OTL Extras logfile created on: 24.10.2014 6:00:14 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\zakaznik\Plocha\firefox stažené
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1022,42 Mb Total Physical Memory | 515,54 Mb Available Physical Memory | 50,42% Memory free
2,40 Gb Paging File | 1,85 Gb Available in Paging File | 76,96% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 25,78 Gb Free Space | 17,30% Space Free | Partition Type: NTFS
Computer Name: USER | User Name: zakaznik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-2052111302-2077806209-1801674531-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\ICQ7.2\ICQ.exe" = C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.2\aolload.exe" = C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam
"C:\Program Files\Microsoft LifeCam\LifeCam.exe" = C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeEnC2.exe" = C:\Program Files\Microsoft LifeCam\LifeEnC2.exe:*:Enabled:LifeEnC2.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeExp.exe" = C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeTray.exe" = C:\Program Files\Microsoft LifeCam\LifeTray.exe:*:Enabled:LifeTray.exe -- (Microsoft Corporation)
"C:\Program Files\ICQ7.2\ICQ.exe" = C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.2\aolload.exe" = C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\Steam\steamapps\poorfox\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\poorfox\counter-strike\hl.exe:*:Enabled:Counter-Strike
"C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe" = C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe:*:Enabled:Opera Internet Browser - Plugin wrapper -- (Opera Software)
"C:\Documents and Settings\zakaznik\Plocha\uTorrent.exe" = C:\Documents and Settings\zakaznik\Plocha\uTorrent.exe:*:Enabled:µTorrent
"C:\Documents and Settings\zakaznik\Data aplikací\uTorrent\uTorrent.exe" = C:\Documents and Settings\zakaznik\Data aplikací\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent Inc.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{1BF66D77-6604-4f3f-B3AE-D640AFB58A88}" = Autodesk Vault 2010 (Client)
"{1FB138CC-5503-4B4A-BC42-81E9C1FF26EE}" = Autodesk Inventor Content Center Libraries 2010 (Desktop Content)
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4324BC93-C82F-ED16-BA86-5E34B9E05303}" = ccc-core-static
"{49B6C667-BADF-4CBB-81A5-62053B02240A}" = ESET Smart Security
"{4ED118EE-785C-CC18-5D2E-D5CA4BAA03F0}" = Catalyst Control Center Graphics Full New
"{52969324-463B-4643-BF36-854BE2BECB89}" = Autodesk Inventor Professional 2010
"{539475B7-44B7-8B0A-134C-F01B9C8B7569}" = ccc-core-preinstall
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{55D9E026-DCB0-46FF-B60A-68B972228CF6}" = Autodesk Design Review 2010
"{5783F2D7-8005-0405-0002-0060B0CE6BBA}" = AutoCAD Mechanical 2010
"{5783F2D7-8005-0405-1002-0060B0CE6BBA}" = Jazykový balíček AutoCAD Mechanical 2010 – čeština
"{5783F2D7-8028-0409-0000-0060B0CE6BBA}" = DWG TrueView 2010
"{5AC7AE54-55DF-1126-076C-623F008D40B6}" = Catalyst Control Center Graphics Full Existing
"{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}" = Microsoft LifeCam
"{6351D217-3EE3-1967-29BE-6A77635FE485}" = Skins
"{6AB9CD3A-F91F-233B-923B-6C59BA63524D}" = Catalyst Control Center HydraVision Full
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{723D0010-CA4C-4248-B206-10B80B1EDBCC}" = Jazykový balíček Autodesk Vault 2010 (Client) – čeština
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{7F4DD591-1400-0409-0000-7107D70F3DB4}" = Autodesk Inventor Professional 2010
"{7F947BFE-C2DF-4779-9909-5BEE746BD0C4}" = Microsoft .NET Framework 2.0 Language Pack - CSY
"{85A91C22-C369-FCFB-5F1F-D59EB21AD0E1}" = CCC Help English
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A6D0140F-E62F-9D1E-2408-9CFF91FF6FC8}" = ccc-utility
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Czech
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C44A7422-E380-44BE-79FE-1C032D8A03A7}" = Catalyst Control Center Core Implementation
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5D24929-91A4-B0A1-DE00-AFC453921EF7}" = Catalyst Control Center Graphics Light
"{E6C09BFB-BA75-15C7-5B18-A2CE31C4F42B}" = Catalyst Control Center Graphics Previews Common
"{E7C6D565-2E48-4303-A114-AFE7B2E561AF}_is1" = FotoSketcher 2.30
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FE48654B-F9AA-40ED-BEF3-48F3FE2FA847}" = Philips Media Converter
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"AutoCAD Mechanical 2010" = AutoCAD Mechanical 2010
"Autodesk Design Review 2010" = Autodesk Design Review 2010
"Autodesk Inventor Professional 2010" = Autodesk Inventor Professional 2010 čeština (Czech)
"Autodesk Vault 2010 (Client)" = Autodesk Vault 2010 (Client)
"B81055EA372C9E3EA5000B4BD9585D992D51F1DE" = Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/11/2009 2.0.0010.00002)
"CAL" = Canon Camera Access Library
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"CCleaner" = CCleaner
"Czech Soccer Manager" = Czech Soccer Manager
"DWG TrueView 2010" = DWG TrueView 2010
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Hide Folder" = Free Hide Folder
"GOM Player" = GOM Player
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.8.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Microsoft .NET Framework 2.0 Language Pack - CSY" = Microsoft .NET Framework 2.0 Language Pack - CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox 31.0 (x86 cs)" = Mozilla Firefox 31.0 (x86 cs)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NOD32 v3.x FiX 1.1 by TemDono_is1" = NOD32 v3.x FiX 1.1 by TemDono (Free Updates - Expire in 2050)
"Opera 12.00.1467" = Opera 12.00
"PhotoStitch" = Canon Utilities PhotoStitch
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"Settlers 3: Gold Edition CZ_is1" = Settlers 3 Gold Edition 1.60
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2052111302-2077806209-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 8.10.2014 14:13:30 | Computer Name = USER | Source = Application Error | ID = 1000
Description = Chybující aplikace plugin-container.exe, verze 31.0.0.5310, chybující
modul mozalloc.dll, verze 31.0.0.5310, adresa chyby 0x0000141b.
Error - 17.10.2014 8:56:02 | Computer Name = USER | Source = Application Error | ID = 1000
Description = Chybující aplikace plugin-container.exe, verze 31.0.0.5310, chybující
modul mozalloc.dll, verze 31.0.0.5310, adresa chyby 0x0000141b.
Error - 19.10.2014 12:53:05 | Computer Name = USER | Source = NTBackup | ID = 8001
Description = Ukončit zálohování 'C:' 'Bylo zobrazeno upozornění nebo došlo k chybě.'
Ověřit:
Off Režim: Replace Typ: Normal Další podrobnosti naleznete v protokolu zálohování.
Error - 19.10.2014 12:53:10 | Computer Name = USER | Source = NTBackup | ID = 8019
Description = Konec operace: Bylo zobrazeno upozornění nebo došlo k chybě. Podrobnosti
naleznete v protokolu zálohování.
Error - 19.10.2014 15:04:40 | Computer Name = USER | Source = WinMgmt | ID = 4
Description = Při obnovování souboru úložiště se nepodařilo načíst soubor MOF C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\ASPNET.MOF.
Error - 19.10.2014 15:04:40 | Computer Name = USER | Source = WinMgmt | ID = 4
Description = Při obnovování souboru úložiště se nepodařilo načíst soubor MOF C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.0\WINDOWS
COMMUNICATION FOUNDATION\SERVICEMODEL.MOF.
Error - 19.10.2014 15:04:42 | Computer Name = USER | Source = WinMgmt | ID = 4
Description = Při obnovování souboru úložiště se nepodařilo načíst soubor MOF C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\CLR.MOF.
Error - 19.10.2014 15:04:42 | Computer Name = USER | Source = WinMgmt | ID = 4
Description = Při obnovování souboru úložiště se nepodařilo načíst soubor MOF C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V4.0.30319\MOF\SERVICEMODEL.MOF.
Error - 22.10.2014 11:45:38 | Computer Name = USER | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace mbam.exe, verze 1.75.0.1, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.
Error - 22.10.2014 11:45:39 | Computer Name = USER | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace mbam.exe, verze 1.75.0.1, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.
[ OSession Events ]
Error - 24.10.2009 7:11:40 | Computer Name = USER | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 36
seconds with 0 seconds of active time. This session ended with a crash.
Error - 9.5.2010 6:39:15 | Computer Name = USER | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 18232 seconds with 1620 seconds of active time. This session ended with
a crash.
[ System Events ]
Error - 21.10.2014 10:44:19 | Computer Name = USER | Source = Service Control Manager | ID = 7023
Description = Služba Windows Management Configuration byla ukončena s následující
chybou: %%126
Error - 21.10.2014 13:46:26 | Computer Name = USER | Source = Service Control Manager | ID = 7023
Description = Služba Windows Management Configuration byla ukončena s následující
chybou: %%126
Error - 22.10.2014 0:36:54 | Computer Name = USER | Source = Service Control Manager | ID = 7023
Description = Služba Windows Management Configuration byla ukončena s následující
chybou: %%126
Error - 22.10.2014 11:41:24 | Computer Name = USER | Source = Service Control Manager | ID = 7011
Description = Vypršel časový limit (30000 milisekund) čekání na odezvu transakce
služby Dnscache.
Error - 23.10.2014 0:09:58 | Computer Name = USER | Source = Service Control Manager | ID = 7023
Description = Služba Windows Management Configuration byla ukončena s následující
chybou: %%126
Error - 23.10.2014 3:14:31 | Computer Name = USER | Source = Service Control Manager | ID = 7011
Description = Vypršel časový limit (30000 milisekund) čekání na odezvu transakce
služby Dnscache.
Error - 23.10.2014 10:02:46 | Computer Name = USER | Source = Service Control Manager | ID = 7023
Description = Služba Windows Management Configuration byla ukončena s následující
chybou: %%126
Error - 23.10.2014 12:03:04 | Computer Name = USER | Source = Service Control Manager | ID = 7011
Description = Vypršel časový limit (30000 milisekund) čekání na odezvu transakce
služby Dnscache.
Error - 23.10.2014 13:22:34 | Computer Name = USER | Source = Service Control Manager | ID = 7023
Description = Služba Windows Management Configuration byla ukončena s následující
chybou: %%126
Error - 23.10.2014 23:50:36 | Computer Name = USER | Source = Service Control Manager | ID = 7023
Description = Služba Windows Management Configuration byla ukončena s následující
chybou: %%126
< End of report >
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
casablancass
- Návštěvník
- Příspěvky: 51
- Registrován: 04 črc 2012 15:06
Re: prosím o kontrolu
OTL logfile created on: 24.10.2014 6:00:13 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\zakaznik\Plocha\firefox stažené
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1022,42 Mb Total Physical Memory | 515,54 Mb Available Physical Memory | 50,42% Memory free
2,40 Gb Paging File | 1,85 Gb Available in Paging File | 76,96% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 25,78 Gb Free Space | 17,30% Space Free | Partition Type: NTFS
Computer Name: USER | User Name: zakaznik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014.10.24 05:54:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\zakaznik\Plocha\firefox stažené\OTL.exe
PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2010.11.15 09:10:18 | 000,217,088 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2010.05.20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2009.04.23 15:51:38 | 000,691,656 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.12.21 08:21:16 | 000,468,224 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2007.12.21 08:21:06 | 001,443,072 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2007.01.31 15:55:42 | 000,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
========== Modules (No Company Name) ==========
MOD - [2011.10.19 09:50:09 | 011,797,504 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\d987cf1de4ba688da92e212a374232c2\System.Web.ni.dll
MOD - [2011.10.19 09:48:17 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\631b3eba1ba5bd3c3f027f34011cadeb\System.Configuration.ni.dll
MOD - [2011.10.18 20:48:53 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2011.10.18 20:46:15 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\563a54b98adb70fae862974042298348\System.Xml.ni.dll
MOD - [2011.10.18 20:46:03 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\2dfe045e4b1577fdea9a2f456db0afc2\System.Windows.Forms.ni.dll
MOD - [2011.10.18 20:45:34 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\f3440ea00eb3c40dc073b2fe03843638\System.Drawing.ni.dll
MOD - [2011.10.18 20:42:34 | 007,949,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\37217abe2c5164e59aba251860f4c79e\System.ni.dll
MOD - [2010.01.11 08:05:39 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\e63d6d26b8a664cfdfbd4ad75e03c14d\Accessibility.ni.dll
MOD - [2010.01.10 21:50:19 | 011,486,720 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll
MOD - [2009.07.03 16:14:42 | 000,011,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3343.28356__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MOD - [2009.07.03 16:14:42 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3343.28356__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MOD - [2009.07.03 16:14:42 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3343.28359__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
MOD - [2009.07.03 16:14:42 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3343.28356__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2009.07.03 16:14:41 | 001,728,512 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3343.28228__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2009.07.03 16:14:41 | 000,692,224 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3343.28295__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
MOD - [2009.07.03 16:14:41 | 000,491,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3343.28338__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2009.07.03 16:14:41 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3343.28315__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2009.07.03 16:14:41 | 000,290,816 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3343.28200__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2009.07.03 16:14:41 | 000,204,800 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3343.28229__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2009.07.03 16:14:41 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3343.28309__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2009.07.03 16:14:41 | 000,069,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3343.28281__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2009.07.03 16:14:41 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3343.28221__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2009.07.03 16:14:41 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3343.28263__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2009.07.03 16:14:41 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3343.28213__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2009.07.03 16:14:40 | 000,139,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3343.28339__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2009.07.03 16:14:40 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3343.28229__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
MOD - [2009.07.03 16:14:40 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3343.28289__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2009.07.03 16:14:40 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3343.28213__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2009.07.03 16:14:40 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3343.28228__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
MOD - [2009.07.03 16:14:39 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3343.28288__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2009.07.03 16:14:39 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3343.28288__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2009.07.03 16:14:38 | 001,036,288 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Dashboard\2.0.3343.28245__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Dashboard.dll
MOD - [2009.07.03 16:14:38 | 000,069,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Runtime\2.0.3343.28244__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Runtime.dll
MOD - [2009.07.03 16:14:37 | 000,811,008 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3343.28265__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2009.07.03 16:14:37 | 000,712,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3343.28215__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2009.07.03 16:14:37 | 000,589,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3343.28230__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2009.07.03 16:14:37 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3343.28301__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2009.07.03 16:14:37 | 000,225,280 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3343.28230__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2009.07.03 16:14:37 | 000,126,976 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3343.28278__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2009.07.03 16:14:37 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3343.28264__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2009.07.03 16:14:37 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3343.28278__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2009.07.03 16:14:36 | 000,798,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3343.28310__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2009.07.03 16:14:36 | 000,675,840 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3343.28282__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll
MOD - [2009.07.03 16:14:36 | 000,450,560 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3343.28257__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2009.07.03 16:14:36 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3343.28263__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2009.07.03 16:14:36 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3343.28236__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2009.07.03 16:14:36 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3343.28279__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2009.07.03 16:14:35 | 000,438,272 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3343.28264__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2009.07.03 16:14:35 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3343.28264__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2009.07.03 16:14:35 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2009.07.03 16:14:35 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2009.07.03 16:14:35 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2009.07.03 16:14:35 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2009.07.03 16:14:35 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2009.07.03 16:14:34 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2009.07.03 16:14:34 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2009.07.03 16:14:34 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2009.07.03 16:14:33 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2009.07.03 16:14:33 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2009.07.03 16:14:33 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2009.07.03 16:14:33 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2009.07.03 16:14:33 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2009.07.03 16:14:33 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2009.07.03 16:14:33 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2009.07.03 16:14:33 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2009.07.03 16:14:33 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2009.07.03 16:14:33 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll
MOD - [2009.07.03 16:14:33 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2009.07.03 16:14:33 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2009.07.03 16:14:33 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2009.07.03 16:14:32 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2009.07.03 16:14:32 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2009.07.03 16:14:32 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2009.07.03 16:14:32 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2009.07.03 16:14:32 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
MOD - [2009.07.03 16:14:32 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2009.07.03 16:14:32 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2009.07.03 16:14:32 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2009.07.03 16:14:31 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2009.07.03 16:14:31 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2009.07.03 16:14:31 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2009.07.03 16:14:31 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2009.07.03 16:14:31 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2009.07.03 16:14:31 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2009.07.03 16:14:31 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Shared\2.0.3309.28633__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Shared.dll
MOD - [2009.07.03 16:14:31 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2009.07.03 16:14:31 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2009.07.03 16:14:30 | 000,503,808 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3343.28368__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2009.07.03 16:14:30 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3343.28330__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2009.07.03 16:14:30 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3343.28328__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2009.07.03 16:14:30 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2009.07.03 16:14:30 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3343.28347__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2009.07.03 16:14:30 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2009.07.03 16:14:30 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2009.07.03 16:14:30 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2009.07.03 16:14:30 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2009.07.03 16:14:30 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2009.07.03 16:14:30 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2009.07.03 16:14:30 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2009.07.03 16:14:30 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll
MOD - [2009.07.03 16:14:30 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2009.07.03 16:14:30 | 000,014,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2009.07.03 16:14:30 | 000,013,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2009.07.03 16:14:30 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3343.28197__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2009.07.03 16:14:29 | 001,142,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3343.28207__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2009.07.03 16:14:29 | 000,544,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3343.28321__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2009.07.03 16:14:29 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3343.28221__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2009.07.03 16:14:29 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3343.28198__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2009.07.03 16:14:29 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3343.28199__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2009.07.03 16:14:29 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2009.07.03 16:14:29 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2009.07.03 16:14:29 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2009.07.03 16:14:28 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3343.28199__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2009.07.03 16:14:28 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3343.28198__90ba9c70f846762e\APM.Server.dll
MOD - [2009.07.03 16:14:28 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2009.07.03 16:14:28 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2009.07.03 16:14:28 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3343.28329__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2009.07.03 16:14:28 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2009.07.03 16:14:27 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3343.28197__90ba9c70f846762e\AEM.Server.dll
MOD - [2009.06.01 20:34:53 | 000,425,984 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_cs_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.06.01 20:34:49 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.10.30 14:39:12 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2008.04.14 08:51:48 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\\System\icm64.dll -- (wmcmgc)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2010.11.15 09:10:18 | 000,217,088 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010.05.20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2009.10.17 13:37:50 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007.12.21 08:22:44 | 000,019,200 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2007.12.21 08:21:16 | 000,468,224 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2007.01.31 15:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\zakaznik\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a0tit4wx)
DRV - [2013.04.04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010.11.15 09:10:18 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010.05.20 15:27:24 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2009.11.12 17:35:42 | 000,004,736 | ---- | M] (null_flt) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\null_flt.sys -- (null_flt)
DRV - [2009.10.21 10:44:44 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009.05.22 23:37:50 | 005,082,624 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2009.02.26 00:58:57 | 003,565,568 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.12.18 23:44:00 | 000,028,816 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2008.12.18 23:43:54 | 000,079,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2008.12.18 23:43:48 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2008.12.18 23:43:40 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2008.12.18 23:43:12 | 000,063,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2008.12.18 23:43:06 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2008.08.05 20:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2007.12.21 08:21:54 | 000,053,768 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2007.12.21 08:21:52 | 000,030,728 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2007.12.21 08:21:46 | 000,071,176 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)
DRV - [2007.12.21 08:20:14 | 000,030,216 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\easdrv.sys -- (easdrv)
DRV - [2007.12.21 08:19:54 | 000,039,944 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2006.01.04 15:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2005.05.31 15:40:20 | 000,020,480 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2005.05.31 09:42:28 | 000,023,000 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2005.04.30 14:50:20 | 000,011,860 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vbtenum.sys -- (BTHidEnum)
DRV - [2005.04.30 14:50:10 | 000,028,271 | ---- | M] (IVT Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\BTHidMgr.sys -- (BTHidMgr)
DRV - [2005.04.30 14:48:58 | 000,010,804 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BtNetDrv.sys -- (BT)
DRV - [2005.03.25 17:18:48 | 000,082,148 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2004.12.16 16:32:54 | 000,013,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BTNetFilter.sys -- (BTNetFilter)
DRV - [2004.10.19 13:37:38 | 000,061,312 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2052111302-2077806209-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-2052111302-2077806209-1801674531-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2052111302-2077806209-1801674531-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2052111302-2077806209-1801674531-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2052111302-2077806209-1801674531-1003\..\SearchScopes\{A3DD4E2F-70A3-483C-93B4-99593AD1FF7B}: "URL" = http://www.google.cz/search?q={searchTe ... {startPage}
IE - HKU\S-1-5-21-2052111302-2077806209-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2052111302-2077806209-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:8080
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B20a82645-c095-46ed-80e3-08825760534b%7D:0.0.0
FF - prefs.js..extensions.enabledAddons: sese%40yasanori:1.0.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_64.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files\TVUPlayer\npTVUAx.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014.08.14 09:03:27 | 000,000,000 | ---D | M]
[2013.01.03 12:32:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Extensions
[2013.01.03 12:32:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Extensions\songbird@songbirdnest.com
[2014.10.20 11:11:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default\extensions
[2014.05.10 10:28:29 | 000,002,144 | ---- | M] () (No name found) -- C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default\extensions\sese@yasanori.xpi
[2013.11.09 11:24:10 | 000,074,744 | R--- | M] () (No name found) -- C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default\extensions\utopia_ffse_white_options@www.theme-oasis.org.xpi
[2013.11.09 11:24:10 | 003,114,261 | R--- | M] () (No name found) -- C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default\extensions\{20C3BDFF-DA68-468d-8D9A-F5A6C76B0F9E}.xpi
[2014.10.20 11:11:13 | 000,979,610 | ---- | M] () (No name found) -- C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.01.11 13:45:59 | 000,001,637 | ---- | M] () -- C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default\searchplugins\doplky-pro-firefox.xml
[2013.12.02 23:28:46 | 000,002,462 | ---- | M] () -- C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default\searchplugins\google-esk-republika---pouze-esky.xml
[2013.12.02 23:28:46 | 000,002,421 | ---- | M] () -- C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default\searchplugins\google-esk-republika.xml
[2013.01.11 14:09:17 | 000,001,907 | ---- | M] () -- C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default\searchplugins\google-peklada.xml
[2013.12.10 10:55:18 | 000,002,359 | ---- | M] () -- C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default\searchplugins\google-us.xml
[2014.08.14 09:03:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014.08.14 09:04:52 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ZAKAZNIK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\S2EJ2UMB.DEFAULT\EXTENSIONS\SESE@YASANORI.XPI
[2010.01.10 21:38:11 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
O1 HOSTS File: ([2014.10.18 14:49:33 | 000,449,910 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15470 more lines...
