku\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Zonealarm Helper Object) - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll (Check Point Software Technologies LTD)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Aviry\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (WinZip Courier BHO) - {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} - C:\Program Files\WinZip Courier\wzwmcie.dll (WinZip Computing, S.L.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Aviry\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [EMET Notifier] C:\Program Files\EMET\EMET_notifier.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Logitech Download Assistant] C:\Windows\System32\LogiLDA.dll (Logitech, Inc.)
O4 - HKLM..\Run: [PDFPrint] C:\Prográmky\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [RunUVC] C:\Program Files\UVC Video Camera\EffectDir\UVCtray.exe (Alcor Micro Corp.)
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UVCSti] C:\Program Files\UVC Video Camera\UVCSti.exe (Alcor Micro Corp.)
O4 - HKLM..\Run: [ZoneAlarm] C:\Aviry\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKU\.DEFAULT..\Run: [Advanced SystemCare 6] "C:\Aviry\Advanced SystemCare 5\ASCTray.exe" /AutoStart File not found
O4 - HKU\S-1-5-18..\Run: [Advanced SystemCare 6] "C:\Aviry\Advanced SystemCare 5\ASCTray.exe" /AutoStart File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - C:\Programy\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\kuku\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programy\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{618BEF39-D0F1-4DB0-908B-D66BB6B9816B}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.LAGS - C:\Windows\System32\lagarith.dll ( )
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.04.18 22:41:39 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\kuku\Desktop\OTL.exe
[2014.04.13 18:41:57 | 000,107,736 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014.04.13 18:41:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014.04.13 18:26:26 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.04.11 21:31:00 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014.04.09 17:09:23 | 000,149,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys
[2014.04.09 17:09:23 | 000,027,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2014.04.09 17:09:23 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iologmsg.dll
[2014.04.09 17:09:15 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014.03.25 21:07:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
[2014.03.25 21:07:14 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71.dll
[2014.03.25 21:07:14 | 001,047,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71u.dll
[2014.03.25 21:07:14 | 001,046,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71LU.DLL
[2014.03.25 21:07:14 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc70.dll
[2014.03.25 21:07:14 | 000,507,904 | ---- | C] (Sample Corporation) -- C:\Windows\System32\MSLUP71.dll
[2014.03.25 21:07:14 | 000,352,256 | ---- | C] (Sample Corporation) -- C:\Windows\System32\MSLUR71.dll
[2014.03.25 21:07:14 | 000,258,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unicows.dll
[2014.03.25 21:07:14 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\atl71.dll
[2014.03.25 21:07:14 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml4a.dll
[2014.03.25 21:07:13 | 000,569,344 | ---- | C] ((c) MusicCity) -- C:\Windows\System32\muzdecode.ax
[2014.03.25 21:07:13 | 000,471,040 | ---- | C] (Musiccity Co.Ltd.) -- C:\Windows\System32\muzapp.dll
[2014.03.25 21:07:13 | 000,258,048 | ---- | C] ((c) PeeringPortal) -- C:\Windows\System32\muzoggsp.ax
[2014.03.25 21:07:13 | 000,200,704 | ---- | C] ( (c) MusicCity) -- C:\Windows\System32\muzwmts.dll
[2014.03.25 21:07:13 | 000,172,776 | ---- | C] (Musiccity Co.Ltd.) -- C:\Windows\System32\muzapp.exe
[2014.03.25 21:07:13 | 000,135,168 | ---- | C] (Musiccity Co.Ltd.) -- C:\Windows\System32\muzaf1.dll
[2014.03.25 21:07:13 | 000,131,072 | ---- | C] ((c) MusicCity) -- C:\Windows\System32\muzmpgsp.ax
[2014.03.25 21:07:13 | 000,122,880 | ---- | C] ((c) MUSICCITY) -- C:\Windows\System32\muzeffect.ax
[2014.03.25 21:07:13 | 000,110,592 | ---- | C] (ENJsoft Corporation) -- C:\Windows\System32\TG_DUMP0708.DLL
[2014.03.25 21:07:13 | 000,110,592 | ---- | C] (ENJsoft Corporation) -- C:\Windows\System32\tg_dump.dll
[2014.03.25 21:07:13 | 000,110,592 | ---- | C] ((c) MusicCity) -- C:\Windows\System32\muzmp4sp.ax
[2014.03.25 21:07:12 | 000,118,784 | ---- | C] ((주)마크애니) -- C:\Windows\System32\MaDRM.dll
[2014.03.25 21:07:09 | 000,040,960 | ---- | C] (마크애니연구소) -- C:\Windows\System32\MAMACExtract.dll
[2014.03.25 21:06:58 | 000,000,000 | ---D | C] -- C:\Users\kuku\AppData\Roaming\DataCast
[2014.03.25 21:06:56 | 000,000,000 | ---D | C] -- C:\Program Files\MarkAny