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SysMon] C:\Documents and Settings\All Users\Data aplikací\SysMon\ASK.dll (Amplusnet)
O4 - HKU\S-1-5-21-2052111302-2077806209-1801674531-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2052111302-2077806209-1801674531-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2052111302-2077806209-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-2052111302-2077806209-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-2052111302-2077806209-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://icq.oberon-media.com/Gameshell/G ... meHost.cab (Oberon Flash Game Host)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 94.74.192.252 94.74.192.244
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF426A88-4E87-4378-A11C-AE6CA70FBAD9}: DhcpNameServer = 94.74.192.252 94.74.192.244
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.10.17 12:16:18 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2009.06.01 17:56:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: wmcmgc - C:\Program Files\Common Files\\System\icm64.dll File not found
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014.10.21 11:34:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2014.10.21 11:34:31 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2014.10.21 11:34:31 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2014.10.21 06:21:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zakaznik\Data aplikací\Malwarebytes
[2014.10.21 06:20:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2014.10.19 21:57:34 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.10.19 21:09:50 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.10.19 21:09:49 | 000,000,000 | ---D | C] -- C:\rsit
[2014.10.19 21:02:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2014.10.19 19:35:31 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2014.10.19 19:35:30 | 001,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2014.10.19 19:35:28 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpcdll.dll
[2014.10.19 19:35:26 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irbus.sys
[2014.10.19 19:35:25 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe
[2014.10.19 19:35:19 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2014.10.19 19:35:18 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2014.10.19 19:35:18 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2014.10.19 19:35:17 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2014.10.19 19:35:17 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2014.10.19 19:35:17 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2014.10.19 19:35:17 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2014.10.19 19:35:16 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2014.10.19 19:35:04 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2014.10.19 19:35:04 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2014.10.19 19:34:54 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2014.10.19 19:34:45 | 000,056,320 | ---- | C] (Společnost Microsoft) -- C:\WINDOWS\System32\dot3msm.dll
[2014.10.19 19:34:45 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2014.10.19 19:34:35 | 000,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2014.10.19 19:34:24 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2014.10.19 19:34:06 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2014.10.19 19:33:57 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2014.10.19 19:33:38 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2014.10.19 19:33:36 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2014.10.19 19:33:31 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2014.10.19 19:33:31 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2014.10.19 19:33:30 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2014.10.19 19:33:30 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2014.10.19 19:33:11 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2014.10.19 19:33:08 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2014.10.19 19:33:08 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2014.10.19 19:33:08 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2014.10.19 19:33:08 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2014.10.19 19:33:07 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2014.10.19 19:32:57 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2014.10.19 19:32:56 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2014.10.19 19:32:55 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2014.10.19 19:32:55 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2014.10.19 19:32:46 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2014.10.19 19:32:45 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2014.10.19 19:32:42 | 004,274,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2014.10.19 19:32:30 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2014.10.19 19:32:11 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2014.10.19 19:32:02 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2014.10.19 19:32:01 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2014.10.19 19:32:00 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2014.10.19 19:32:00 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2014.10.19 19:32:00 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2014.10.19 19:31:59 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2014.10.19 19:31:59 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2014.10.19 19:31:59 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2014.10.19 19:31:57 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2014.10.19 19:31:57 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2014.10.19 19:31:45 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2014.10.19 19:31:41 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2014.10.19 19:31:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2014.10.19 19:31:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cs
[2014.10.19 19:31:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2014.10.19 19:11:55 | 000,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2014.10.19 19:11:55 | 000,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2014.10.19 19:11:55 | 000,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2014.10.19 19:11:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2014.10.19 19:11:54 | 000,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2014.10.19 19:11:54 | 000,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2014.10.19 19:11:54 | 000,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2014.10.19 19:11:54 | 000,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2014.10.19 19:11:53 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2014.10.19 19:11:52 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2014.10.19 19:11:52 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2014.10.19 19:11:52 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2014.10.19 19:11:52 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2014.10.19 19:11:52 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2014.10.19 19:11:52 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2014.10.19 19:11:52 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2014.10.19 19:11:52 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2014.10.19 19:11:52 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2014.10.19 19:11:51 | 000,326,912 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2014.10.19 19:11:51 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2014.10.19 19:11:51 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2014.10.19 19:11:51 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2014.10.19 19:11:51 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2014.10.19 19:11:51 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2014.10.19 19:11:51 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2014.10.19 19:11:50 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2014.10.19 19:11:50 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2014.10.19 19:11:50 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2014.10.19 19:11:50 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2014.10.19 19:11:50 | 000,021,183 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2014.10.19 19:11:50 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2014.10.19 19:11:50 | 000,011,359 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2014.10.19 19:11:49 | 000,017,279 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2014.10.19 19:11:49 | 000,014,143 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2014.10.19 19:11:47 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2014.10.19 19:11:47 | 000,015,423 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2014.10.19 19:11:44 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2014.10.19 19:11:44 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2014.10.19 19:11:43 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2014.10.19 19:11:43 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2014.10.19 19:11:43 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2014.10.19 19:11:42 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2014.10.19 19:11:42 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2014.10.19 19:11:42 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2014.10.19 19:11:41 | 000,003,901 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2014.10.19 19:11:40 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2014.10.19 19:11:40 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2014.10.19 19:11:40 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2014.10.19 19:11:40 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2014.10.19 19:11:40 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2014.10.19 19:11:38 | 000,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2014.10.19 19:11:37 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2014.10.19 19:11:37 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2014.10.19 19:11:37 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2014.10.19 19:11:37 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2014.10.19 19:11:37 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2014.10.19 19:11:37 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2014.10.19 19:00:06 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2014.10.19 18:45:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zakaznik\Plocha\zaloha
[2014.10.19 10:41:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zakaznik\Plocha\firefox stažené
[2014.10.18 10:54:10 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\zakaznik\Recent
[90 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[405 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[4 C:\Documents and Settings\zakaznik\Plocha\*.tmp files -> C:\Documents and Settings\zakaznik\Plocha\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\zakaznik\Plocha\firefox stažené
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1022,42 Mb Total Physical Memory | 515,54 Mb Available Physical Memory | 50,42% Memory free
2,40 Gb Paging File | 1,85 Gb Available in Paging File | 76,96% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 25,78 Gb Free Space | 17,30% Space Free | Partition Type: NTFS
Computer Name: USER | User Name: zakaznik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014.10.24 05:54:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\zakaznik\Plocha\firefox stažené\OTL.exe
PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2010.11.15 09:10:18 | 000,217,088 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2010.05.20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2009.04.23 15:51:38 | 000,691,656 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.12.21 08:21:16 | 000,468,224 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2007.12.21 08:21:06 | 001,443,072 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2007.01.31 15:55:42 | 000,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
========== Modules (No Company Name) ==========
MOD - [2011.10.19 09:50:09 | 011,797,504 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\d987cf1de4ba688da92e212a374232c2\System.Web.ni.dll
MOD - [2011.10.19 09:48:17 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\631b3eba1ba5bd3c3f027f34011cadeb\System.Configuration.ni.dll
MOD - [2011.10.18 20:48:53 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2011.10.18 20:46:15 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\563a54b98adb70fae862974042298348\System.Xml.ni.dll
MOD - [2011.10.18 20:46:03 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\2dfe045e4b1577fdea9a2f456db0afc2\System.Windows.Forms.ni.dll
MOD - [2011.10.18 20:45:34 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\f3440ea00eb3c40dc073b2fe03843638\System.Drawing.ni.dll
MOD - [2011.10.18 20:42:34 | 007,949,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\37217abe2c5164e59aba251860f4c79e\System.ni.dll
MOD - [2010.01.11 08:05:39 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\e63d6d26b8a664cfdfbd4ad75e03c14d\Accessibility.ni.dll
MOD - [2010.01.10 21:50:19 | 011,486,720 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll
MOD - [2009.07.03 16:14:42 | 000,011,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3343.28356__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MOD - [2009.07.03 16:14:42 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3343.28356__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MOD - [2009.07.03 16:14:42 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3343.28359__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
MOD - [2009.07.03 16:14:42 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3343.28356__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2009.07.03 16:14:41 | 001,728,512 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3343.28228__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2009.07.03 16:14:41 | 000,692,224 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3343.28295__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
MOD - [2009.07.03 16:14:41 | 000,491,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3343.28338__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2009.07.03 16:14:41 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3343.28315__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2009.07.03 16:14:41 | 000,290,816 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3343.28200__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2009.07.03 16:14:41 | 000,204,800 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3343.28229__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2009.07.03 16:14:41 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3343.28309__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2009.07.03 16:14:41 | 000,069,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3343.28281__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2009.07.03 16:14:41 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3343.28221__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2009.07.03 16:14:41 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3343.28263__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2009.07.03 16:14:41 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3343.28213__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2009.07.03 16:14:40 | 000,139,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3343.28339__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2009.07.03 16:14:40 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3343.28229__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
MOD - [2009.07.03 16:14:40 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3343.28289__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2009.07.03 16:14:40 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3343.28213__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2009.07.03 16:14:40 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3343.28228__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
MOD - [2009.07.03 16:14:39 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3343.28288__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2009.07.03 16:14:39 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3343.28288__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2009.07.03 16:14:38 | 001,036,288 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Dashboard\2.0.3343.28245__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Dashboard.dll
MOD - [2009.07.03 16:14:38 | 000,069,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Runtime\2.0.3343.28244__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Runtime.dll
MOD - [2009.07.03 16:14:37 | 000,811,008 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3343.28265__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2009.07.03 16:14:37 | 000,712,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3343.28215__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2009.07.03 16:14:37 | 000,589,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3343.28230__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2009.07.03 16:14:37 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3343.28301__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2009.07.03 16:14:37 | 000,225,280 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3343.28230__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2009.07.03 16:14:37 | 000,126,976 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3343.28278__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2009.07.03 16:14:37 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3343.28264__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2009.07.03 16:14:37 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3343.28278__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2009.07.03 16:14:36 | 000,798,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3343.28310__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2009.07.03 16:14:36 | 000,675,840 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3343.28282__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll
MOD - [2009.07.03 16:14:36 | 000,450,560 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3343.28257__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2009.07.03 16:14:36 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3343.28263__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2009.07.03 16:14:36 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3343.28236__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2009.07.03 16:14:36 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3343.28279__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2009.07.03 16:14:35 | 000,438,272 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3343.28264__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2009.07.03 16:14:35 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3343.28264__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2009.07.03 16:14:35 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2009.07.03 16:14:35 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2009.07.03 16:14:35 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2009.07.03 16:14:35 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2009.07.03 16:14:35 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2009.07.03 16:14:34 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2009.07.03 16:14:34 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2009.07.03 16:14:34 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2009.07.03 16:14:33 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2009.07.03 16:14:33 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2009.07.03 16:14:33 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2009.07.03 16:14:33 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2009.07.03 16:14:33 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2009.07.03 16:14:33 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2009.07.03 16:14:33 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2009.07.03 16:14:33 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2009.07.03 16:14:33 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2009.07.03 16:14:33 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll
MOD - [2009.07.03 16:14:33 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2009.07.03 16:14:33 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2009.07.03 16:14:33 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2009.07.03 16:14:32 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2009.07.03 16:14:32 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2009.07.03 16:14:32 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2009.07.03 16:14:32 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2009.07.03 16:14:32 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
MOD - [2009.07.03 16:14:32 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2009.07.03 16:14:32 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2009.07.03 16:14:32 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2009.07.03 16:14:31 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2009.07.03 16:14:31 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2009.07.03 16:14:31 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2009.07.03 16:14:31 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2009.07.03 16:14:31 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2009.07.03 16:14:31 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2009.07.03 16:14:31 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Shared\2.0.3309.28633__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Shared.dll
MOD - [2009.07.03 16:14:31 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2009.07.03 16:14:31 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2009.07.03 16:14:30 | 000,503,808 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3343.28368__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2009.07.03 16:14:30 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3343.28330__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2009.07.03 16:14:30 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3343.28328__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2009.07.03 16:14:30 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2009.07.03 16:14:30 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3343.28347__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2009.07.03 16:14:30 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2009.07.03 16:14:30 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2009.07.03 16:14:30 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2009.07.03 16:14:30 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2009.07.03 16:14:30 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2009.07.03 16:14:30 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2009.07.03 16:14:30 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2009.07.03 16:14:30 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll
MOD - [2009.07.03 16:14:30 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2009.07.03 16:14:30 | 000,014,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2009.07.03 16:14:30 | 000,013,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2009.07.03 16:14:30 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3343.28197__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2009.07.03 16:14:29 | 001,142,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3343.28207__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2009.07.03 16:14:29 | 000,544,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3343.28321__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2009.07.03 16:14:29 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3343.28221__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2009.07.03 16:14:29 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3343.28198__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2009.07.03 16:14:29 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3343.28199__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2009.07.03 16:14:29 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2009.07.03 16:14:29 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2009.07.03 16:14:29 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2009.07.03 16:14:28 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3343.28199__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2009.07.03 16:14:28 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3343.28198__90ba9c70f846762e\APM.Server.dll
MOD - [2009.07.03 16:14:28 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2009.07.03 16:14:28 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2009.07.03 16:14:28 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3343.28329__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2009.07.03 16:14:28 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2009.07.03 16:14:27 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3343.28197__90ba9c70f846762e\AEM.Server.dll
MOD - [2009.06.01 20:34:53 | 000,425,984 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_cs_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.06.01 20:34:49 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.10.30 14:39:12 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2008.04.14 08:51:48 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\\System\icm64.dll -- (wmcmgc)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2010.11.15 09:10:18 | 000,217,088 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010.05.20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2009.10.17 13:37:50 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007.12.21 08:22:44 | 000,019,200 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2007.12.21 08:21:16 | 000,468,224 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2007.01.31 15:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\zakaznik\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a0tit4wx)
DRV - [2013.04.04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010.11.15 09:10:18 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010.05.20 15:27:24 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2009.11.12 17:35:42 | 000,004,736 | ---- | M] (null_flt) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\null_flt.sys -- (null_flt)
DRV - [2009.10.21 10:44:44 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009.05.22 23:37:50 | 005,082,624 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2009.02.26 00:58:57 | 003,565,568 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.12.18 23:44:00 | 000,028,816 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2008.12.18 23:43:54 | 000,079,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2008.12.18 23:43:48 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2008.12.18 23:43:40 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2008.12.18 23:43:12 | 000,063,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2008.12.18 23:43:06 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2008.08.05 20:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2007.12.21 08:21:54 | 000,053,768 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2007.12.21 08:21:52 | 000,030,728 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2007.12.21 08:21:46 | 000,071,176 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)
DRV - [2007.12.21 08:20:14 | 000,030,216 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\easdrv.sys -- (easdrv)
DRV - [2007.12.21 08:19:54 | 000,039,944 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2006.01.04 15:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2005.05.31 15:40:20 | 000,020,480 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2005.05.31 09:42:28 | 000,023,000 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2005.04.30 14:50:20 | 000,011,860 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vbtenum.sys -- (BTHidEnum)
DRV - [2005.04.30 14:50:10 | 000,028,271 | ---- | M] (IVT Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\BTHidMgr.sys -- (BTHidMgr)
DRV - [2005.04.30 14:48:58 | 000,010,804 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BtNetDrv.sys -- (BT)
DRV - [2005.03.25 17:18:48 | 000,082,148 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2004.12.16 16:32:54 | 000,013,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BTNetFilter.sys -- (BTNetFilter)
DRV - [2004.10.19 13:37:38 | 000,061,312 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2052111302-2077806209-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-2052111302-2077806209-1801674531-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2052111302-2077806209-1801674531-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2052111302-2077806209-1801674531-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2052111302-2077806209-1801674531-1003\..\SearchScopes\{A3DD4E2F-70A3-483C-93B4-99593AD1FF7B}: "URL" = http://www.google.cz/search?q={searchTe ... {startPage}
IE - HKU\S-1-5-21-2052111302-2077806209-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2052111302-2077806209-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:8080
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B20a82645-c095-46ed-80e3-08825760534b%7D:0.0.0
FF - prefs.js..extensions.enabledAddons: sese%40yasanori:1.0.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_64.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files\TVUPlayer\npTVUAx.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014.08.14 09:03:27 | 000,000,000 | ---D | M]
[2013.01.03 12:32:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Extensions
[2013.01.03 12:32:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Extensions\songbird@songbirdnest.com
[2014.10.20 11:11:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default\extensions
[2014.05.10 10:28:29 | 000,002,144 | ---- | M] () (No name found) -- C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default\extensions\sese@yasanori.xpi
[2013.11.09 11:24:10 | 000,074,744 | R--- | M] () (No name found) -- C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default\extensions\utopia_ffse_white_options@www.theme-oasis.org.xpi
[2013.11.09 11:24:10 | 003,114,261 | R--- | M] () (No name found) -- C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default\extensions\{20C3BDFF-DA68-468d-8D9A-F5A6C76B0F9E}.xpi
[2014.10.20 11:11:13 | 000,979,610 | ---- | M] () (No name found) -- C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.01.11 13:45:59 | 000,001,637 | ---- | M] () -- C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default\searchplugins\doplky-pro-firefox.xml
[2013.12.02 23:28:46 | 000,002,462 | ---- | M] () -- C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default\searchplugins\google-esk-republika---pouze-esky.xml
[2013.12.02 23:28:46 | 000,002,421 | ---- | M] () -- C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default\searchplugins\google-esk-republika.xml
[2013.01.11 14:09:17 | 000,001,907 | ---- | M] () -- C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default\searchplugins\google-peklada.xml
[2013.12.10 10:55:18 | 000,002,359 | ---- | M] () -- C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default\searchplugins\google-us.xml
[2014.08.14 09:03:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014.08.14 09:04:52 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ZAKAZNIK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\S2EJ2UMB.DEFAULT\EXTENSIONS\SESE@YASANORI.XPI
[2010.01.10 21:38:11 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
O1 HOSTS File: ([2014.10.18 14:49:33 | 000,449,910 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15470 more lines...
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SysMon] C:\Documents and Settings\All Users\Data aplikací\SysMon\ASK.dll (Amplusnet)
O4 - HKU\S-1-5-21-2052111302-2077806209-1801674531-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2052111302-2077806209-1801674531-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2052111302-2077806209-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-2052111302-2077806209-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-2052111302-2077806209-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://icq.oberon-media.com/Gameshell/G ... meHost.cab (Oberon Flash Game Host)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 94.74.192.252 94.74.192.244
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF426A88-4E87-4378-A11C-AE6CA70FBAD9}: DhcpNameServer = 94.74.192.252 94.74.192.244
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.10.17 12:16:18 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2009.06.01 17:56:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: wmcmgc - C:\Program Files\Common Files\\System\icm64.dll File not found
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014.10.21 11:34:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2014.10.21 11:34:31 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2014.10.21 11:34:31 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2014.10.21 06:21:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zakaznik\Data aplikací\Malwarebytes
[2014.10.21 06:20:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2014.10.19 21:57:34 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.10.19 21:09:50 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.10.19 21:09:49 | 000,000,000 | ---D | C] -- C:\rsit
[2014.10.19 21:02:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2014.10.19 19:35:31 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2014.10.19 19:35:30 | 001,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2014.10.19 19:35:28 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpcdll.dll
[2014.10.19 19:35:26 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irbus.sys
[2014.10.19 19:35:25 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe
[2014.10.19 19:35:19 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2014.10.19 19:35:18 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2014.10.19 19:35:18 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2014.10.19 19:35:17 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2014.10.19 19:35:17 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2014.10.19 19:35:17 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2014.10.19 19:35:17 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2014.10.19 19:35:16 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2014.10.19 19:35:04 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2014.10.19 19:35:04 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2014.10.19 19:34:54 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2014.10.19 19:34:45 | 000,056,320 | ---- | C] (Společnost Microsoft) -- C:\WINDOWS\System32\dot3msm.dll
[2014.10.19 19:34:45 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2014.10.19 19:34:35 | 000,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2014.10.19 19:34:24 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2014.10.19 19:34:06 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2014.10.19 19:33:57 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2014.10.19 19:33:38 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2014.10.19 19:33:36 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2014.10.19 19:33:31 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2014.10.19 19:33:31 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2014.10.19 19:33:30 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2014.10.19 19:33:30 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2014.10.19 19:33:11 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2014.10.19 19:33:08 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2014.10.19 19:33:08 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2014.10.19 19:33:08 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2014.10.19 19:33:08 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2014.10.19 19:33:07 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2014.10.19 19:32:57 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2014.10.19 19:32:56 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2014.10.19 19:32:55 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2014.10.19 19:32:55 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2014.10.19 19:32:46 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2014.10.19 19:32:45 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2014.10.19 19:32:42 | 004,274,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2014.10.19 19:32:30 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2014.10.19 19:32:11 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2014.10.19 19:32:02 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2014.10.19 19:32:01 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2014.10.19 19:32:00 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2014.10.19 19:32:00 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2014.10.19 19:32:00 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2014.10.19 19:31:59 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2014.10.19 19:31:59 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2014.10.19 19:31:59 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2014.10.19 19:31:57 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2014.10.19 19:31:57 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2014.10.19 19:31:45 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2014.10.19 19:31:41 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2014.10.19 19:31:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2014.10.19 19:31:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cs
[2014.10.19 19:31:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2014.10.19 19:11:55 | 000,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2014.10.19 19:11:55 | 000,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2014.10.19 19:11:55 | 000,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2014.10.19 19:11:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2014.10.19 19:11:54 | 000,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2014.10.19 19:11:54 | 000,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2014.10.19 19:11:54 | 000,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2014.10.19 19:11:54 | 000,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2014.10.19 19:11:53 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2014.10.19 19:11:52 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2014.10.19 19:11:52 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2014.10.19 19:11:52 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2014.10.19 19:11:52 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2014.10.19 19:11:52 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2014.10.19 19:11:52 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2014.10.19 19:11:52 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2014.10.19 19:11:52 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2014.10.19 19:11:52 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2014.10.19 19:11:51 | 000,326,912 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2014.10.19 19:11:51 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2014.10.19 19:11:51 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2014.10.19 19:11:51 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2014.10.19 19:11:51 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2014.10.19 19:11:51 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2014.10.19 19:11:51 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2014.10.19 19:11:50 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2014.10.19 19:11:50 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2014.10.19 19:11:50 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2014.10.19 19:11:50 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2014.10.19 19:11:50 | 000,021,183 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2014.10.19 19:11:50 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2014.10.19 19:11:50 | 000,011,359 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2014.10.19 19:11:49 | 000,017,279 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2014.10.19 19:11:49 | 000,014,143 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2014.10.19 19:11:47 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2014.10.19 19:11:47 | 000,015,423 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2014.10.19 19:11:44 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2014.10.19 19:11:44 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2014.10.19 19:11:43 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2014.10.19 19:11:43 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2014.10.19 19:11:43 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2014.10.19 19:11:42 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2014.10.19 19:11:42 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2014.10.19 19:11:42 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2014.10.19 19:11:41 | 000,003,901 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2014.10.19 19:11:40 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2014.10.19 19:11:40 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2014.10.19 19:11:40 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2014.10.19 19:11:40 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2014.10.19 19:11:40 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2014.10.19 19:11:38 | 000,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2014.10.19 19:11:37 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2014.10.19 19:11:37 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2014.10.19 19:11:37 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2014.10.19 19:11:37 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2014.10.19 19:11:37 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2014.10.19 19:11:37 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2014.10.19 19:00:06 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2014.10.19 18:45:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zakaznik\Plocha\zaloha
[2014.10.19 10:41:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zakaznik\Plocha\firefox stažené
[2014.10.18 10:54:10 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\zakaznik\Recent
[90 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[405 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[4 C:\Documents and Settings\zakaznik\Plocha\*.tmp files -> C:\Documents and Settings\zakaznik\Plocha\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
-
casablancass
- Návštěvník
- Příspěvky: 51
- Registrován: 04 črc 2012 15:06
Re: prosím o kontrolu
[2014.10.24 06:05:11 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.10.24 05:50:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.10.21 11:34:34 | 000,000,790 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2014.10.20 11:02:14 | 000,477,954 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014.10.20 11:02:14 | 000,473,684 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2014.10.20 11:02:14 | 000,090,052 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2014.10.20 11:02:14 | 000,077,556 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014.10.19 21:02:55 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014.10.19 21:02:16 | 000,397,552 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014.10.19 20:56:49 | 000,002,711 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2014.10.19 19:10:36 | 000,250,576 | RHS- | M] () -- C:\ntldr
[2014.10.19 12:28:25 | 000,000,079 | ---- | M] () -- C:\WINDOWS\WININIT.INI
[2014.10.18 14:49:33 | 000,449,910 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2014.10.18 10:56:52 | 000,273,258 | ---- | M] () -- C:\Documents and Settings\zakaznik\Plocha\záloha registrů 18.10.2014.reg
[90 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[405 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[4 C:\Documents and Settings\zakaznik\Plocha\*.tmp files -> C:\Documents and Settings\zakaznik\Plocha\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014.10.24 06:05:11 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.10.21 11:34:34 | 000,000,790 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2014.10.19 19:11:50 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2014.10.19 19:11:47 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2014.10.19 19:11:43 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2014.10.19 19:05:57 | 000,002,711 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2014.10.18 10:56:46 | 000,273,258 | ---- | C] () -- C:\Documents and Settings\zakaznik\Plocha\záloha registrů 18.10.2014.reg
[2013.04.06 12:01:24 | 000,178,688 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2013.01.03 12:31:15 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\DriverCoInstaller.dll
[2013.01.03 12:30:51 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\rockusbCoInstaller.dll
[2012.05.22 17:51:03 | 000,000,158 | ---- | C] () -- C:\Documents and Settings\zakaznik\Data aplikací\FotoSketcher.ini
[2012.02.05 01:28:54 | 000,338,150 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-2052111302-2077806209-1801674531-1003-0.dat
[2011.12.30 02:14:36 | 000,338,150 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
[2011.10.21 19:25:33 | 001,099,488 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2010.09.29 16:50:02 | 000,008,307 | ---- | C] () -- C:\Documents and Settings\zakaznik\gsview32.ini
[2009.06.12 15:38:47 | 000,065,536 | ---- | C] () -- C:\Documents and Settings\zakaznik\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.06.01 19:40:01 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\zakaznik\Data aplikací\setup_ldm.iss
========== ZeroAccess Check ==========
[2009.06.01 20:25:40 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 08:51:56 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 08:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2009.11.10 22:16:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk
[2014.04.18 21:54:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG
[2012.02.26 13:47:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Cached Installations
[2014.04.18 21:50:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2009.10.21 10:48:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2009.06.01 19:12:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2014.10.19 22:02:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2011.10.13 09:51:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MGS
[2012.11.03 11:05:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Samsung
[2011.02.09 16:12:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SysMon
[2013.01.27 22:06:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2010.09.16 18:34:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\tmp
[2014.04.18 21:50:18 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
[2013.01.03 12:29:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{F0489EF2-D393-4114-85BA-A94D71D89543}
[2014.04.19 06:40:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\AVG
[2011.01.01 02:57:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Ace Explorer
[2010.03.29 16:22:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Autodesk
[2014.04.18 21:53:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\AVG
[2010.12.26 10:50:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\BSplayer Pro
[2012.07.02 12:58:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\DAEMON Tools Lite
[2012.07.02 12:58:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\DAEMON Tools Pro
[2010.09.10 16:12:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\DeepBurner
[2009.06.01 19:13:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\ESET
[2014.08.03 09:29:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\ICQ
[2011.09.03 14:11:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Jpeg Resampler
[2011.10.09 23:24:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Leadertech
[2012.08.16 17:42:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Microgaming
[2012.07.23 10:38:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Opera
[2013.01.03 12:34:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Philips
[2013.01.03 12:31:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Philips-Songbird
[2013.07.03 18:51:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\PhotoFiltre 7
[2011.01.21 16:56:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\PLT Scheme
[2012.10.28 18:51:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\PPStream
[2010.10.24 17:27:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Racket
[2011.12.28 21:53:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Samsung
[2009.07.07 11:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\shrink_pic
[2010.09.29 15:56:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\SmartDraw
[2012.11.03 12:20:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\URSoft
[2014.10.18 10:55:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\uTorrent
[2011.09.03 13:59:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\XnView
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.06.01 17:54:11 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2009.06.01 18:00:09 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
< >
< MD5 for: AGP440.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\erdnt\cache\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 16:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\cmdcons\autochk.exe
[2004.08.17 16:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 23:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.17 16:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2004.08.17 16:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\erdnt\cache\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 16:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2004.08.17 16:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\erdnt\cache\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\explorer.exe
[2004.08.17 16:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004.08.17 16:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\erdnt\cache\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 00:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\hal.dll
[2004.08.03 23:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.14 00:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\changer.sys
< MD5 for: ISAPNP.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.25 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.17 16:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2004.08.17 16:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\erdnt\cache\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
[2004.08.04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\erdnt\cache\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004.08.17 16:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2004.08.17 16:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\erdnt\cache\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 16:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2004.08.17 16:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\erdnt\cache\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.17 16:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 16:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2004.08.17 16:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\erdnt\cache\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\erdnt\cache\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.04 00:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 16:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2004.08.17 16:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\erdnt\cache\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 16:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2004.08.17 16:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.17 16:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2004.08.17 16:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\erdnt\cache\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\$hf_mig$\KB974455-IE7\SP3QFE\*.tmp files -> C:\WINDOWS\$hf_mig$\KB974455-IE7\SP3QFE\*.tmp -> ]
[9 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\WINDOWS\Help\*.tmp files -> C:\WINDOWS\Help\*.tmp -> ]
[1 C:\WINDOWS\inf\*.tmp files -> C:\WINDOWS\inf\*.tmp -> ]
[90 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[405 C:\WINDOWS\system32\dllcache\*.tmp files -> C:\WINDOWS\system32\dllcache\*.tmp -> ]
[8 C:\WINDOWS\temp\*.tmp files -> C:\WINDOWS\temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.01.01 02:57:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Ace Explorer
[2011.12.26 17:04:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Adobe
[2009.06.01 21:04:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\ATI
[2010.03.29 16:22:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Autodesk
[2014.04.18 21:53:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\AVG
[2010.12.26 10:50:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\BSplayer Pro
[2014.06.01 13:37:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\CameraWindowDC