[2012.09.16 09:19:51 | 039,042,128 | ---- | C] (Microsoft Corporation) -- C:\Users\kuku\FileFormatConverters.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.04.21 18:04:55 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.04.21 17:56:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.04.21 17:22:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.04.21 15:30:27 | 000,013,440 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.04.21 15:30:27 | 000,013,440 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.04.21 15:23:16 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.04.21 15:23:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.04.21 15:22:58 | 2011,832,320 | -HS- | M] () -- C:\hiberfil.sys
[2014.04.18 22:41:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\kuku\Desktop\OTL.exe
[2014.04.17 21:49:30 | 000,668,866 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2014.04.17 21:49:30 | 000,654,254 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014.04.17 21:49:30 | 000,141,526 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2014.04.17 21:49:30 | 000,122,126 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014.04.17 21:15:19 | 000,211,224 | ---- | M] () -- C:\Users\kuku\Documents\Dovolená na Bali 2014.wlmp
[2014.04.17 08:23:59 | 000,760,499 | ---- | M] () -- C:\Users\kuku\Documents\KmotrMrázek.pdf
[2014.04.15 20:20:21 | 003,972,608 | ---- | M] () -- C:\Users\kuku\Desktop\RogueKiller.exe
[2014.04.15 19:41:41 | 000,107,736 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014.04.14 09:46:39 | 000,431,654 | ---- | M] () -- C:\Users\kuku\Documents\217957280-Historie-USAID.pdf
[2014.04.13 18:24:52 | 001,426,178 | ---- | M] () -- C:\Users\kuku\Desktop\adwcleaner.exe
[2014.04.11 21:31:30 | 000,001,647 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014.04.11 21:31:01 | 000,776,976 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014.04.11 21:31:01 | 000,180,760 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014.04.11 21:31:01 | 000,067,264 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswstm.sys
[2014.04.11 21:31:00 | 000,411,552 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014.04.11 21:31:00 | 000,271,264 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014.04.11 21:31:00 | 000,081,768 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014.04.11 21:31:00 | 000,067,824 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014.04.11 21:31:00 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014.04.11 21:31:00 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014.03.31 09:35:10 | 000,231,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2014.03.31 02:13:30 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.04.18 22:47:26 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.04.17 08:23:57 | 000,760,499 | ---- | C] () -- C:\Users\kuku\Documents\KmotrMrázek.pdf
[2014.04.15 20:20:16 | 003,972,608 | ---- | C] () -- C:\Users\kuku\Desktop\RogueKiller.exe
[2014.04.14 09:46:33 | 000,431,654 | ---- | C] () -- C:\Users\kuku\Documents\217957280-Historie-USAID.pdf
[2014.04.13 18:24:46 | 001,426,178 | ---- | C] () -- C:\Users\kuku\Desktop\adwcleaner.exe
[2014.04.12 13:49:04 | 000,211,224 | ---- | C] () -- C:\Users\kuku\Documents\Dovolená na Bali 2014.wlmp
[2014.03.25 21:07:13 | 000,921,600 | ---- | C] () -- C:\Windows\System32\vorbisenc.dll
[2014.03.25 21:07:13 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll
[2014.03.25 21:07:13 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2014.03.25 21:07:13 | 000,045,056 | ---- | C] () -- C:\Windows\System32\Ogg.dll
[2014.02.06 21:58:59 | 009,148,541 | ---- | C] () -- C:\Windows\System32\TiskProRadost_AlbumMaker_uninstaller.exe
[2013.09.30 21:13:38 | 000,000,600 | ---- | C] () -- C:\Users\kuku\PUTTY.RND
[2013.07.02 19:47:27 | 000,005,120 | ---- | C] () -- C:\Users\kuku\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.03.20 12:45:06 | 000,180,760 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013.03.20 12:45:05 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2012.12.03 18:57:44 | 000,293,889 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2012.11.25 20:40:19 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll
[2012.11.25 20:40:18 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2012.11.25 20:40:18 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2012.11.25 20:40:17 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012.11.25 20:40:12 | 000,112,640 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2012.11.25 14:10:27 | 000,179,944 | ---- | C] () -- C:\Windows\hpoins28.dat
[2012.11.25 14:10:27 | 000,000,442 | ---- | C] () -- C:\Windows\hpomdl28.dat
[2012.09.18 21:26:30 | 006,325,248 | ---- | C] () -- C:\Users\kuku\EMET Setup.msi
[2012.06.26 11:20:49 | 000,010,084 | R--- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2012.05.04 21:26:07 | 000,560,424 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.05.04 18:30:41 | 000,065,536 | ---- | C] () -- C:\Windows\System32\adistres.dll
[2012.05.04 18:27:54 | 000,210,944 | ---- | C] () -- C:\Windows\System32\Msvcrt10.dll
[2012.05.04 18:15:44 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI

========== ZeroAccess Check ==========

[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.05.21 17:39:45 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\Audacity
[2013.12.04 23:24:12 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\AVAST Software
[2013.12.28 00:03:04 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\calibre
[2013.12.01 19:48:01 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\chc
[2012.09.10 18:25:36 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013.08.18 20:52:25 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\Check Point Software Technologies LTD
[2012.05.04 16:51:31 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\CheckPoint
[2014.03.25 21:06:58 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\DataCast
[2013.12.31 23:28:45 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\DCF
[2012.06.26 11:36:46 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\DRPSu
[2013.05.21 17:03:09 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\DVDVideoSoft
[2012.05.05 17:48:08 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\DVDVideoSoftIEHelpers
[2013.12.31 23:15:56 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\FreeFLVConverter
[2013.05.08 18:49:00 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\ICQ
[2012.05.04 18:30:03 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\InterTrust
[2013.02.27 00:14:33 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\IObit
[2013.09.30 21:49:00 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\IsolatedStorage
[2012.12.26 14:09:26 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\Leadertech
[2012.05.04 18:00:21 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\Opera
[2013.09.01 16:54:26 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\Opera Software
[2012.10.03 14:39:51 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\PhotoFiltre 7
[2013.09.30 21:00:02 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\Seznam.cz
[2013.09.30 21:21:48 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\SurfAnonymousFree
[2012.05.17 20:04:50 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\VideoCap
[2012.08.29 16:04:29 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\Windows Live Writer
[2013.03.11 21:56:36 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\XMedia Recode
[2012.05.04 18:57:52 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\Zoner

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 06:53:46 | 000,032,570 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2012.05.05 15:40:05 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.12.13 10:00:13 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.12.13 10:00:16 | 000,000,940 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.09.29 18:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2012.08.22 19:05:21 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2011.04.25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013.02.14 00:17:15 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2010.11.20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 18:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2013.02.14 00:17:15 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2013.07.06 07:05:35 | 001,293,760 | ---- | M] (Microsoft Corporation) MD5=4E8B9BE71B807B3BAEDB7F4243F85E3C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_b52f2f65c4a146e5\tcpip.sys
[2013.07.06 06:57:37 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=528F7CC60391DD0FAB0344F32F051FDF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_b5721e2eddf328f9\tcpip.sys
[2012.03.30 12:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\SoftwareDistribution\Download\d971c3e46ca4b4b10beca457068eb38c\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2012.05.09 18:19:22 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011.09.29 17:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2010.04.09 09:16:33 | 001,289,096 | ---- | M] (Microsoft Corporation) MD5=5D6A83E928F22AF5AC9868B162FFAD0D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_b38009a0e0d5a32d\tcpip.sys
[2013.05.08 08:15:22 | 001,309,032 | ---- | M] (Microsoft Corporation) MD5=6088D01FAD49729EA0A5A3D9B9BA8B84 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_b5b3fe00ddc19aaa\tcpip.sys
[2010.04.09 09:24:54 | 001,285,000 | ---- | M] (Microsoft Corporation) MD5=63170B9EE1D0EF0032F0408605671D1A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_b30e0d41c7a5fe2f\tcpip.sys
[2011.09.29 18:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2013.09.07 04:06:48 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=6C4F3D92764FFA22D28061A4D9235446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys
[2011.04.25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013.02.14 00:17:15 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2012.03.30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\SoftwareDistribution\Download\d971c3e46ca4b4b10beca457068eb38c\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2012.05.09 18:19:22 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011.04.25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012.03.30 11:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\SoftwareDistribution\Download\d971c3e46ca4b4b10beca457068eb38c\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2012.05.09 18:19:22 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2012.08.22 19:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2013.02.14 00:17:15 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
[2013.09.08 04:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\System32\drivers\tcpip.sys
[2013.09.08 04:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2013.05.08 07:38:00 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=D32FDAC73FCD76B85389C39BC1087F2A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_b508ef41c4bd3835\tcpip.sys
[2012.10.03 18:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2013.11.26 13:07:37 | 001,309,632 | ---- | M] (Microsoft Corporation) MD5=DC08335B30D83FB61E9EFE6FDD09D40D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_b5a530b8ddcd4b8d\tcpip.sys
[2012.10.03 18:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2012.03.30 12:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\SoftwareDistribution\Download\d971c3e46ca4b4b10beca457068eb38c\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys
[2012.05.09 18:19:22 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[36 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\twain_32\*.tmp files -> C:\Windows\twain_32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.08.18 22:13:31 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\Adobe
[2013.05.10 00:09:03 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\Apple Computer
[2013.05.21 17:39:45 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\Audacity
[2013.12.04 23:24:12 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\AVAST Software
[2013.12.28 00:03:04 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\calibre
[2013.12.01 19:48:01 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\chc
[2012.09.10 18:25:36 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013.08.18 20:52:25 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\Check Point Software Technologies LTD
[2012.05.04 16:51:31 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\CheckPoint
[2014.03.25 21:06:58 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\DataCast
[2013.12.31 23:28:45 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\DCF
[2012.06.26 11:36:46 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\DRPSu
[2013.05.21 17:03:09 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\DVDVideoSoft
[2012.05.05 17:48:08 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\DVDVideoSoftIEHelpers
[2013.12.31 23:15:56 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\FreeFLVConverter
[2012.12.05 00:05:58 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\HP
[2013.12.05 22:37:06 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\HpUpdate
[2013.05.08 18:49:00 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\ICQ
[2012.05.02 19:14:02 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\Identities
[2012.05.04 18:30:03 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\InterTrust
[2013.02.27 00:14:33 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\IObit
[2013.09.30 21:49:00 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\IsolatedStorage
[2012.12.26 14:09:26 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\Leadertech
[2012.05.04 17:03:10 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\Macromedia
[2009.07.14 11:19:24 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\Media Center Programs
[2013.08.20 20:15:39 | 000,000,000 | --SD | M] -- C:\Users\kuku\AppData\Roaming\Microsoft
[2012.05.14 16:08:26 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\Mozilla
[2012.12.12 22:18:10 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\Nero
[2013.02.06 15:55:48 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\NVIDIA
[2012.05.04 18:00:21 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\Opera
[2013.09.01 16:54:26 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\Opera Software
[2012.10.03 14:39:51 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\PhotoFiltre 7
[2014.03.14 20:06:17 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\Real
[2014.03.14 20:06:18 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\RealNetworks
[2013.09.30 21:00:02 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\Seznam.cz
[2014.03.10 21:27:23 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\Skype