[2010.02.01 15:21:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\CANON INC
[2010.11.08 19:00:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\codeblocks
[2012.07.02 12:58:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\DAEMON Tools Lite
[2012.07.02 12:58:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\DAEMON Tools Pro
[2010.09.10 16:12:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\DeepBurner
[2009.06.01 19:13:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\ESET
[2014.04.18 21:50:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\GRETECH
[2014.08.03 09:29:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\ICQ
[2009.06.01 18:01:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Identities
[2009.06.01 19:34:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\InstallShield
[2011.09.03 14:11:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Jpeg Resampler
[2011.10.09 23:24:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Leadertech
[2009.06.01 19:39:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Logitech
[2009.06.01 18:12:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Macromedia
[2014.10.21 06:21:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Malwarebytes
[2012.08.16 17:42:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Microgaming
[2011.12.26 17:04:49 | 000,000,000 | --SD | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Microsoft
[2009.06.01 18:07:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Mozilla
[2011.01.01 03:24:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Mozilla-Cache
[2012.07.23 10:38:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Opera
[2013.01.03 12:34:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Philips
[2013.01.03 12:31:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Philips-Songbird
[2013.07.03 18:51:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\PhotoFiltre 7
[2011.01.21 16:56:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\PLT Scheme
[2012.10.28 18:51:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\PPStream
[2010.10.24 17:27:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Racket
[2011.12.28 21:53:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Samsung
[2011.10.09 23:25:11 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\SecuROM
[2009.07.07 11:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\shrink_pic
[2014.09.14 21:16:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Skype
[2011.07.15 21:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\SkypePM
[2010.09.29 15:56:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\SmartDraw
[2012.11.03 12:20:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\URSoft
[2014.10.18 10:55:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\uTorrent
[2009.06.01 18:15:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\WinRAR
[2011.09.03 13:59:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\XnView
[2013.03.07 21:42:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\ZoomBrowser EX
< %APPDATA%\*.exe /s >
[2009.10.17 13:25:04 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\zakaznik\Data aplikací\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2011.06.24 16:54:50 | 000,358,800 | ---- | M] (ml) -- C:\Documents and Settings\zakaznik\Data aplikací\Samsung\Kies\UpdateTemp\temp\Kies.Update.exe
[2011.06.24 16:54:50 | 000,358,800 | ---- | M] (ml) -- C:\Documents and Settings\zakaznik\Data aplikací\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe
[2014.10.11 19:20:52 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Documents and Settings\zakaznik\Data aplikací\uTorrent\uTorrent.exe
[2013.12.24 10:18:16 | 001,142,864 | ---- | M] (BitTorrent Inc.) -- C:\Documents and Settings\zakaznik\Data aplikací\uTorrent\updates\3.3.2_30416.exe
[2014.09.30 12:35:00 | 001,419,856 | ---- | M] (BitTorrent Inc.) -- C:\Documents and Settings\zakaznik\Data aplikací\uTorrent\updates\3.4.2_34024.exe
[2014.10.11 19:20:52 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Documents and Settings\zakaznik\Data aplikací\uTorrent\updates\3.4.2_34309.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[90 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.10.21 10:44:44 | 000,721,904 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2009.06.01 19:45:20 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009.06.01 19:45:20 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009.06.01 19:45:20 | 000,491,520 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[90 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[90 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun -- [2009.04.23 15:51:38 | 000,691,656 | ---- | M] (DT Soft Ltd)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.10.24 06:05:11 | 000,000,512 | ---- | M] () MD5=216AB1C6BFA2C6D0DC7B477B5A4DCE65 -- C:\PhysicalMBR.bin
[1 C:\*.tmp files -> C:\*.tmp -> ]
< >
< *crack* /s >
[2001.08.15 04:01:08 | 000,030,054 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Application Data\Autodesk\Inventor 2010\Textures\surfaces\Cracks.bmp
[2001.08.14 19:01:08 | 000,030,054 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\support\InventorView\Application Data\Autodesk\Inventor 2010\Textures\surfaces\Cracks.bmp
[2011.03.19 12:56:24 | 000,001,458 | ---- | M] () -- \Documents and Settings\zakaznik\Data aplikací\uTorrent\Actual Spy 3.0 Incl Crack [vokeon].torrent
[2009.11.15 18:02:58 | 000,018,354 | ---- | M] () -- \Documents and Settings\zakaznik\Data aplikací\uTorrent\Age Of Empires 3 full DVD +crack + serial{ABDULITO}.torrent
[2011.10.11 10:06:11 | 000,002,121 | ---- | M] () -- \Documents and Settings\zakaznik\Data aplikací\uTorrent\FIFA.11-RELOADED-Crack.Only.torrent
[2009.11.16 20:41:22 | 000,025,132 | ---- | M] () -- \Documents and Settings\zakaznik\Data aplikací\uTorrent\Heroes.of.Might.and.Magic.V WITH NoDVD Crack.torrent
[2008.02.29 14:04:42 | 000,035,562 | ---- | M] () -- \Documents and Settings\zakaznik\Plocha\Person\Gip Gop\Fat_Joe-The_Crack_Era-2008-C4\00-fat_joe-the_crack_era-2008.jpg
[2008.02.29 18:55:48 | 000,000,620 | ---- | M] () -- \Documents and Settings\zakaznik\Plocha\Person\Gip Gop\Fat_Joe-The_Crack_Era-2008-C4\00-fat_joe-the_crack_era-2008.m3u
[2008.02.29 18:55:48 | 000,006,524 | ---- | M] () -- \Documents and Settings\zakaznik\Plocha\Person\Gip Gop\Fat_Joe-The_Crack_Era-2008-C4\00-fat_joe-the_crack_era-2008.nfo
[2008.02.29 18:55:48 | 000,000,780 | ---- | M] () -- \Documents and Settings\zakaznik\Plocha\Person\Gip Gop\Fat_Joe-The_Crack_Era-2008-C4\00-fat_joe-the_crack_era-2008.sfv
[2001.08.15 04:01:08 | 000,030,054 | ---- | M] () -- \Program Files\Autodesk\Inventor 2010\Textures\surfaces\Cracks.bmp
< *keygen* /s >
[2012.07.07 15:23:58 | 000,059,392 | ---- | M] () -- \Documents and Settings\zakaznik\Dokumenty\Downloads\Wondershare.Photo.Recovery.v3.0.3.Incl.Keymaker-CORE\keygen.exe
< *AntiWPA* /s >
< *loader* /s >
[1 \*.tmp files -> \*.tmp -> ]
[2009.02.11 20:25:38 | 000,028,008 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\acadm\Program Files\Autodesk\Root\AecLoader.arx
[2009.02.13 10:11:26 | 004,777,728 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\client\Program Files\Autodesk\Vault 2010\Explorer\Autoloader.exe
[2009.02.13 04:39:04 | 000,001,278 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\client\Program Files\Autodesk\Vault 2010\Explorer\Autoloader.exe.config
[2009.02.13 04:39:06 | 000,002,821 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\client\Program Files\Autodesk\Vault 2010\Explorer\Autoloader Templates\Autoloader_ArchiveReport.xsl
[2009.02.13 04:39:06 | 000,005,749 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\client\Program Files\Autodesk\Vault 2010\Explorer\Autoloader Templates\Autoloader_ScanReport.xsl
[2009.02.13 04:39:06 | 000,009,657 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\client\Program Files\Autodesk\Vault 2010\Explorer\Autoloader Templates\Autoloader_UploadReport.xsl
[2009.02.13 04:43:04 | 000,003,216 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\client\Program Files\Autodesk\Vault 2010\Samples\Autoloader\Inventor 2010\Padlock\Autoloader.ipj
[2009.02.12 20:42:58 | 000,083,128 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\cs-CZ\client\Program Files\Autodesk\Vault 2010\Explorer\Autoloader_2010.chm
[2009.04.14 22:10:46 | 004,272,128 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\cs-CZ\client\Program Files\Autodesk\Vault 2010\Explorer\cs\Autoloader.resources.dll
[2007.10.25 05:08:24 | 000,007,902 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Application Data\Autodesk\Inventor 2010\Samples\Models\Translation\pro_engineer\granite\assemblies\front loader\frontloader.g
[2009.02.09 19:31:18 | 000,025,752 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\support\DWGViewer\Program Files\DWG TrueView 2010\AecLoader.arx
[2009.10.17 14:06:03 | 000,000,932 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\Autodesk\Autodesk Data Management\Nástroje\Autodesk Autoloader 2010 for Vault.lnk
[2009.10.17 14:06:03 | 000,001,132 | ---- | M] () -- \Documents and Settings\zakaznik\Dokumenty\Inventor\Autoloader.ipj.lnk
[2008.12.17 23:43:44 | 000,001,250 | ---- | M] () -- \Documents and Settings\zakaznik\Plocha\Person\FlashDisk\jeste\jeste\[FAT16]\Inventor\Autoloader.ipj.lnk
[2008.12.17 08:12:34 | 000,001,250 | ---- | M] () -- \Documents and Settings\zakaznik\Plocha\Person\FlashDisk\SLOŽKA\Recovered FAT Partition 1\[00000473]\Inventor\Autoloader.ipj.lnk
[2009.02.11 20:25:38 | 000,028,008 | ---- | M] () -- \Program Files\Autodesk\ACADM 2010\AecLoader.arx
[2007.10.25 05:08:24 | 000,007,902 | ---- | M] () -- \Program Files\Autodesk\Inventor 2010\Samples\Models\Translation\pro_engineer\granite\assemblies\front loader\frontloader.g
[2009.02.13 10:11:26 | 004,777,728 | ---- | M] () -- \Program Files\Autodesk\Vault 2010\Explorer\Autoloader.exe
[2009.02.13 04:39:04 | 000,001,278 | ---- | M] () -- \Program Files\Autodesk\Vault 2010\Explorer\Autoloader.exe.config
[2009.02.12 20:42:58 | 000,083,128 | ---- | M] () -- \Program Files\Autodesk\Vault 2010\Explorer\Autoloader_2010.chm
[2009.02.13 04:39:06 | 000,002,821 | ---- | M] () -- \Program Files\Autodesk\Vault 2010\Explorer\Autoloader Templates\Autoloader_ArchiveReport.xsl
[2009.02.13 04:39:06 | 000,005,749 | ---- | M] () -- \Program Files\Autodesk\Vault 2010\Explorer\Autoloader Templates\Autoloader_ScanReport.xsl
[2009.02.13 04:39:06 | 000,009,657 | ---- | M] () -- \Program Files\Autodesk\Vault 2010\Explorer\Autoloader Templates\Autoloader_UploadReport.xsl
[2009.04.14 22:10:46 | 004,272,128 | ---- | M] () -- \Program Files\Autodesk\Vault 2010\Explorer\cs\Autoloader.resources.dll
[2009.02.13 04:43:04 | 000,003,216 | ---- | M] () -- \Program Files\Autodesk\Vault 2010\Samples\Autoloader\Inventor 2010\Padlock\Autoloader.ipj
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2009.02.09 19:31:18 | 000,025,752 | ---- | M] () -- \Program Files\DWG TrueView 2010\AecLoader.arx
[2013.04.18 15:44:32 | 000,048,315 | ---- | M] () -- \Program Files\Full Tilt Poker\Graphics\Cashier\WebDialog\cashier_loader.mng
[2013.04.18 15:44:32 | 000,015,895 | ---- | M] () -- \Program Files\Full Tilt Poker\Graphics\Lobby\Backgrounds\LoaderChip.gif
[2014.07.12 21:31:28 | 000,024,022 | ---- | M] () -- \Program Files\Full Tilt Poker\xc\remotegame\preloader.swf
[2010.11.03 20:43:05 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2010.11.03 20:43:05 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\loader.swf
[2010.11.03 20:43:05 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2010.11.03 20:43:05 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.03.13 22:14:11 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.2\Xtraz\icq\content\icq_profile\preloader.html
[2011.01.18 15:57:39 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.2\Xtraz\icq\content\profile_forms\preloader.html
[2011.01.18 15:57:40 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.2\Xtraz\icq\content\profile_lightboxs\preloader.html
[2012.12.20 19:59:25 | 000,003,830 | ---- | M] () -- \Program Files\ICQ7.2\Xtraz\icq\content\slide-a-lama\preloader02.swf
[2008.06.20 19:13:32 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2004.08.17 16:49:06 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2009.06.05 16:50:05 | 000,082,784 | ---- | M] () -- \WINDOWS\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2008.04.14 08:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.14 00:01:48 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.14 00:01:50 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 05:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\dmloader.dll
[2008.04.13 20:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\osloader.exe
[2008.04.13 20:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\osloader.ntd
[2008.04.14 08:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[90 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
< *minodlogin* /s >
< *tnod* /s >
[2009.02.17 12:36:48 | 000,021,796 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\acadm\Program Files\Autodesk\Root\Acadm\gef\Gdb\SYS\Spring\EXTNTNOD.gpl
[2009.02.17 12:36:48 | 000,021,796 | ---- | M] () -- \Documents and Settings\All Users\Dokumenty\Autodesk\ACADM 2010\Acadm\Gef\Gdb\SYS\Spring\EXTNTNOD.gpl
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2009.02.15 17:42:44 | 000,013,824 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\acadm\Program Files\Autodesk\Root\Acadm\IC Support\Bin\LegacyDataTools.XmlSerializers.dll
[2009.02.11 20:35:47 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\acadm\Program Files\Autodesk\Root\Common Files Folder\Autodesk Shared\AdLM\R1\cs-CZ\Webdepot\RTSerialNumberHelp.html
[2009.02.11 20:35:23 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\acadm\Program Files\Autodesk\Root\Common Files Folder\Autodesk Shared\AdLM\R1\de-DE\Webdepot\RTSerialNumberHelp.html
[2009.02.11 20:35:02 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\acadm\Program Files\Autodesk\Root\Common Files Folder\Autodesk Shared\AdLM\R1\en-US\Webdepot\RTSerialNumberHelp.html
[2009.02.11 20:34:35 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\acadm\Program Files\Autodesk\Root\Common Files Folder\Autodesk Shared\AdLM\R1\es-ES\Webdepot\RTSerialNumberHelp.html
[2009.02.11 20:34:13 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\acadm\Program Files\Autodesk\Root\Common Files Folder\Autodesk Shared\AdLM\R1\fr-FR\Webdepot\RTSerialNumberHelp.html
[2009.02.11 20:33:55 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\acadm\Program Files\Autodesk\Root\Common Files Folder\Autodesk Shared\AdLM\R1\hu-HU\Webdepot\RTSerialNumberHelp.html
[2009.02.11 20:33:35 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\acadm\Program Files\Autodesk\Root\Common Files Folder\Autodesk Shared\AdLM\R1\it-IT\Webdepot\RTSerialNumberHelp.html
[2009.02.11 20:33:17 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\acadm\Program Files\Autodesk\Root\Common Files Folder\Autodesk Shared\AdLM\R1\ja-JP\Webdepot\RTSerialNumberHelp.html
[2009.02.11 20:32:54 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\acadm\Program Files\Autodesk\Root\Common Files Folder\Autodesk Shared\AdLM\R1\ko-KR\Webdepot\RTSerialNumberHelp.html
[2009.02.11 20:32:34 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\acadm\Program Files\Autodesk\Root\Common Files Folder\Autodesk Shared\AdLM\R1\pl-PL\Webdepot\RTSerialNumberHelp.html
[2009.02.11 20:32:12 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\acadm\Program Files\Autodesk\Root\Common Files Folder\Autodesk Shared\AdLM\R1\pt-BR\Webdepot\RTSerialNumberHelp.html
[2009.02.11 20:31:38 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\acadm\Program Files\Autodesk\Root\Common Files Folder\Autodesk Shared\AdLM\R1\ru-RU\Webdepot\RTSerialNumberHelp.html
[2009.02.11 20:30:38 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\acadm\Program Files\Autodesk\Root\Common Files Folder\Autodesk Shared\AdLM\R1\zh-CN\Webdepot\RTSerialNumberHelp.html
[2009.02.11 20:29:40 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\acadm\Program Files\Autodesk\Root\Common Files Folder\Autodesk Shared\AdLM\R1\zh-TW\Webdepot\RTSerialNumberHelp.html
[2008.05.28 00:34:06 | 000,000,020 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\cs-CZ\inventor\Program Files\Autodesk\Inventor 2010\Bin\cs\Connectivity.Content.PackageSchemas.XmlSerializers.resources.dll
[2008.05.28 00:34:06 | 000,000,020 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\cs-CZ\inventor\Program Files\Autodesk\Inventor 2010\Bin\cs\Connectivity.Content.XmlSerializers.resources.dll
[2008.05.28 00:34:06 | 000,000,020 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\cs-CZ\inventor\Program Files\Autodesk\Inventor 2010\Bin\cs\Connectivity.Platform.XmlSerializers.resources.dll
[2008.07.31 22:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Application Data\Common Files Folder\Autodesk Shared\AdLM\R1\cs-CZ\Webdepot\RTSerialNumberHelp.html
[2008.07.31 22:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Application Data\Common Files Folder\Autodesk Shared\AdLM\R1\de-DE\Webdepot\RTSerialNumberHelp.html
[2008.05.08 23:44:18 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Application Data\Common Files Folder\Autodesk Shared\AdLM\R1\en-US\Webdepot\RTSerialNumberHelp.html
[2008.07.31 22:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Application Data\Common Files Folder\Autodesk Shared\AdLM\R1\es-ES\Webdepot\RTSerialNumberHelp.html
[2008.08.06 15:52:56 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Application Data\Common Files Folder\Autodesk Shared\AdLM\R1\fr-FR\Webdepot\RTSerialNumberHelp.html
[2008.07.31 22:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Application Data\Common Files Folder\Autodesk Shared\AdLM\R1\hu-HU\Webdepot\RTSerialNumberHelp.html
[2008.07.31 22:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Application Data\Common Files Folder\Autodesk Shared\AdLM\R1\it-IT\Webdepot\RTSerialNumberHelp.html
[2008.05.08 23:44:18 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Application Data\Common Files Folder\Autodesk Shared\AdLM\R1\ja-JP\Webdepot\RTSerialNumberHelp.html
[2008.07.31 22:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Application Data\Common Files Folder\Autodesk Shared\AdLM\R1\ko-KR\Webdepot\RTSerialNumberHelp.html
[2008.07.31 22:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Application Data\Common Files Folder\Autodesk Shared\AdLM\R1\pl-PL\Webdepot\RTSerialNumberHelp.html
[2008.07.31 22:11:46 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Application Data\Common Files Folder\Autodesk Shared\AdLM\R1\pt-BR\Webdepot\RTSerialNumberHelp.html
[2008.07.31 22:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Application Data\Common Files Folder\Autodesk Shared\AdLM\R1\ru-RU\Webdepot\RTSerialNumberHelp.html
[2008.07.31 22:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Application Data\Common Files Folder\Autodesk Shared\AdLM\R1\zh-CN\Webdepot\RTSerialNumberHelp.html
[2008.07.31 22:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Application Data\Common Files Folder\Autodesk Shared\AdLM\R1\zh-TW\Webdepot\RTSerialNumberHelp.html
[2009.02.16 01:42:32 | 000,032,768 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Program Files\Autodesk\Inventor 2010\Bin\Connectivity.Content.PackageSchemas.XmlSerializers.dll
[2009.02.16 01:42:40 | 000,114,688 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Program Files\Autodesk\Inventor 2010\Bin\Connectivity.Content.XmlSerializers.dll
[2009.02.16 01:42:38 | 000,010,240 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Program Files\Autodesk\Inventor 2010\Bin\Connectivity.Platform.XmlSerializers.dll
[2009.02.13 07:49:08 | 000,267,520 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Program Files\Autodesk\Inventor 2010\Bin\Connectivity.Proxies.Content.XmlSerializers.dll
[2009.02.13 07:49:12 | 000,083,200 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Program Files\Autodesk\Inventor 2010\Bin\Connectivity.Proxies.KnowledgeLibrary.XmlSerializers.dll
[2008.08.01 08:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\support\NLA\cs-CZ\Module Retargetable Folder\cs-CZ\Webdepot\RTSerialNumberHelp.html
[2008.08.01 08:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\support\NLA\cs-CZ\Module Retargetable Folder\de-DE\Webdepot\RTSerialNumberHelp.html
[2008.05.09 09:44:18 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\support\NLA\cs-CZ\Module Retargetable Folder\en-US\Webdepot\RTSerialNumberHelp.html
[2008.08.01 08:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\support\NLA\cs-CZ\Module Retargetable Folder\es-ES\Webdepot\RTSerialNumberHelp.html
[2008.08.07 01:52:56 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\support\NLA\cs-CZ\Module Retargetable Folder\fr-FR\Webdepot\RTSerialNumberHelp.html
[2008.08.01 08:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\support\NLA\cs-CZ\Module Retargetable Folder\hu-HU\Webdepot\RTSerialNumberHelp.html
[2008.08.01 08:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\support\NLA\cs-CZ\Module Retargetable Folder\it-IT\Webdepot\RTSerialNumberHelp.html
[2008.05.09 09:44:18 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\support\NLA\cs-CZ\Module Retargetable Folder\ja-JP\Webdepot\RTSerialNumberHelp.html
[2008.08.01 08:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\support\NLA\cs-CZ\Module Retargetable Folder\ko-KR\Webdepot\RTSerialNumberHelp.html
[2008.08.01 08:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\support\NLA\cs-CZ\Module Retargetable Folder\pl-PL\Webdepot\RTSerialNumberHelp.html
[2008.08.01 08:11:46 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\support\NLA\cs-CZ\Module Retargetable Folder\pt-BR\Webdepot\RTSerialNumberHelp.html
[2008.08.01 08:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\support\NLA\cs-CZ\Module Retargetable Folder\ru-RU\Webdepot\RTSerialNumberHelp.html
[2008.08.01 08:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\support\NLA\cs-CZ\Module Retargetable Folder\zh-CN\Webdepot\RTSerialNumberHelp.html
[2008.08.01 08:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\support\NLA\cs-CZ\Module Retargetable Folder\zh-TW\Webdepot\RTSerialNumberHelp.html
[2004.08.17 15:44:16 | 000,030,301 | ---- | M] () -- \cmdcons\SERIAL.SY_
[2009.11.15 18:02:58 | 000,018,354 | ---- | M] () -- \Documents and Settings\zakaznik\Data aplikací\uTorrent\Age Of Empires 3 full DVD +crack + serial{ABDULITO}.torrent
[2009.02.15 17:42:44 | 000,013,824 | ---- | M] () -- \Program Files\Autodesk\ACADM 2010\Acadm\IC Support\Bin\LegacyDataTools.XmlSerializers.dll
[2009.02.16 01:42:32 | 000,032,768 | ---- | M] () -- \Program Files\Autodesk\Inventor 2010\bin\Connectivity.Content.PackageSchemas.XmlSerializers.dll
[2009.02.16 01:42:40 | 000,114,688 | ---- | M] () -- \Program Files\Autodesk\Inventor 2010\bin\Connectivity.Content.XmlSerializers.dll
[2009.02.16 01:42:38 | 000,010,240 | ---- | M] () -- \Program Files\Autodesk\Inventor 2010\bin\Connectivity.Platform.XmlSerializers.dll
[2009.02.13 07:49:08 | 000,267,520 | ---- | M] () -- \Program Files\Autodesk\Inventor 2010\bin\Connectivity.Proxies.Content.XmlSerializers.dll
[2009.02.13 07:49:12 | 000,083,200 | ---- | M] () -- \Program Files\Autodesk\Inventor 2010\bin\Connectivity.Proxies.KnowledgeLibrary.XmlSerializers.dll
[2008.05.28 00:34:06 | 000,000,020 | ---- | M] () -- \Program Files\Autodesk\Inventor 2010\bin\cs\Connectivity.Content.PackageSchemas.XmlSerializers.resources.dll
[2008.05.28 00:34:06 | 000,000,020 | ---- | M] () -- \Program Files\Autodesk\Inventor 2010\bin\cs\Connectivity.Content.XmlSerializers.resources.dll
[2008.05.28 00:34:06 | 000,000,020 | ---- | M] () -- \Program Files\Autodesk\Inventor 2010\bin\cs\Connectivity.Platform.XmlSerializers.resources.dll
[2008.07.31 22:11:44 | 000,002,502 | ---- | M] () -- \Program Files\Common Files\Autodesk Shared\AdLM\R1\cs-CZ\Webdepot\RTSerialNumberHelp.html
[2010.04.07 23:48:30 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[1998.11.14 14:28:20 | 000,038,912 | ---- | M] () -- \Program Files\Settlers 3 Gold Edition\_SERIAL.EXE
[2005.06.16 23:05:42 | 000,000,031 | ---- | M] () -- \Program Files\Settlers 3 Gold Edition\_Serial.txt
[2012.07.05 17:53:37 | 000,000,948 | ---- | M] () -- \Qoobox\Quarantine\Registry_backups\AddRemove-18_Zinia_Serial_Driver.reg.dat
[2004.08.17 16:44:16 | 000,064,640 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2009.06.01 20:34:52 | 000,011,776 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.10.18 20:48:53 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011.10.18 20:42:35 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2011.10.19 09:49:44 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\3231473e2ec4451c8f218930fda80d19\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.10.19 09:40:37 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\8b2710a63ecd363315ef16b257588b95\System.Runtime.Serialization.ni.dll
[2011.12.28 22:53:29 | 000,310,272 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\d0ff3383438d688a0118d0fa19ed1dc4\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.12.28 22:53:21 | 002,625,024 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\e9f8a45b1063d6c6a62718c88a5623d1\System.Runtime.Serialization.ni.dll
[2004.03.23 04:55:28 | 000,017,133 | R--- | M] () -- \WINDOWS\inf\SocketSerialBT.inf
[2009.09.08 15:44:04 | 000,013,972 | ---- | M] () -- \WINDOWS\inf\SocketSerialBT.PNF
[1 \WINDOWS\inf\*.tmp files -> \WINDOWS\inf\*.tmp -> ]
[2012.02.11 12:16:07 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.02.11 12:15:55 | 001,026,936 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2005.12.20 18:13:56 | 000,011,776 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.04.07 23:48:30 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 001,026,936 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2008.04.14 07:47:26 | 000,028,416 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.14 07:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2007.06.27 18:29:04 | 000,131,072 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\system.runtime.serialization.formatters.soap.dll
[2008.04.14 04:17:25 | 000,028,416 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\grserial.sys
[2008.04.14 04:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\serial.sys
[2007.06.27 14:59:02 | 000,131,072 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\system.runtime.serialization.formatters.soap.dll
[2001.10.25 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2001.10.25 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[90 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2001.10.25 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2001.10.25 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[405 \WINDOWS\system32\dllcache\*.tmp files -> \WINDOWS\system32\dllcache\*.tmp -> ]
[2008.04.14 07:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 185 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:0CE7F3C9
@Alternate Data Stream - 164 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:B3D74A13
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:2683706C
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:E2FFC7FB
< End of report >
[2014.10.24 05:50:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.10.21 11:34:34 | 000,000,790 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2014.10.20 11:02:14 | 000,477,954 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014.10.20 11:02:14 | 000,473,684 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2014.10.20 11:02:14 | 000,090,052 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2014.10.20 11:02:14 | 000,077,556 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014.10.19 21:02:55 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014.10.19 21:02:16 | 000,397,552 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014.10.19 20:56:49 | 000,002,711 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2014.10.19 19:10:36 | 000,250,576 | RHS- | M] () -- C:\ntldr
[2014.10.19 12:28:25 | 000,000,079 | ---- | M] () -- C:\WINDOWS\WININIT.INI
[2014.10.18 14:49:33 | 000,449,910 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2014.10.18 10:56:52 | 000,273,258 | ---- | M] () -- C:\Documents and Settings\zakaznik\Plocha\záloha registrů 18.10.2014.reg
[90 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[405 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[4 C:\Documents and Settings\zakaznik\Plocha\*.tmp files -> C:\Documents and Settings\zakaznik\Plocha\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014.10.24 06:05:11 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.10.21 11:34:34 | 000,000,790 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2014.10.19 19:11:50 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2014.10.19 19:11:47 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2014.10.19 19:11:43 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2014.10.19 19:05:57 | 000,002,711 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2014.10.18 10:56:46 | 000,273,258 | ---- | C] () -- C:\Documents and Settings\zakaznik\Plocha\záloha registrů 18.10.2014.reg
[2013.04.06 12:01:24 | 000,178,688 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2013.01.03 12:31:15 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\DriverCoInstaller.dll
[2013.01.03 12:30:51 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\rockusbCoInstaller.dll
[2012.05.22 17:51:03 | 000,000,158 | ---- | C] () -- C:\Documents and Settings\zakaznik\Data aplikací\FotoSketcher.ini
[2012.02.05 01:28:54 | 000,338,150 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-2052111302-2077806209-1801674531-1003-0.dat
[2011.12.30 02:14:36 | 000,338,150 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
[2011.10.21 19:25:33 | 001,099,488 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2010.09.29 16:50:02 | 000,008,307 | ---- | C] () -- C:\Documents and Settings\zakaznik\gsview32.ini
[2009.06.12 15:38:47 | 000,065,536 | ---- | C] () -- C:\Documents and Settings\zakaznik\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.06.01 19:40:01 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\zakaznik\Data aplikací\setup_ldm.iss
========== ZeroAccess Check ==========
[2009.06.01 20:25:40 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 08:51:56 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 08:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2009.11.10 22:16:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk
[2014.04.18 21:54:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG
[2012.02.26 13:47:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Cached Installations
[2014.04.18 21:50:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2009.10.21 10:48:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2009.06.01 19:12:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2014.10.19 22:02:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2011.10.13 09:51:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MGS
[2012.11.03 11:05:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Samsung
[2011.02.09 16:12:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SysMon
[2013.01.27 22:06:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2010.09.16 18:34:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\tmp
[2014.04.18 21:50:18 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
[2013.01.03 12:29:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{F0489EF2-D393-4114-85BA-A94D71D89543}
[2014.04.19 06:40:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\AVG
[2011.01.01 02:57:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Ace Explorer
[2010.03.29 16:22:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Autodesk
[2014.04.18 21:53:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\AVG
[2010.12.26 10:50:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\BSplayer Pro
[2012.07.02 12:58:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\DAEMON Tools Lite
[2012.07.02 12:58:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\DAEMON Tools Pro
[2010.09.10 16:12:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\DeepBurner
[2009.06.01 19:13:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\ESET
[2014.08.03 09:29:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\ICQ
[2011.09.03 14:11:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Jpeg Resampler
[2011.10.09 23:24:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Leadertech
[2012.08.16 17:42:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Microgaming
[2012.07.23 10:38:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Opera
[2013.01.03 12:34:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Philips
[2013.01.03 12:31:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Philips-Songbird
[2013.07.03 18:51:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\PhotoFiltre 7
[2011.01.21 16:56:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\PLT Scheme
[2012.10.28 18:51:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\PPStream
[2010.10.24 17:27:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Racket
[2011.12.28 21:53:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Samsung
[2009.07.07 11:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\shrink_pic
[2010.09.29 15:56:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\SmartDraw
[2012.11.03 12:20:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\URSoft
[2014.10.18 10:55:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\uTorrent
[2011.09.03 13:59:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\XnView
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.06.01 17:54:11 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2009.06.01 18:00:09 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
< >
< MD5 for: AGP440.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\erdnt\cache\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 16:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\cmdcons\autochk.exe
[2004.08.17 16:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 23:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.17 16:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2004.08.17 16:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\erdnt\cache\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 16:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2004.08.17 16:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\erdnt\cache\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\explorer.exe
[2004.08.17 16:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004.08.17 16:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\erdnt\cache\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 00:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\hal.dll
[2004.08.03 23:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.14 00:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\changer.sys
< MD5 for: ISAPNP.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.25 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.17 16:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2004.08.17 16:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\erdnt\cache\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
[2004.08.04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\erdnt\cache\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004.08.17 16:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2004.08.17 16:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\erdnt\cache\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 16:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2004.08.17 16:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\erdnt\cache\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.17 16:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 16:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2004.08.17 16:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\erdnt\cache\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\erdnt\cache\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.04 00:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 16:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2004.08.17 16:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\erdnt\cache\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 16:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2004.08.17 16:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.17 16:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2004.08.17 16:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\erdnt\cache\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\$hf_mig$\KB974455-IE7\SP3QFE\*.tmp files -> C:\WINDOWS\$hf_mig$\KB974455-IE7\SP3QFE\*.tmp -> ]
[9 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\WINDOWS\Help\*.tmp files -> C:\WINDOWS\Help\*.tmp -> ]
[1 C:\WINDOWS\inf\*.tmp files -> C:\WINDOWS\inf\*.tmp -> ]
[90 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[405 C:\WINDOWS\system32\dllcache\*.tmp files -> C:\WINDOWS\system32\dllcache\*.tmp -> ]
[8 C:\WINDOWS\temp\*.tmp files -> C:\WINDOWS\temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.01.01 02:57:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Ace Explorer
[2011.12.26 17:04:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Adobe
[2009.06.01 21:04:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\ATI
[2010.03.29 16:22:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Autodesk
[2014.04.18 21:53:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\AVG
[2010.12.26 10:50:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\BSplayer Pro
[2014.06.01 13:37:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\CameraWindowDC
[2010.02.01 15:21:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\CANON INC
[2010.11.08 19:00:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\codeblocks
[2012.07.02 12:58:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\DAEMON Tools Lite
[2012.07.02 12:58:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\DAEMON Tools Pro
[2010.09.10 16:12:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\DeepBurner
[2009.06.01 19:13:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\ESET
[2014.04.18 21:50:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\GRETECH
[2014.08.03 09:29:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\ICQ
[2009.06.01 18:01:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Identities
[2009.06.01 19:34:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\InstallShield
[2011.09.03 14:11:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Jpeg Resampler
[2011.10.09 23:24:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Leadertech
[2009.06.01 19:39:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Logitech
[2009.06.01 18:12:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Macromedia
[2014.10.21 06:21:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Malwarebytes
[2012.08.16 17:42:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Microgaming
[2011.12.26 17:04:49 | 000,000,000 | --SD | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Microsoft
[2009.06.01 18:07:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Mozilla
[2011.01.01 03:24:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Mozilla-Cache
[2012.07.23 10:38:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Opera
[2013.01.03 12:34:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Philips
[2013.01.03 12:31:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Philips-Songbird
[2013.07.03 18:51:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\PhotoFiltre 7
[2011.01.21 16:56:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\PLT Scheme
[2012.10.28 18:51:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\PPStream
[2010.10.24 17:27:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Racket
[2011.12.28 21:53:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Samsung
[2011.10.09 23:25:11 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\SecuROM
[2009.07.07 11:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\shrink_pic
[2014.09.14 21:16:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\Skype
[2011.07.15 21:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\SkypePM
[2010.09.29 15:56:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\SmartDraw
[2012.11.03 12:20:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\URSoft
[2014.10.18 10:55:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\uTorrent
[2009.06.01 18:15:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\WinRAR
[2011.09.03 13:59:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\XnView
[2013.03.07 21:42:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\ZoomBrowser EX
< %APPDATA%\*.exe /s >
[2009.10.17 13:25:04 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\zakaznik\Data aplikací\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2011.06.24 16:54:50 | 000,358,800 | ---- | M] (ml) -- C:\Documents and Settings\zakaznik\Data aplikací\Samsung\Kies\UpdateTemp\temp\Kies.Update.exe
[2011.06.24 16:54:50 | 000,358,800 | ---- | M] (ml) -- C:\Documents and Settings\zakaznik\Data aplikací\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe
[2014.10.11 19:20:52 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Documents and Settings\zakaznik\Data aplikací\uTorrent\uTorrent.exe
[2013.12.24 10:18:16 | 001,142,864 | ---- | M] (BitTorrent Inc.) -- C:\Documents and Settings\zakaznik\Data aplikací\uTorrent\updates\3.3.2_30416.exe
[2014.09.30 12:35:00 | 001,419,856 | ---- | M] (BitTorrent Inc.) -- C:\Documents and Settings\zakaznik\Data aplikací\uTorrent\updates\3.4.2_34024.exe
[2014.10.11 19:20:52 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Documents and Settings\zakaznik\Data aplikací\uTorrent\updates\3.4.2_34309.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[90 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.10.21 10:44:44 | 000,721,904 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2009.06.01 19:45:20 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009.06.01 19:45:20 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009.06.01 19:45:20 | 000,491,520 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[90 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[90 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun -- [2009.04.23 15:51:38 | 000,691,656 | ---- | M] (DT Soft Ltd)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.10.24 06:05:11 | 000,000,512 | ---- | M] () MD5=216AB1C6BFA2C6D0DC7B477B5A4DCE65 -- C:\PhysicalMBR.bin
[1 C:\*.tmp files -> C:\*.tmp -> ]
< >
< *crack* /s >
[2001.08.15 04:01:08 | 000,030,054 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Application Data\Autodesk\Inventor 2010\Textures\surfaces\Cracks.bmp
[2001.08.14 19:01:08 | 000,030,054 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\support\InventorView\Application Data\Autodesk\Inventor 2010\Textures\surfaces\Cracks.bmp
[2011.03.19 12:56:24 | 000,001,458 | ---- | M] () -- \Documents and Settings\zakaznik\Data aplikací\uTorrent\Actual Spy 3.0 Incl Crack [vokeon].torrent
[2009.11.15 18:02:58 | 000,018,354 | ---- | M] () -- \Documents and Settings\zakaznik\Data aplikací\uTorrent\Age Of Empires 3 full DVD +crack + serial{ABDULITO}.torrent