[2013.09.30 21:21:48 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\SurfAnonymousFree
[2012.05.17 20:04:50 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\VideoCap
[2012.08.29 16:04:29 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\Windows Live Writer
[2012.05.06 11:56:38 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\WinRAR
[2013.03.11 21:56:36 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\XMedia Recode
[2012.05.04 18:57:52 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2012.03.06 23:55:12 | 000,195,256 | R--- | M] () -- C:\Users\kuku\AppData\Roaming\DRPSu\DrvUpdater.exe
[2014.01.19 21:55:10 | 000,054,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\kuku\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2013.03.03 23:22:16 | 000,010,134 | R--- | M] () -- C:\Users\kuku\AppData\Roaming\Microsoft\Installer\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}\ARPPRODUCTICON.exe
[2012.05.18 11:48:32 | 000,158,000 | ---- | M] () -- C:\Users\kuku\AppData\Roaming\Mozilla\Firefox\Profiles\9x5re7vu.default\FlashGot.exe
[2014.03.14 20:00:52 | 000,755,808 | ---- | M] (RealNetworks, Inc.) -- C:\Users\kuku\AppData\Roaming\Real\RealPlayer\setup\AU_setup20140224.exe
[2012.12.07 18:02:55 | 000,653,464 | ---- | M] (RealNetworks, Inc.) -- C:\Users\kuku\AppData\Roaming\Real\RealPlayer\setup\AU_setup32.exe
[2013.08.28 22:53:52 | 000,663,120 | ---- | M] (RealNetworks, Inc.) -- C:\Users\kuku\AppData\Roaming\Real\RealPlayer\setup\AU_setup35.exe
[2012.12.17 20:59:17 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\kuku\AppData\Roaming\Real\Update\temp\~Upg0\rnupgagent.exe
[2013.03.28 00:06:58 | 000,448,592 | ---- | M] (RealNetworks, Inc.) -- C:\Users\kuku\AppData\Roaming\Real\Update\temp\~Upg1\rnupgagent.exe
[2013.06.16 20:13:06 | 000,468,560 | ---- | M] (RealNetworks, Inc.) -- C:\Users\kuku\AppData\Roaming\Real\Update\temp\~Upg2\rnupgagent.exe
[2014.02.21 20:27:41 | 000,503,376 | ---- | M] (RealNetworks, Inc.) -- C:\Users\kuku\AppData\Roaming\Real\Update\temp\~Upg3\rnupgagent.exe
[2014.04.21 15:23:30 | 000,503,376 | ---- | M] (RealNetworks, Inc.) -- C:\Users\kuku\AppData\Roaming\Real\Update\temp\~Upg4\rnupgagent.exe
[2014.02.21 20:27:41 | 000,503,376 | ---- | M] (RealNetworks, Inc.) -- C:\Users\kuku\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.80\agent\rnupgagent.exe
[2014.04.21 15:23:30 | 000,503,376 | ---- | M] (RealNetworks, Inc.) -- C:\Users\kuku\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.90\agent\rnupgagent.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2014.04.21 17:56:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014.04.21 15:23:16 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.04.21 18:22:13 | 000,000,940 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.04.21 15:30:27 | 000,013,440 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.04.21 15:30:27 | 000,013,440 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

< %SYSTEMDRIVE%\*.exe >

< >

< *crack* /s >
[2000.12.18 21:25:34 | 000,000,431 | ---- | M] () -- \Hry\CrackAttack\Crack Attack!.lnk
[2002.05.28 08:23:08 | 000,245,760 | ---- | M] () -- \Hry\CrackAttack\bin\Crack Attack!.exe
[2002.05.11 23:14:22 | 000,208,896 | ---- | M] () -- \Hry\CrackAttack\bin\crackattack.exe
[2011.09.14 22:24:48 | 001,674,383 | ---- | M] () -- \ProgramData\Adobe\Photoshop Elements\10.0\Photo Creations\backgrounds\BG_Creamcrackled.jpg
[2011.09.14 22:24:48 | 000,001,557 | ---- | M] () -- \ProgramData\Adobe\Photoshop Elements\10.0\Photo Creations\backgrounds\BG_Creamcrackled.metadata.xml
[2011.09.14 22:24:50 | 000,004,499 | ---- | M] () -- \ProgramData\Adobe\Photoshop Elements\10.0\Photo Creations\backgrounds\BG_Creamcrackled.thumbnail.jpg
[2011.09.14 22:25:00 | 000,448,049 | ---- | M] () -- \ProgramData\Adobe\Photoshop Elements\10.0\Photo Creations\backgrounds\Cracked Paint.jpg
[2011.09.14 22:25:00 | 000,001,014 | ---- | M] () -- \ProgramData\Adobe\Photoshop Elements\10.0\Photo Creations\backgrounds\Cracked Paint.metadata.xml
[2011.09.14 22:25:00 | 000,005,672 | ---- | M] () -- \ProgramData\Adobe\Photoshop Elements\10.0\Photo Creations\backgrounds\Cracked Paint.thumbnail.jpg
[2011.09.14 22:24:48 | 001,674,383 | ---- | M] () -- \Users\All Users\Adobe\Photoshop Elements\10.0\Photo Creations\backgrounds\BG_Creamcrackled.jpg
[2011.09.14 22:24:48 | 000,001,557 | ---- | M] () -- \Users\All Users\Adobe\Photoshop Elements\10.0\Photo Creations\backgrounds\BG_Creamcrackled.metadata.xml
[2011.09.14 22:24:50 | 000,004,499 | ---- | M] () -- \Users\All Users\Adobe\Photoshop Elements\10.0\Photo Creations\backgrounds\BG_Creamcrackled.thumbnail.jpg
[2011.09.14 22:25:00 | 000,448,049 | ---- | M] () -- \Users\All Users\Adobe\Photoshop Elements\10.0\Photo Creations\backgrounds\Cracked Paint.jpg
[2011.09.14 22:25:00 | 000,001,014 | ---- | M] () -- \Users\All Users\Adobe\Photoshop Elements\10.0\Photo Creations\backgrounds\Cracked Paint.metadata.xml