[2011.10.11 10:06:11 | 000,002,121 | ---- | M] () -- \Documents and Settings\zakaznik\Data aplikací\uTorrent\FIFA.11-RELOADED-Crack.Only.torrent
[2009.11.16 20:41:22 | 000,025,132 | ---- | M] () -- \Documents and Settings\zakaznik\Data aplikací\uTorrent\Heroes.of.Might.and.Magic.V WITH NoDVD Crack.torrent
[2008.02.29 14:04:42 | 000,035,562 | ---- | M] () -- \Documents and Settings\zakaznik\Plocha\Person\Gip Gop\Fat_Joe-The_Crack_Era-2008-C4\00-fat_joe-the_crack_era-2008.jpg
[2008.02.29 18:55:48 | 000,000,620 | ---- | M] () -- \Documents and Settings\zakaznik\Plocha\Person\Gip Gop\Fat_Joe-The_Crack_Era-2008-C4\00-fat_joe-the_crack_era-2008.m3u
[2008.02.29 18:55:48 | 000,006,524 | ---- | M] () -- \Documents and Settings\zakaznik\Plocha\Person\Gip Gop\Fat_Joe-The_Crack_Era-2008-C4\00-fat_joe-the_crack_era-2008.nfo
[2008.02.29 18:55:48 | 000,000,780 | ---- | M] () -- \Documents and Settings\zakaznik\Plocha\Person\Gip Gop\Fat_Joe-The_Crack_Era-2008-C4\00-fat_joe-the_crack_era-2008.sfv
[2001.08.15 04:01:08 | 000,030,054 | ---- | M] () -- \Program Files\Autodesk\Inventor 2010\Textures\surfaces\Cracks.bmp
< *keygen* /s >
[2012.07.07 15:23:58 | 000,059,392 | ---- | M] () -- \Documents and Settings\zakaznik\Dokumenty\Downloads\Wondershare.Photo.Recovery.v3.0.3.Incl.Keymaker-CORE\keygen.exe
< *AntiWPA* /s >
< *loader* /s >
[1 \*.tmp files -> \*.tmp -> ]
[2009.02.11 20:25:38 | 000,028,008 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\acadm\Program Files\Autodesk\Root\AecLoader.arx
[2009.02.13 10:11:26 | 004,777,728 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\client\Program Files\Autodesk\Vault 2010\Explorer\Autoloader.exe
[2009.02.13 04:39:04 | 000,001,278 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\client\Program Files\Autodesk\Vault 2010\Explorer\Autoloader.exe.config
[2009.02.13 04:39:06 | 000,002,821 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\client\Program Files\Autodesk\Vault 2010\Explorer\Autoloader Templates\Autoloader_ArchiveReport.xsl
[2009.02.13 04:39:06 | 000,005,749 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\client\Program Files\Autodesk\Vault 2010\Explorer\Autoloader Templates\Autoloader_ScanReport.xsl
[2009.02.13 04:39:06 | 000,009,657 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\client\Program Files\Autodesk\Vault 2010\Explorer\Autoloader Templates\Autoloader_UploadReport.xsl
[2009.02.13 04:43:04 | 000,003,216 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\client\Program Files\Autodesk\Vault 2010\Samples\Autoloader\Inventor 2010\Padlock\Autoloader.ipj
[2009.02.12 20:42:58 | 000,083,128 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\cs-CZ\client\Program Files\Autodesk\Vault 2010\Explorer\Autoloader_2010.chm
[2009.04.14 22:10:46 | 004,272,128 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\cs-CZ\client\Program Files\Autodesk\Vault 2010\Explorer\cs\Autoloader.resources.dll
[2007.10.25 05:08:24 | 000,007,902 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Application Data\Autodesk\Inventor 2010\Samples\Models\Translation\pro_engineer\granite\assemblies\front loader\frontloader.g
[2009.02.09 19:31:18 | 000,025,752 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\support\DWGViewer\Program Files\DWG TrueView 2010\AecLoader.arx
[2009.10.17 14:06:03 | 000,000,932 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\Autodesk\Autodesk Data Management\Nástroje\Autodesk Autoloader 2010 for Vault.lnk
[2009.10.17 14:06:03 | 000,001,132 | ---- | M] () -- \Documents and Settings\zakaznik\Dokumenty\Inventor\Autoloader.ipj.lnk
[2008.12.17 23:43:44 | 000,001,250 | ---- | M] () -- \Documents and Settings\zakaznik\Plocha\Person\FlashDisk\jeste\jeste\[FAT16]\Inventor\Autoloader.ipj.lnk
[2008.12.17 08:12:34 | 000,001,250 | ---- | M] () -- \Documents and Settings\zakaznik\Plocha\Person\FlashDisk\SLOŽKA\Recovered FAT Partition 1\[00000473]\Inventor\Autoloader.ipj.lnk
[2009.02.11 20:25:38 | 000,028,008 | ---- | M] () -- \Program Files\Autodesk\ACADM 2010\AecLoader.arx
[2007.10.25 05:08:24 | 000,007,902 | ---- | M] () -- \Program Files\Autodesk\Inventor 2010\Samples\Models\Translation\pro_engineer\granite\assemblies\front loader\frontloader.g
[2009.02.13 10:11:26 | 004,777,728 | ---- | M] () -- \Program Files\Autodesk\Vault 2010\Explorer\Autoloader.exe
[2009.02.13 04:39:04 | 000,001,278 | ---- | M] () -- \Program Files\Autodesk\Vault 2010\Explorer\Autoloader.exe.config
[2009.02.12 20:42:58 | 000,083,128 | ---- | M] () -- \Program Files\Autodesk\Vault 2010\Explorer\Autoloader_2010.chm
[2009.02.13 04:39:06 | 000,002,821 | ---- | M] () -- \Program Files\Autodesk\Vault 2010\Explorer\Autoloader Templates\Autoloader_ArchiveReport.xsl
[2009.02.13 04:39:06 | 000,005,749 | ---- | M] () -- \Program Files\Autodesk\Vault 2010\Explorer\Autoloader Templates\Autoloader_ScanReport.xsl
[2009.02.13 04:39:06 | 000,009,657 | ---- | M] () -- \Program Files\Autodesk\Vault 2010\Explorer\Autoloader Templates\Autoloader_UploadReport.xsl
[2009.04.14 22:10:46 | 004,272,128 | ---- | M] () -- \Program Files\Autodesk\Vault 2010\Explorer\cs\Autoloader.resources.dll
[2009.02.13 04:43:04 | 000,003,216 | ---- | M] () -- \Program Files\Autodesk\Vault 2010\Samples\Autoloader\Inventor 2010\Padlock\Autoloader.ipj
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2009.02.09 19:31:18 | 000,025,752 | ---- | M] () -- \Program Files\DWG TrueView 2010\AecLoader.arx
[2013.04.18 15:44:32 | 000,048,315 | ---- | M] () -- \Program Files\Full Tilt Poker\Graphics\Cashier\WebDialog\cashier_loader.mng
[2013.04.18 15:44:32 | 000,015,895 | ---- | M] () -- \Program Files\Full Tilt Poker\Graphics\Lobby\Backgrounds\LoaderChip.gif
[2014.07.12 21:31:28 | 000,024,022 | ---- | M] () -- \Program Files\Full Tilt Poker\xc\remotegame\preloader.swf
[2010.11.03 20:43:05 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2010.11.03 20:43:05 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\loader.swf
[2010.11.03 20:43:05 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2010.11.03 20:43:05 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.03.13 22:14:11 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.2\Xtraz\icq\content\icq_profile\preloader.html
[2011.01.18 15:57:39 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.2\Xtraz\icq\content\profile_forms\preloader.html
[2011.01.18 15:57:40 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.2\Xtraz\icq\content\profile_lightboxs\preloader.html
[2012.12.20 19:59:25 | 000,003,830 | ---- | M] () -- \Program Files\ICQ7.2\Xtraz\icq\content\slide-a-lama\preloader02.swf
[2008.06.20 19:13:32 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2004.08.17 16:49:06 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2009.06.05 16:50:05 | 000,082,784 | ---- | M] () -- \WINDOWS\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2008.04.14 08:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.14 00:01:48 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.14 00:01:50 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 05:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\dmloader.dll
[2008.04.13 20:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\osloader.exe
[2008.04.13 20:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\osloader.ntd
[2008.04.14 08:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[90 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
< *minodlogin* /s >
< *tnod* /s >
[2009.02.17 12:36:48 | 000,021,796 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\acadm\Program Files\Autodesk\Root\Acadm\gef\Gdb\SYS\Spring\EXTNTNOD.gpl
[2009.02.17 12:36:48 | 000,021,796 | ---- | M] () -- \Documents and Settings\All Users\Dokumenty\Autodesk\ACADM 2010\Acadm\Gef\Gdb\SYS\Spring\EXTNTNOD.gpl
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2009.02.15 17:42:44 | 000,013,824 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\acadm\Program Files\Autodesk\Root\Acadm\IC Support\Bin\LegacyDataTools.XmlSerializers.dll
[2009.02.11 20:35:47 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\acadm\Program Files\Autodesk\Root\Common Files Folder\Autodesk Shared\AdLM\R1\cs-CZ\Webdepot\RTSerialNumberHelp.html
[2009.02.11 20:35:23 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\acadm\Program Files\Autodesk\Root\Common Files Folder\Autodesk Shared\AdLM\R1\de-DE\Webdepot\RTSerialNumberHelp.html
[2009.02.11 20:35:02 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\acadm\Program Files\Autodesk\Root\Common Files Folder\Autodesk Shared\AdLM\R1\en-US\Webdepot\RTSerialNumberHelp.html
[2009.02.11 20:34:35 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\acadm\Program Files\Autodesk\Root\Common Files Folder\Autodesk Shared\AdLM\R1\es-ES\Webdepot\RTSerialNumberHelp.html
[2009.02.11 20:34:13 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\acadm\Program Files\Autodesk\Root\Common Files Folder\Autodesk Shared\AdLM\R1\fr-FR\Webdepot\RTSerialNumberHelp.html
[2009.02.11 20:33:55 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\acadm\Program Files\Autodesk\Root\Common Files Folder\Autodesk Shared\AdLM\R1\hu-HU\Webdepot\RTSerialNumberHelp.html
[2009.02.11 20:33:35 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\acadm\Program Files\Autodesk\Root\Common Files Folder\Autodesk Shared\AdLM\R1\it-IT\Webdepot\RTSerialNumberHelp.html
[2009.02.11 20:33:17 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\acadm\Program Files\Autodesk\Root\Common Files Folder\Autodesk Shared\AdLM\R1\ja-JP\Webdepot\RTSerialNumberHelp.html
[2009.02.11 20:32:54 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\acadm\Program Files\Autodesk\Root\Common Files Folder\Autodesk Shared\AdLM\R1\ko-KR\Webdepot\RTSerialNumberHelp.html
[2009.02.11 20:32:34 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\acadm\Program Files\Autodesk\Root\Common Files Folder\Autodesk Shared\AdLM\R1\pl-PL\Webdepot\RTSerialNumberHelp.html
[2009.02.11 20:32:12 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\acadm\Program Files\Autodesk\Root\Common Files Folder\Autodesk Shared\AdLM\R1\pt-BR\Webdepot\RTSerialNumberHelp.html
[2009.02.11 20:31:38 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\acadm\Program Files\Autodesk\Root\Common Files Folder\Autodesk Shared\AdLM\R1\ru-RU\Webdepot\RTSerialNumberHelp.html
[2009.02.11 20:30:38 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\acadm\Program Files\Autodesk\Root\Common Files Folder\Autodesk Shared\AdLM\R1\zh-CN\Webdepot\RTSerialNumberHelp.html
[2009.02.11 20:29:40 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\acadm\Program Files\Autodesk\Root\Common Files Folder\Autodesk Shared\AdLM\R1\zh-TW\Webdepot\RTSerialNumberHelp.html
[2008.05.28 00:34:06 | 000,000,020 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\cs-CZ\inventor\Program Files\Autodesk\Inventor 2010\Bin\cs\Connectivity.Content.PackageSchemas.XmlSerializers.resources.dll
[2008.05.28 00:34:06 | 000,000,020 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\cs-CZ\inventor\Program Files\Autodesk\Inventor 2010\Bin\cs\Connectivity.Content.XmlSerializers.resources.dll
[2008.05.28 00:34:06 | 000,000,020 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\cs-CZ\inventor\Program Files\Autodesk\Inventor 2010\Bin\cs\Connectivity.Platform.XmlSerializers.resources.dll
[2008.07.31 22:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Application Data\Common Files Folder\Autodesk Shared\AdLM\R1\cs-CZ\Webdepot\RTSerialNumberHelp.html
[2008.07.31 22:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Application Data\Common Files Folder\Autodesk Shared\AdLM\R1\de-DE\Webdepot\RTSerialNumberHelp.html
[2008.05.08 23:44:18 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Application Data\Common Files Folder\Autodesk Shared\AdLM\R1\en-US\Webdepot\RTSerialNumberHelp.html
[2008.07.31 22:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Application Data\Common Files Folder\Autodesk Shared\AdLM\R1\es-ES\Webdepot\RTSerialNumberHelp.html
[2008.08.06 15:52:56 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Application Data\Common Files Folder\Autodesk Shared\AdLM\R1\fr-FR\Webdepot\RTSerialNumberHelp.html
[2008.07.31 22:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Application Data\Common Files Folder\Autodesk Shared\AdLM\R1\hu-HU\Webdepot\RTSerialNumberHelp.html
[2008.07.31 22:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Application Data\Common Files Folder\Autodesk Shared\AdLM\R1\it-IT\Webdepot\RTSerialNumberHelp.html
[2008.05.08 23:44:18 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Application Data\Common Files Folder\Autodesk Shared\AdLM\R1\ja-JP\Webdepot\RTSerialNumberHelp.html
[2008.07.31 22:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Application Data\Common Files Folder\Autodesk Shared\AdLM\R1\ko-KR\Webdepot\RTSerialNumberHelp.html
[2008.07.31 22:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Application Data\Common Files Folder\Autodesk Shared\AdLM\R1\pl-PL\Webdepot\RTSerialNumberHelp.html
[2008.07.31 22:11:46 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Application Data\Common Files Folder\Autodesk Shared\AdLM\R1\pt-BR\Webdepot\RTSerialNumberHelp.html
[2008.07.31 22:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Application Data\Common Files Folder\Autodesk Shared\AdLM\R1\ru-RU\Webdepot\RTSerialNumberHelp.html
[2008.07.31 22:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Application Data\Common Files Folder\Autodesk Shared\AdLM\R1\zh-CN\Webdepot\RTSerialNumberHelp.html
[2008.07.31 22:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Application Data\Common Files Folder\Autodesk Shared\AdLM\R1\zh-TW\Webdepot\RTSerialNumberHelp.html
[2009.02.16 01:42:32 | 000,032,768 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Program Files\Autodesk\Inventor 2010\Bin\Connectivity.Content.PackageSchemas.XmlSerializers.dll
[2009.02.16 01:42:40 | 000,114,688 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Program Files\Autodesk\Inventor 2010\Bin\Connectivity.Content.XmlSerializers.dll
[2009.02.16 01:42:38 | 000,010,240 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Program Files\Autodesk\Inventor 2010\Bin\Connectivity.Platform.XmlSerializers.dll
[2009.02.13 07:49:08 | 000,267,520 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Program Files\Autodesk\Inventor 2010\Bin\Connectivity.Proxies.Content.XmlSerializers.dll
[2009.02.13 07:49:12 | 000,083,200 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\inventor\Program Files\Autodesk\Inventor 2010\Bin\Connectivity.Proxies.KnowledgeLibrary.XmlSerializers.dll
[2008.08.01 08:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\support\NLA\cs-CZ\Module Retargetable Folder\cs-CZ\Webdepot\RTSerialNumberHelp.html
[2008.08.01 08:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\support\NLA\cs-CZ\Module Retargetable Folder\de-DE\Webdepot\RTSerialNumberHelp.html
[2008.05.09 09:44:18 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\support\NLA\cs-CZ\Module Retargetable Folder\en-US\Webdepot\RTSerialNumberHelp.html
[2008.08.01 08:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\support\NLA\cs-CZ\Module Retargetable Folder\es-ES\Webdepot\RTSerialNumberHelp.html
[2008.08.07 01:52:56 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\support\NLA\cs-CZ\Module Retargetable Folder\fr-FR\Webdepot\RTSerialNumberHelp.html
[2008.08.01 08:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\support\NLA\cs-CZ\Module Retargetable Folder\hu-HU\Webdepot\RTSerialNumberHelp.html
[2008.08.01 08:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\support\NLA\cs-CZ\Module Retargetable Folder\it-IT\Webdepot\RTSerialNumberHelp.html
[2008.05.09 09:44:18 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\support\NLA\cs-CZ\Module Retargetable Folder\ja-JP\Webdepot\RTSerialNumberHelp.html
[2008.08.01 08:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\support\NLA\cs-CZ\Module Retargetable Folder\ko-KR\Webdepot\RTSerialNumberHelp.html
[2008.08.01 08:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\support\NLA\cs-CZ\Module Retargetable Folder\pl-PL\Webdepot\RTSerialNumberHelp.html
[2008.08.01 08:11:46 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\support\NLA\cs-CZ\Module Retargetable Folder\pt-BR\Webdepot\RTSerialNumberHelp.html
[2008.08.01 08:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\support\NLA\cs-CZ\Module Retargetable Folder\ru-RU\Webdepot\RTSerialNumberHelp.html
[2008.08.01 08:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\support\NLA\cs-CZ\Module Retargetable Folder\zh-CN\Webdepot\RTSerialNumberHelp.html
[2008.08.01 08:11:44 | 000,002,502 | ---- | M] () -- \Autodesk\AutoCAD_Inventor_2010_Czech_Win_32bit\x86\support\NLA\cs-CZ\Module Retargetable Folder\zh-TW\Webdepot\RTSerialNumberHelp.html
[2004.08.17 15:44:16 | 000,030,301 | ---- | M] () -- \cmdcons\SERIAL.SY_
[2009.11.15 18:02:58 | 000,018,354 | ---- | M] () -- \Documents and Settings\zakaznik\Data aplikací\uTorrent\Age Of Empires 3 full DVD +crack + serial{ABDULITO}.torrent
[2009.02.15 17:42:44 | 000,013,824 | ---- | M] () -- \Program Files\Autodesk\ACADM 2010\Acadm\IC Support\Bin\LegacyDataTools.XmlSerializers.dll
[2009.02.16 01:42:32 | 000,032,768 | ---- | M] () -- \Program Files\Autodesk\Inventor 2010\bin\Connectivity.Content.PackageSchemas.XmlSerializers.dll
[2009.02.16 01:42:40 | 000,114,688 | ---- | M] () -- \Program Files\Autodesk\Inventor 2010\bin\Connectivity.Content.XmlSerializers.dll
[2009.02.16 01:42:38 | 000,010,240 | ---- | M] () -- \Program Files\Autodesk\Inventor 2010\bin\Connectivity.Platform.XmlSerializers.dll
[2009.02.13 07:49:08 | 000,267,520 | ---- | M] () -- \Program Files\Autodesk\Inventor 2010\bin\Connectivity.Proxies.Content.XmlSerializers.dll
[2009.02.13 07:49:12 | 000,083,200 | ---- | M] () -- \Program Files\Autodesk\Inventor 2010\bin\Connectivity.Proxies.KnowledgeLibrary.XmlSerializers.dll
[2008.05.28 00:34:06 | 000,000,020 | ---- | M] () -- \Program Files\Autodesk\Inventor 2010\bin\cs\Connectivity.Content.PackageSchemas.XmlSerializers.resources.dll
[2008.05.28 00:34:06 | 000,000,020 | ---- | M] () -- \Program Files\Autodesk\Inventor 2010\bin\cs\Connectivity.Content.XmlSerializers.resources.dll
[2008.05.28 00:34:06 | 000,000,020 | ---- | M] () -- \Program Files\Autodesk\Inventor 2010\bin\cs\Connectivity.Platform.XmlSerializers.resources.dll
[2008.07.31 22:11:44 | 000,002,502 | ---- | M] () -- \Program Files\Common Files\Autodesk Shared\AdLM\R1\cs-CZ\Webdepot\RTSerialNumberHelp.html
[2010.04.07 23:48:30 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[1998.11.14 14:28:20 | 000,038,912 | ---- | M] () -- \Program Files\Settlers 3 Gold Edition\_SERIAL.EXE
[2005.06.16 23:05:42 | 000,000,031 | ---- | M] () -- \Program Files\Settlers 3 Gold Edition\_Serial.txt
[2012.07.05 17:53:37 | 000,000,948 | ---- | M] () -- \Qoobox\Quarantine\Registry_backups\AddRemove-18_Zinia_Serial_Driver.reg.dat
[2004.08.17 16:44:16 | 000,064,640 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2009.06.01 20:34:52 | 000,011,776 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.10.18 20:48:53 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011.10.18 20:42:35 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2011.10.19 09:49:44 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\3231473e2ec4451c8f218930fda80d19\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.10.19 09:40:37 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\8b2710a63ecd363315ef16b257588b95\System.Runtime.Serialization.ni.dll
[2011.12.28 22:53:29 | 000,310,272 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\d0ff3383438d688a0118d0fa19ed1dc4\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.12.28 22:53:21 | 002,625,024 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\e9f8a45b1063d6c6a62718c88a5623d1\System.Runtime.Serialization.ni.dll
[2004.03.23 04:55:28 | 000,017,133 | R--- | M] () -- \WINDOWS\inf\SocketSerialBT.inf
[2009.09.08 15:44:04 | 000,013,972 | ---- | M] () -- \WINDOWS\inf\SocketSerialBT.PNF
[1 \WINDOWS\inf\*.tmp files -> \WINDOWS\inf\*.tmp -> ]
[2012.02.11 12:16:07 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.02.11 12:15:55 | 001,026,936 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2005.12.20 18:13:56 | 000,011,776 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.04.07 23:48:30 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 001,026,936 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2008.04.14 07:47:26 | 000,028,416 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.14 07:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2007.06.27 18:29:04 | 000,131,072 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\system.runtime.serialization.formatters.soap.dll
[2008.04.14 04:17:25 | 000,028,416 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\grserial.sys
[2008.04.14 04:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\serial.sys
[2007.06.27 14:59:02 | 000,131,072 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\system.runtime.serialization.formatters.soap.dll
[2001.10.25 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2001.10.25 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[90 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2001.10.25 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2001.10.25 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[405 \WINDOWS\system32\dllcache\*.tmp files -> \WINDOWS\system32\dllcache\*.tmp -> ]
[2008.04.14 07:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 185 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:0CE7F3C9
@Alternate Data Stream - 164 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:B3D74A13
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:2683706C
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:E2FFC7FB
< End of report >
Re: prosím o kontrolu
Jeste nez zacnu mazat, zeptam se, tohle tam mate zamerne?
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SysMon"=C:\Documents and Settings\All Users\Data aplikací\SysMon\ASK.dll [2010-05-06 1268736]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SysMon"=C:\Documents and Settings\All Users\Data aplikací\SysMon\ASK.dll [2010-05-06 1268736]
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
casablancass
- Návštěvník
- Příspěvky: 51
- Registrován: 04 črc 2012 15:06
Re: prosím o kontrolu
A já musím odpovědět trochu jako idiot, že nevim o co vlastně jde, takže to záměrně určitě není.
Re: prosím o kontrolu
Je to nastroj na sledovani systemu. Cili vypinam.
Vidim, ze MBAM vam tam stale bezi. Ja bych ho odinstaloval, at zbytecne nezere pamet.
Napiste mi velikost adresare plochy (C:\Documents and Settings\zakaznik\Plocha)
Vypnete antivir, at nebrani programu v praci.
Znovu spustte OTL
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)
Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.
Vidim, ze MBAM vam tam stale bezi. Ja bych ho odinstaloval, at zbytecne nezere pamet.
Napiste mi velikost adresare plochy (C:\Documents and Settings\zakaznik\Plocha) Vypnete antivir, at nebrani programu v praci. Znovu spustte OTLDo spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)
Kód: Vybrat vše
:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]
:services
MBAMProtector
:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Program Files\Spybot - Search & Destroy 2
C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
:otl
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2052111302-2077806209-1801674531-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2052111302-2077806209-1801674531-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
[4 C:\Documents and Settings\zakaznik\Plocha\*.tmp files -> C:\Documents and Settings\zakaznik\Plocha\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
[2014.04.18 21:54:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG
[2014.04.19 06:40:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\AVG
[2014.04.18 21:53:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zakaznik\Data aplikací\AVG
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\$hf_mig$\KB974455-IE7\SP3QFE\*.tmp files -> C:\WINDOWS\$hf_mig$\KB974455-IE7\SP3QFE\*.tmp -> ]
[9 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\WINDOWS\Help\*.tmp files -> C:\WINDOWS\Help\*.tmp -> ]
[1 C:\WINDOWS\inf\*.tmp files -> C:\WINDOWS\inf\*.tmp -> ]
[90 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[405 C:\WINDOWS\system32\dllcache\*.tmp files -> C:\WINDOWS\system32\dllcache\*.tmp -> ]
[8 C:\WINDOWS\temp\*.tmp files -> C:\WINDOWS\temp\*.tmp -> ]
@Alternate Data Stream - 185 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:0CE7F3C9
@Alternate Data Stream - 164 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:B3D74A13
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:2683706C
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:E2FFC7FB
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SysMon"=-
"Adobe ARM"=-
"KernelFaultCheck"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-
Po restartu se objevi novy log, ten sem dejte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
casablancass
- Návštěvník
- Příspěvky: 51
- Registrován: 04 črc 2012 15:06
Re: prosím o kontrolu
Děkuji za rady.
Je to škodlivý nástroj na sledování systému? Něco jako trojan?
Velikost adresáře plochy je 74,4 GB.
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: zakaznik
->Temp folder emptied: 1144447871 bytes
->Temporary Internet Files folder emptied: 3627566 bytes
->FireFox cache emptied: 616356070 bytes
->Opera cache emptied: 51645065 bytes
->Flash cache emptied: 5453 bytes
%systemdrive% .tmp files removed: 20524 bytes
%systemroot% .tmp files removed: 2543753 bytes
%systemroot%\System32 .tmp files removed: 28528722 bytes
%systemroot%\System32\dllcache .tmp files removed: 135742464 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4601352 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 9139621 bytes
Total Files Cleaned = 1 904,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: LocalService
User: NetworkService
User: zakaznik
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Error: No service named MBAMProtector was found to stop!
Service\Driver key MBAMProtector not found.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\Program Files\Spybot - Search & Destroy 2 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Quarantine folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Logs folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Ignore folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Cleaning folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy folder moved successfully.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_USERS\S-1-5-21-2052111302-2077806209-1801674531-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-2052111302-2077806209-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
C:\Documents and Settings\zakaznik\Plocha\SIV2C84.tmp deleted successfully.
C:\Documents and Settings\zakaznik\Plocha\SIV2C87.tmp deleted successfully.
C:\Documents and Settings\zakaznik\Plocha\SIV3582.tmp deleted successfully.
C:\Documents and Settings\zakaznik\Plocha\SIV57F6.tmp deleted successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG\AWL2014 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG\AWL\Program Statistics folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG\AWL folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG folder moved successfully.
C:\Documents and Settings\LocalService\Data aplikací\AVG\AWL2014\Backups folder moved successfully.
C:\Documents and Settings\LocalService\Data aplikací\AVG\AWL2014 folder moved successfully.
C:\Documents and Settings\LocalService\Data aplikací\AVG\AWL\CrashDumps folder moved successfully.
C:\Documents and Settings\LocalService\Data aplikací\AVG\AWL folder moved successfully.
C:\Documents and Settings\LocalService\Data aplikací\AVG folder moved successfully.
C:\Documents and Settings\zakaznik\Data aplikací\AVG\AWL2014\TuningIndex folder moved successfully.
C:\Documents and Settings\zakaznik\Data aplikací\AVG\AWL2014\StartUp Manager folder moved successfully.
C:\Documents and Settings\zakaznik\Data aplikací\AVG\AWL2014\Dashboard folder moved successfully.
C:\Documents and Settings\zakaznik\Data aplikací\AVG\AWL2014\Backups folder moved successfully.
C:\Documents and Settings\zakaznik\Data aplikací\AVG\AWL2014 folder moved successfully.
C:\Documents and Settings\zakaznik\Data aplikací\AVG\AWL\CrashDumps folder moved successfully.
C:\Documents and Settings\zakaznik\Data aplikací\AVG\AWL folder moved successfully.
C:\Documents and Settings\zakaznik\Data aplikací\AVG folder moved successfully.
C:\WINDOWS\$hf_mig$\KB974455-IE7\SP3QFE\SET10F8.tmp deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP140C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP14E7.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP164F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1D55.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1FDC.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP836.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPADB.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB01.tmp\WindowsBase.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB01.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC96.tmp folder deleted successfully.
C:\WINDOWS\Help\SET212.tmp deleted successfully.
C:\WINDOWS\Help\SET213.tmp deleted successfully.
C:\WINDOWS\Help\SET214.tmp deleted successfully.
C:\WINDOWS\Help\SET215.tmp deleted successfully.
C:\WINDOWS\inf\SET216.tmp deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:0CE7F3C9 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:B3D74A13 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:2683706C deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:E2FFC7FB deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SysMon deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
OTL by OldTimer - Version 3.2.69.0 log created on 10252014_073556
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Je to škodlivý nástroj na sledování systému? Něco jako trojan?
Velikost adresáře plochy je 74,4 GB.
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: zakaznik
->Temp folder emptied: 1144447871 bytes
->Temporary Internet Files folder emptied: 3627566 bytes
->FireFox cache emptied: 616356070 bytes
->Opera cache emptied: 51645065 bytes
->Flash cache emptied: 5453 bytes
%systemdrive% .tmp files removed: 20524 bytes
%systemroot% .tmp files removed: 2543753 bytes
%systemroot%\System32 .tmp files removed: 28528722 bytes
%systemroot%\System32\dllcache .tmp files removed: 135742464 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4601352 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 9139621 bytes
Total Files Cleaned = 1 904,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: LocalService
User: NetworkService
User: zakaznik
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Error: No service named MBAMProtector was found to stop!
Service\Driver key MBAMProtector not found.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\Program Files\Spybot - Search & Destroy 2 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Quarantine folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Logs folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Ignore folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Cleaning folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy folder moved successfully.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_USERS\S-1-5-21-2052111302-2077806209-1801674531-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-2052111302-2077806209-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
C:\Documents and Settings\zakaznik\Plocha\SIV2C84.tmp deleted successfully.
C:\Documents and Settings\zakaznik\Plocha\SIV2C87.tmp deleted successfully.
C:\Documents and Settings\zakaznik\Plocha\SIV3582.tmp deleted successfully.
C:\Documents and Settings\zakaznik\Plocha\SIV57F6.tmp deleted successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG\AWL2014 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG\AWL\Program Statistics folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG\AWL folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG folder moved successfully.
C:\Documents and Settings\LocalService\Data aplikací\AVG\AWL2014\Backups folder moved successfully.
C:\Documents and Settings\LocalService\Data aplikací\AVG\AWL2014 folder moved successfully.
C:\Documents and Settings\LocalService\Data aplikací\AVG\AWL\CrashDumps folder moved successfully.
C:\Documents and Settings\LocalService\Data aplikací\AVG\AWL folder moved successfully.
C:\Documents and Settings\LocalService\Data aplikací\AVG folder moved successfully.
C:\Documents and Settings\zakaznik\Data aplikací\AVG\AWL2014\TuningIndex folder moved successfully.
C:\Documents and Settings\zakaznik\Data aplikací\AVG\AWL2014\StartUp Manager folder moved successfully.
C:\Documents and Settings\zakaznik\Data aplikací\AVG\AWL2014\Dashboard folder moved successfully.
C:\Documents and Settings\zakaznik\Data aplikací\AVG\AWL2014\Backups folder moved successfully.
C:\Documents and Settings\zakaznik\Data aplikací\AVG\AWL2014 folder moved successfully.
C:\Documents and Settings\zakaznik\Data aplikací\AVG\AWL\CrashDumps folder moved successfully.
C:\Documents and Settings\zakaznik\Data aplikací\AVG\AWL folder moved successfully.
C:\Documents and Settings\zakaznik\Data aplikací\AVG folder moved successfully.
C:\WINDOWS\$hf_mig$\KB974455-IE7\SP3QFE\SET10F8.tmp deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP140C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP14E7.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP164F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1D55.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1FDC.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP836.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPADB.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB01.tmp\WindowsBase.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB01.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC96.tmp folder deleted successfully.
C:\WINDOWS\Help\SET212.tmp deleted successfully.
C:\WINDOWS\Help\SET213.tmp deleted successfully.
C:\WINDOWS\Help\SET214.tmp deleted successfully.
C:\WINDOWS\Help\SET215.tmp deleted successfully.
C:\WINDOWS\inf\SET216.tmp deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:0CE7F3C9 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:B3D74A13 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:2683706C deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:E2FFC7FB deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SysMon deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
OTL by OldTimer - Version 3.2.69.0 log created on 10252014_073556
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Re: prosím o kontrolu
Proste monitoruje cinnost pc. Skodlivym se stane, pokud ty informace nekdo zneuzije. Jinak muze treba pomoct pri odhaleni nejakych potizi, takze muze byt uzitecnym pomocnikem.casablancass píše:Je to škodlivý nástroj na sledování systému? Něco jako trojan?
casablancass píše:Velikost adresáře plochy je 74,4 GB.
Velikost plochy by nemela preshovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku 
vyosek píše:
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.
Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)
Defragmentujte disk(y) (SSD Disky ne!)Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak napiste, jak je na tom pc.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
casablancass
- Návštěvník
- Příspěvky: 51
- Registrován: 04 črc 2012 15:06
Re: prosím o kontrolu
Udělal jsem všechno podle návodu a právě probíhá defragmentace (zbývající čas 8 hodin)
Ale prosím o další radu. Chtěl jsem si stáhnout torrent a "omylem" jsem nainstalovat Tv Torn. Když jsem to odinstalovával, tak mi firewall detektoval, že programy au_.exe a bu_.exe chtějí povolit přístup k internetu. Trochu jsem googlil a našel jsem, že se to objevuje při odinstalování některých programů, takže by to nejspíš mělo být bezpečně.
Ale taky jsem našel, že TvTorn může obsahovat malware, virusy a trojany.
Napadlo mě, že bych i mohl zrušit defregmentaci a vrátit pc zpět pomocí bodu obnovy v 10:45 dnešní ráno. A nebo myslíte, že není potřeba plašit?
Ale prosím o další radu. Chtěl jsem si stáhnout torrent a "omylem" jsem nainstalovat Tv Torn. Když jsem to odinstalovával, tak mi firewall detektoval, že programy au_.exe a bu_.exe chtějí povolit přístup k internetu. Trochu jsem googlil a našel jsem, že se to objevuje při odinstalování některých programů, takže by to nejspíš mělo být bezpečně.
Ale taky jsem našel, že TvTorn může obsahovat malware, virusy a trojany.
Napadlo mě, že bych i mohl zrušit defregmentaci a vrátit pc zpět pomocí bodu obnovy v 10:45 dnešní ráno. A nebo myslíte, že není potřeba plašit?
Re: prosím o kontrolu
Achjo, sotva se to vycisti, hned si to zavsivite necim novym 
Bod obnovy bych nedelal. Az dobehne defragmentace, projedte to znovu ADWCleanerem.
Bod obnovy bych nedelal. Az dobehne defragmentace, projedte to znovu ADWCleanerem.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
casablancass
- Návštěvník
- Příspěvky: 51
- Registrován: 04 črc 2012 15:06
Re: prosím o kontrolu
Promiňte. Já vážně nechtěl. : )
Dovolil jsem si přerušit defragmentaci a nechat to na vhodnější chvíli, tak snad jsem tím nic nepokazil, ale řekl bych, že to se dá dodělat i později.