[2011.09.14 22:25:00 | 000,005,672 | ---- | M] () -- \Users\All Users\Adobe\Photoshop Elements\10.0\Photo Creations\backgrounds\Cracked Paint.thumbnail.jpg

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2008.06.20 19:13:32 | 000,044,032 | ---- | M] () -- \Archivace\WinRAR\RarExtLoader.exe
[2013.02.27 00:14:38 | 000,002,941 | ---- | M] () -- \Aviry\Advanced SystemCare 5\Downloader.log
[2014.04.11 21:30:57 | 000,072,480 | ---- | M] () -- \Aviry\Avast\aswWrcIELoader32.exe
[2011.09.14 22:06:36 | 003,291,800 | ---- | M] () -- \Fotoeditory\Adobe Photoshop Elements 10\Elements 10 Organizer\PhotoDownloader.exe
[2012.08.05 15:23:34 | 000,000,025 | ---- | M] () -- \Fotoeditory\Adobe Photoshop Elements 10\Elements 10 Organizer\PhotoDownloader.ini
[2011.09.14 21:57:06 | 000,011,161 | ---- | M] () -- \Fotoeditory\Adobe Photoshop Elements 10\Elements 10 Organizer\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2011.09.14 22:01:28 | 000,000,273 | ---- | M] () -- \Fotoeditory\Adobe Photoshop Elements 10\Elements 10 Organizer\apd\shared_assets\locales\cs_CZ\Photodownloader.ini
[2011.09.14 21:57:10 | 000,011,196 | ---- | M] () -- \Fotoeditory\Adobe Photoshop Elements 10\Elements 10 Organizer\Assets\bitmaps\main_window\C_LoadError.PNG
[2011.09.14 22:17:56 | 000,082,584 | ---- | M] () -- \Fotoeditory\Adobe Photoshop Elements 10\Elements 10 Organizer\CAHeadless\MXF_SDK_MetaMetadata_BinaryLoader_4.3.4.dll
[2011.09.14 22:18:00 | 000,148,632 | ---- | M] () -- \Fotoeditory\Adobe Photoshop Elements 10\Elements 10 Organizer\CAHeadless\MXF_SDK_MetaMetadata_XSDLoader2_4.3.4.dll
[2011.09.14 22:18:04 | 000,115,352 | ---- | M] () -- \Fotoeditory\Adobe Photoshop Elements 10\Elements 10 Organizer\CAHeadless\MXF_SDK_MetaMetadata_XSDLoader_4.3.4.dll
[2011.09.14 21:57:38 | 000,002,713 | ---- | M] () -- \Fotoeditory\Adobe Photoshop Elements 10\Elements 10 Organizer\Mozilla\components\uriloader.xpt
[2012.08.01 15:38:42 | 000,855,112 | ---- | M] () -- \Fotoeditory\AlbumMaker\MPR500 Pro 5\AlbumFTPUploader.exe
[2013.03.13 15:38:24 | 000,001,904 | ---- | M] () -- \Fotoeditory\AlbumMaker\MPR500 Pro 5\Lang\Czech\AlbumFTPUploaderDialogs.txt
[2011.07.05 18:21:12 | 000,064,263 | ---- | M] () -- \Fotoeditory\AlbumMaker\MPR500 Pro 5\Lang\Czech\AlbumMakerHelp_files\FTP_uploader.jpg
[2012.05.04 17:40:59 | 000,005,795 | ---- | M] () -- \Komunikace\ICQ7.7\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2012.05.04 17:40:59 | 000,004,180 | ---- | M] () -- \Komunikace\ICQ7.7\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2012.05.04 17:40:59 | 000,005,520 | ---- | M] () -- \Komunikace\ICQ7.7\imApp\theme\MUICoreLib\xtraLoader.swf
[2012.05.04 17:43:51 | 000,000,402 | ---- | M] () -- \Komunikace\ICQ7.7\Xtraz\icq\content\profile_lightboxs\preloader.html
[2011.12.07 19:18:52 | 002,952,856 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\Dll\DVSVideoDownloader.dll
[2009.03.24 10:42:46 | 000,191,488 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\Dll\Uploader\DVSYouTubeUploaderJ.dll
[2012.11.01 10:32:14 | 000,057,224 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2012.09.05 00:34:12 | 000,083,848 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2014.02.12 17:27:56 | 000,020,992 | ---- | M] () -- \Program Files\Real\UpdateService\RealDownloaderUpdatePlugin.dll
[2014.02.12 15:40:06 | 000,214,785 | ---- | M] () -- \Program Files\RealNetworks\RealDownloader\downloader.vs
[2013.06.22 22:32:52 | 000,004,468 | ---- | M] () -- \ProgramData\IObit\ASCDownloader\Downloader.log
[2012.05.05 17:46:27 | 000,000,914 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs\Free YouTube Uploader.lnk
[2014.03.14 20:05:46 | 000,002,551 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Downloader.lnk
[2014.02.12 15:40:50 | 000,014,763 | ---- | M] () -- \ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2014.02.12 14:36:24 | 000,000,319 | ---- | M] () -- \ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\Chrome\Content\browserrecordloader.xul

Re: Pomalu se načítají některé internetové stránky

Napsal: 21 dub 2014 17:43
od Antusek
[2014.02.12 15:45:40 | 000,010,963 | ---- | M] () -- \ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013.11.11 15:39:40 | 000,006,012 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.11.11 15:39:40 | 000,021,956 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_30fps.gif
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2011.06.21 17:57:32 | 000,855,136 | ---- | M] () -- \Prográmky\AlbumMaker\MPR500 Pro 5\AlbumFTPUploader.exe
[2009.07.15 13:19:52 | 000,055,808 | ---- | M] () -- \Prográmky\AlbumMaker\MPR500 Pro 5\FTPDownloader.exe
[2011.11.18 16:00:34 | 000,001,856 | ---- | M] () -- \Prográmky\AlbumMaker\MPR500 Pro 5\Lang\Czech\AlbumFTPUploaderDialogs.txt
[2011.07.05 17:21:12 | 000,064,263 | ---- | M] () -- \Prográmky\AlbumMaker\MPR500 Pro 5\Lang\Czech\AlbumMakerHelp_files\FTP_uploader.jpg
[2011.11.18 16:00:34 | 000,001,810 | ---- | M] () -- \Prográmky\AlbumMaker\MPR500 Pro 5\Lang\English\AlbumFTPUploaderDialogs.txt
[2009.06.19 18:51:42 | 000,389,120 | ---- | M] () -- \Prográmky\Free FLV Converter\rtmpDownloaderX.ocx
[2009.11.11 15:04:28 | 000,905,216 | ---- | M] () -- \Prográmky\Free FLV Converter\TubeDownloader.ocx
[2011.12.07 20:18:48 | 000,041,112 | ---- | M] () -- \Prográmky\Free YouTube to MP3 Converter\DVDVideoSoft.DVSVideoDownloader.dll
[2009.04.02 18:06:16 | 001,658,880 | ---- | M] () -- \Prográmky\Free YouTube Uploader\FreeYouTubeUploader.exe
[2009.06.23 14:17:04 | 007,125,871 | ---- | M] () -- \Programy - instalace\Free Youtube Uploader - instalace\uploader\FreeYouTubeUploader.exe
[2014.02.27 20:34:36 | 000,044,032 | R--- | M] () -- \Programy\Calibre2\DLLs\PyISAPI_loader.dll
[2009.05.21 21:21:18 | 000,007,507 | ---- | M] () -- \Programy\HP\Digital Imaging\HelpViewer\Resources\Loader.swf
[2009.09.20 13:15:26 | 000,030,776 | ---- | M] () -- \Programy\HP\Digital Imaging\smart web printing\RsrcLoaderLib.dll
[2009.09.20 13:15:26 | 000,002,713 | ---- | M] () -- \Programy\HP\Digital Imaging\smart web printing\MozillaAddOn3\xre\components\uriloader.xpt
[2013.06.22 22:32:52 | 000,004,468 | ---- | M] () -- \Users\All Users\IObit\ASCDownloader\Downloader.log
[2012.05.05 17:46:27 | 000,000,914 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs\Free YouTube Uploader.lnk
[2014.03.14 20:05:46 | 000,002,551 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Downloader.lnk
[2014.02.12 15:40:50 | 000,014,763 | ---- | M] () -- \Users\All Users\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2014.02.12 14:36:24 | 000,000,319 | ---- | M] () -- \Users\All Users\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2014.02.12 15:45:40 | 000,010,963 | ---- | M] () -- \Users\All Users\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.11.11 15:39:40 | 000,006,012 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.11.11 15:39:40 | 000,021,956 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_30fps.gif
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013.08.28 23:23:21 | 000,003,366 | ---- | M] () -- \Windows\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2566555506-497672473-4049909881-1001
[2014.04.21 15:23:28 | 000,003,210 | ---- | M] () -- \Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2566555506-497672473-4049909881-1001
[2014.04.21 15:23:27 | 000,003,346 | ---- | M] () -- \Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2566555506-497672473-4049909881-1001
[2009.07.14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.07.14 10:43:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 10:43:57 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.07.14 10:43:57 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2012.06.14 16:59:04 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2012.06.14 16:59:04 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2012.06.14 16:59:04 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.14 10:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 03:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 09:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 09:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 05:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 13:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.02.14 00:16:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.02.14 00:16:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.02.14 00:16:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2014.02.13 23:57:42 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.dll
[2014.03.12 23:47:48 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.ni.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \ProgramData\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2007.01.26 18:23:36 | 000,000,744 | ---- | M] () -- \Prográmky\ReNamer\Scripts\Serialize duplicates.pas
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Users\All Users\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.07.14 10:43:23 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 03:55:26 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.02.14 09:42:24 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\553e7bfc9cac5e4feaa83d8ee1e187bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.14 16:47:13 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f177ea74036d5fdc6c6b9c967dc877cf\System.Runtime.Serialization.ni.dll
[2014.03.01 00:02:04 | 000,309,760 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.03.01 00:02:04 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.03.01 00:02:16 | 002,825,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll
[2014.03.01 00:02:16 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll.aux
[2014.03.02 17:17:11 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll
[2014.03.02 17:17:11 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll.aux