Log z ADW:
# AdwCleaner v4.001 - Report created 25/10/2014 at 19:47:47
# DB v
# Updated 20/10/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : zakaznik - USER
# Running from : C:\Documents and Settings\zakaznik\Plocha\firefox stažené\adwcleaner_4.001(1).exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files\globalUpdate
Folder Deleted : C:\Documents and Settings\zakaznik\Local Settings\Data aplikací\globalUpdate
File Deleted : C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default\searchplugins\zonealarm.xml
File Deleted : C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default\user.js
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{987D9269-F8A1-408F-BF62-4397D2F5363E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0722BEB-FDA1-4AA1-A2A8-15A74A5B3F70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\Crossrider
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
***** [ Browsers ] *****
-\\ Internet Explorer v7.0.6000.17055
-\\ Mozilla Firefox v31.0 (x86 cs)
*************************
AdwCleaner[R1].txt - [6516 octets] - [25/10/2014 19:42:24]
AdwCleaner[S1].txt - [6435 octets] - [25/10/2014 19:47:47]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [6495 octets] ##########
Dovolil jsem si přerušit defragmentaci a nechat to na vhodnější chvíli, tak snad jsem tím nic nepokazil, ale řekl bych, že to se dá dodělat i později.
Log z ADW:
# AdwCleaner v4.001 - Report created 25/10/2014 at 19:47:47
# DB v
# Updated 20/10/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : zakaznik - USER
# Running from : C:\Documents and Settings\zakaznik\Plocha\firefox stažené\adwcleaner_4.001(1).exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files\globalUpdate
Folder Deleted : C:\Documents and Settings\zakaznik\Local Settings\Data aplikací\globalUpdate
File Deleted : C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default\searchplugins\zonealarm.xml
File Deleted : C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default\user.js
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{987D9269-F8A1-408F-BF62-4397D2F5363E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0722BEB-FDA1-4AA1-A2A8-15A74A5B3F70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\Crossrider
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
***** [ Browsers ] *****
-\\ Internet Explorer v7.0.6000.17055
-\\ Mozilla Firefox v31.0 (x86 cs)
*************************
AdwCleaner[R1].txt - [6516 octets] - [25/10/2014 19:42:24]
AdwCleaner[S1].txt - [6435 octets] - [25/10/2014 19:47:47]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [6495 octets] ##########
Re: prosím o kontrolu
No jo, to je mi jasne, kdo by to taky chtel, ze?
Dokoncit se to da kdykoliv, akorat budete opet muset cekat, nez to dojede.
Jeste jsou nejake hlasky?
Dejte novy log z RSIT.
Dokoncit se to da kdykoliv, akorat budete opet muset cekat, nez to dojede.
Jeste jsou nejake hlasky?
Dejte novy log z RSIT.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
casablancass
- Návštěvník
- Příspěvky: 51
- Registrován: 04 črc 2012 15:06
Re: prosím o kontrolu
Určitě nikdo, ale jen jsem chtěl poděkovat za trpělivost. 
)
Žádné další nebyly.
Log:
Logfile of random's system information tool 1.10 (written by random/random)
Run by zakaznik at 2014-10-25 20:29:24
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 26 GB (17%) free of 153 GB
Total RAM: 1022 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:29:47, on 25.10.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17055)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Documents and Settings\zakaznik\Plocha\firefox stažené\RSIT.exe
C:\Program Files\trend micro\zakaznik.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = ${SEARCH_URL_IE7}
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Bitdefender Antivirus Free Edition (gzserv) - Bitdefender - C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
--
End of file - 4985 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\8659b09c-dda9-42d0-85f4-34019f78e5f1-4.job - C:\Program Files\TheTorntv V10\8659b09c-dda9-42d0-85f4-34019f78e5f1-4.exe /rawdata=QERZplAtCVLgr5ki7WqZFmjTMxEeUG3Oy3XbuGd8vQzdVByT3uO8297FHi1LSpOASmWZRL4dPVGSMGLGs2pQMAnwrEzu4MPdS4WDJA64csfULf1x1mQQoEZpfDh94LpbuXPprDkY0g4QNZCj1klNhOGaCWgZVGJ7soRpaX/6h7BUstqG4l8bAhL6C4ozm4H1iwDy4hCkGU0brM9k+c8N7Z5aeKI/eBBeYWQ52b2S1CCbf82Rn907xhhdsV7OJ3cnGHgSwzgHwTh+bBObRe5EX1WCwZV8pizb09hg2cXbfGCN7W6RjfLwh08znNRKDR8SHnKKtZ/WUw1vlSwiw41MWjXvxe62G3Ju5yqcQrKn1IxJNZjIEgxmR+jsg4twzMoheJzeS3h1EWYo5KD64bx4rA1kzapXQlJyZr6LkQR045Eno9ZH2iLo8/aSK8u+DRqCpfn/0ZOM3J42t37uCfkkU1fUfQTmwj8VMjMrmlBlvIziYFd8DcJoZ0acUbEX4b0WIB2JAIdqZX9GBxiBOHQuWXGC6ELN7DGhDA3jV8WvwF96HxXA0XPLGgrZwukAAluqWlVtNnldnX+DZ1lf1Q1bm5sb5u0XbGi2CYqcYXf5295r8hGhfSXJodYzb4mwNxStgY2pm70bdWSuDzz06yprBGenl7OF47DIl1RY+XYJrV67s8Dav1yFbiFMEOYYWq3XSUFOlr2ZXd3Y40u40AprBJnIYCyYsGB+94WU5ygkqiwU6SDG0D95GAOsRxyR9wso+Z/xoFSqObquZ6v+lW9wwyNcGcZnQX8my8oTIly+iqkf2zWJhYJoXsOeg929m2qp94Cb+zZv0PN40k/WLfFdxnJyeE4TIicvgEzb87+Zem9XyRDHppW2vfJU02cMPQplOc0xsyAofQtPETIVLVj8ZPalf3saOhwTrtAlldPD/UzwZnUCAy2FeLrZitFX4UvyLno6rgURRXMWYFfpWKQrVhGzLpLPe4hZJZhODu165XEZBUBw5VOhPr/v/0o3V3QZt4OIJowXLEG6/MhcluMpGRNTqQriAZHltfQ9uk7pQRN4bQBemtD9b0PD9vsl7pndqaRhQp7+b7L2YIxZ6hZvKLtLLO/bsE5oqNwAohgmcxC4Ry7HG90RsjiWMYvV1hlg4eI/eQJ0EGDAXk0zLs814bgukEUk8rIboxCaJ2UjXWqp9vhRhiu6eVxq4LvTpbziEg+2KSCyfnLmarHzUurkIok93AWny4VmphyqsY8l/DJs87UYUVreITVj1Y4Asjk2zsGL7ENdtAfrnmbsHp6rpq+OcGZK80FV4s8CCugCp0fzorlfsFEjW01AJvXBxEKyU1faZ0Wtf9nin8Gnx0pvZS8IM0dRaF5b6RTR5BmUUv7n3trZqfGVMLl+K9s/zFIzELOyeVFmlz2RpX0rQUJDCgx92FKIz4G4IDCpKYUBFYs1GiPtcPIU0tLLvr+Vs7dIbosd4Z38UXnCR98mRhxnboSLuEh02xvs0fY0L/cRrrW/ypNcnfCkRCHD+mjuajNrF8Dbi8K4gFH8ifP3uziXOlNDL1W832BLmzUBlWv3idYgtwOOR4Prv5B/z6h1Jk7molNe3z89R6rsxXfv/AmLDrYyFAJyzxUnH0Nf+odhNHRb5+e1c/fgaymayOmNeEDy6BPkkERzDM1A5vHd3FpvW0BxVO6X5xPxTVZmJGCHFxGCvxFi4G18i967QAAii7S47oQP8pJhGF5o1zmoAi6NKfFg3ezUvbZWlSb8d4LEgZgV9bl+bZHMxU2hIDDZdEyc0c0p21rpeEw/lsL0zQtgR8BbT5vVPcIIaPD2Tx5WIIgHS4WBZLBlJQzy1S+WicXi7j4YHZqK4g+XuFMkrYVDNx0X49u4/mfQEu1win62RQA8utGZs93PTn1hj772IbeFF49qmz5NF0vqe/YKLaNemOejBaiLIzPYosGR7rgX0ltduj8rOGNR4blvYK/AwmluwxWIyJc9RzQLHI1RZ8m2Pa+iP2P9NoaCEE4MH6dDLJp5i3IPMs98Y9hFaSeV7x0a
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.64 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pages.tvunetworks.com/WebPlayer]
"Description"=TVU Web Player Plugin
"Path"=C:\Program Files\TVUPlayer\npTVUAx.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll
C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default\searchplugins\
doplky-pro-firefox.xml
google-esk-republika---pouze-esky.xml
google-esk-republika.xml
google-peklada.xml
google-us.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-05-21 17881600]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-02-25 61440]
"LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2010-05-20 119152]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2014-10-23 4825880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-02-25 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Microsoft LifeCam\LifeCam.exe"="C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe"
"C:\Program Files\Microsoft LifeCam\LifeEnC2.exe"="C:\Program Files\Microsoft LifeCam\LifeEnC2.exe:*:Enabled:LifeEnC2.exe"
"C:\Program Files\Microsoft LifeCam\LifeExp.exe"="C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe"
"C:\Program Files\Microsoft LifeCam\LifeTray.exe"="C:\Program Files\Microsoft LifeCam\LifeTray.exe:*:Enabled:LifeTray.exe"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Steam\steamapps\poorfox\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\poorfox\counter-strike\hl.exe:*:Enabled:Counter-Strike"
"C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe"="C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe:*:Enabled:Opera Internet Browser - Plugin wrapper"
"C:\Documents and Settings\zakaznik\Plocha\uTorrent.exe"="C:\Documents and Settings\zakaznik\Plocha\uTorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\zakaznik\Data aplikací\uTorrent\uTorrent.exe"="C:\Documents and Settings\zakaznik\Data aplikací\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe"="C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe:*:Enabled:True Vector"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe"="C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe:*:Enabled:True Vector"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2014-10-25 20:29:24 ----D---- C:\rsit
2014-10-25 20:22:11 ----SHD---- C:\Config.Msi
2014-10-25 19:42:16 ----D---- C:\AdwCleaner
2014-10-25 11:09:26 ----D---- C:\Program Files\Defraggler
2014-10-25 10:13:06 ----D---- C:\FOTO
2014-10-25 09:49:31 ----D---- C:\bdb71480e446a48e8f87aeb01079
2014-10-25 09:36:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\CheckPoint
2014-10-25 09:02:57 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2014-10-25 09:02:50 ----A---- C:\WINDOWS\system32\WdfCoInstaller01009.dll
2014-10-25 09:02:46 ----A---- C:\WINDOWS\system32\drivers\avchv.sys
2014-10-25 09:02:46 ----A---- C:\WINDOWS\system32\drivers\avckf.sys
2014-10-25 09:02:46 ----A---- C:\WINDOWS\system32\drivers\avc3.sys
2014-10-25 09:01:32 ----A---- C:\Report 2014-10-25 09.01.32.txt
2014-10-25 09:01:10 ----D---- C:\Documents and Settings\zakaznik\Data aplikací\QuickScan
2014-10-25 09:00:58 ----D---- C:\Program Files\Bitdefender
2014-10-25 09:00:40 ----A---- C:\WINDOWS\system32\drivers\trufos.sys
2014-10-25 09:00:40 ----A---- C:\WINDOWS\system32\drivers\gzflt.sys
2014-10-24 17:29:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2014-10-19 21:09:50 ----D---- C:\Program Files\trend micro
2014-10-19 21:02:44 ----D---- C:\WINDOWS\Prefetch
2014-10-19 20:51:41 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2014-10-19 20:50:08 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2014-10-19 20:48:07 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2014-10-19 20:46:31 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2014-10-19 20:44:55 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2014-10-19 20:43:21 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2014-10-19 20:41:46 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2014-10-19 20:40:12 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2014-10-19 20:38:42 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2014-10-19 20:37:13 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2014-10-19 20:35:48 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2014-10-19 20:34:23 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2014-10-19 20:33:23 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2014-10-19 20:32:28 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2014-10-19 20:31:35 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2014-10-19 20:30:38 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2014-10-19 20:29:45 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2014-10-19 20:28:51 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2014-10-19 20:27:59 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2014-10-19 20:27:01 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2014-10-19 20:26:11 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2014-10-19 20:25:17 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2014-10-19 20:24:20 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2014-10-19 20:23:27 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2014-10-19 20:22:33 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2014-10-19 20:21:35 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2014-10-19 20:20:39 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2014-10-19 20:19:45 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2014-10-19 20:18:46 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2014-10-19 20:17:51 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2014-10-19 20:16:53 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2014-10-19 20:15:59 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2014-10-19 20:14:45 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2014-10-19 20:13:48 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2014-10-19 20:12:53 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2014-10-19 20:12:00 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2014-10-19 20:11:01 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2014-10-19 20:10:03 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2014-10-19 20:09:01 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2014-10-19 20:08:00 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2014-10-19 20:07:00 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2014-10-19 20:06:00 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
2014-10-19 20:04:50 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2014-10-19 20:03:52 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2014-10-19 20:02:54 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2014-10-19 20:01:55 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2014-10-19 20:00:57 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2014-10-19 20:00:02 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2014-10-19 19:59:05 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2014-10-19 19:58:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2014-10-19 19:57:12 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2014-10-19 19:56:15 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2014-10-19 19:54:53 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2014-10-19 19:53:55 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2014-10-19 19:52:56 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
2014-10-19 19:52:02 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2014-10-19 19:51:05 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2014-10-19 19:50:06 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2014-10-19 19:48:59 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2014-10-19 19:47:59 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2014-10-19 19:47:00 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2014-10-19 19:46:00 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2014-10-19 19:45:00 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2014-10-19 19:44:03 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2014-10-19 19:43:06 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2014-10-19 19:42:07 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2014-10-19 19:41:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2014-10-19 19:35:26 ----N---- C:\WINDOWS\system32\drivers\irbus.sys
2014-10-19 19:35:25 ----N---- C:\WINDOWS\system32\comsdupd.exe
2014-10-19 19:35:19 ----N---- C:\WINDOWS\system32\aaclient.dll
2014-10-19 19:35:18 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2014-10-19 19:35:18 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2014-10-19 19:35:17 ----N---- C:\WINDOWS\system32\azroles.dll
2014-10-19 19:35:17 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2014-10-19 19:35:16 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2014-10-19 19:35:15 ----N---- C:\WINDOWS\system32\credssp.dll
2014-10-19 19:35:04 ----N---- C:\WINDOWS\system32\dimsroam.dll
2014-10-19 19:35:04 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2014-10-19 19:35:04 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2014-10-19 19:35:03 ----N---- C:\WINDOWS\system32\dot3api.dll
2014-10-19 19:34:54 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2014-10-19 19:34:54 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2014-10-19 19:34:45 ----N---- C:\WINDOWS\system32\dot3msm.dll
2014-10-19 19:34:45 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2014-10-19 19:34:35 ----N---- C:\WINDOWS\system32\dot3ui.dll
2014-10-19 19:34:35 ----N---- C:\WINDOWS\system32\dot3svc.dll
2014-10-19 19:34:34 ----N---- C:\WINDOWS\system32\eapolqec.dll
2014-10-19 19:34:24 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2014-10-19 19:34:15 ----N---- C:\WINDOWS\system32\eappcfg.dll
2014-10-19 19:34:06 ----N---- C:\WINDOWS\system32\eappgnui.dll
2014-10-19 19:33:57 ----N---- C:\WINDOWS\system32\eapphost.dll
2014-10-19 19:33:48 ----N---- C:\WINDOWS\system32\eappprxy.dll
2014-10-19 19:33:38 ----N---- C:\WINDOWS\system32\eapsvc.dll
2014-10-19 19:33:38 ----N---- C:\WINDOWS\system32\eapqec.dll
2014-10-19 19:33:36 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2014-10-19 19:33:31 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2014-10-19 19:33:31 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2014-10-19 19:33:30 ----N---- C:\WINDOWS\system32\kbdpash.dll
2014-10-19 19:33:30 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2014-10-19 19:33:20 ----N---- C:\WINDOWS\system32\kmsvc.dll
2014-10-19 19:33:11 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2014-10-19 19:33:08 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2014-10-19 19:33:08 ----N---- C:\WINDOWS\system32\mmcex.dll
2014-10-19 19:33:08 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2014-10-19 19:33:08 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2014-10-19 19:33:07 ----N---- C:\WINDOWS\system32\mmcperf.exe
2014-10-19 19:32:57 ----N---- C:\WINDOWS\system32\mssha.dll
2014-10-19 19:32:56 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2014-10-19 19:32:55 ----N---- C:\WINDOWS\system32\napipsec.dll
2014-10-19 19:32:55 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2014-10-19 19:32:46 ----N---- C:\WINDOWS\system32\napmontr.dll
2014-10-19 19:32:45 ----N---- C:\WINDOWS\system32\napstat.exe
2014-10-19 19:32:42 ----N---- C:\WINDOWS\system32\onex.dll
2014-10-19 19:32:42 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2014-10-19 19:32:30 ----N---- C:\WINDOWS\system32\qagent.dll
2014-10-19 19:32:21 ----N---- C:\WINDOWS\system32\qagentrt.dll
2014-10-19 19:32:11 ----N---- C:\WINDOWS\system32\qcliprov.dll
2014-10-19 19:32:02 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2014-10-19 19:32:02 ----N---- C:\WINDOWS\system32\rasqec.dll
2014-10-19 19:32:02 ----N---- C:\WINDOWS\system32\qutil.dll
2014-10-19 19:32:01 ----N---- C:\WINDOWS\system32\s3gnb.dll
2014-10-19 19:32:00 ----N---- C:\WINDOWS\system32\slextspk.dll
2014-10-19 19:32:00 ----N---- C:\WINDOWS\system32\slcoinst.dll
2014-10-19 19:32:00 ----N---- C:\WINDOWS\system32\setupn.exe
2014-10-19 19:31:59 ----N---- C:\WINDOWS\system32\slserv.exe
2014-10-19 19:31:59 ----N---- C:\WINDOWS\system32\slrundll.exe
2014-10-19 19:31:59 ----N---- C:\WINDOWS\system32\slgen.dll
2014-10-19 19:