[2013.09.11 23:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013.09.11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013.09.11 23:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2013.09.11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.09.11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013.09.11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.09.11 23:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 23:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.14 10:43:17 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2009.07.14 10:43:30 | 000,009,728 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2009.07.14 00:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009.07.14 00:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2009.07.14 04:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 04:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2009.07.14 10:43:55 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 03:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010.11.20 05:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2009.07.14 10:42:43 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 21:04:43 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 21:02:24 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2009.07.14 03:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010.11.20 05:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2009.07.14 03:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 03:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2009.07.14 03:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010.11.20 05:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 10:43:23 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010.11.05 03:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2009.07.14 10:43:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:55:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:50 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2009.07.14 00:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2009.07.14 10:43:15 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c002c1170ca9a88f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_c233d4df09982c29\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.14 10:43:17 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.07.14 10:43:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009.07.14 10:43:30 | 000,009,728 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c48c78a9ad8ff996\serial.sys.mui
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009.07.14 00:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 6104 bytes -> C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh

< End of report >

Re: Pomalu se načítají některé internetové stránky

Napsal: 21 dub 2014 18:14
od Márty84
:!: Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
:arrow: Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
AdobeARMservice
c2cautoupdatesvc
c2cpnrsvc
NAUpdate
Guard.Mail.ru
gupdate
SkypeUpdate
AdobeFlashPlayerUpdateSvc
gupdatem

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:otl
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2566555506-497672473-4049909881-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
IE - HKU\S-1-5-21-2566555506-497672473-4049909881-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
IE - HKU\S-1-5-21-2566555506-497672473-4049909881-1001\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2566555506-497672473-4049909881-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2566555506-497672473-4049909881-1001\..\SearchScopes\{024132BB-12E7-496F-924E-FB2A66DDD9E9}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =198484&p={searchTerms}
IE - HKU\S-1-5-21-2566555506-497672473-4049909881-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=198484"
CHR - plugin: Advanced SystemCare 6 Opera Plugin (Enabled) = C:\Aviry\Advanced SystemCare 5\BrowerProtect\np_Asc_plugin.dll
O3 - HKLM\..\Toolbar: (no name) - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKU\.DEFAULT..\Run: [Advanced SystemCare 6] "C:\Aviry\Advanced SystemCare 5\ASCTray.exe" /AutoStart File not found
O4 - HKU\S-1-5-18..\Run: [Advanced SystemCare 6] "C:\Aviry\Advanced SystemCare 5\ASCTray.exe" /AutoStart File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2013.02.27 00:14:33 | 000,000,000 | ---D | M] -- C:\Users\kuku\AppData\Roaming\IObit
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[36 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\twain_32\*.tmp files -> C:\Windows\twain_32\*.tmp -> ]
@Alternate Data Stream - 6104 bytes -> C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A8FB70FA-0FDF-4601-9DC4-BFA1B357204F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
"AdobeAAMUpdater-1.0"=-
"HP Software Update"=-
""=-
"TkBellExe"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Guard.Mail.ru.gui]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.
Všechny časy jsou v UTC+01:00
Stránka 2 z 3

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz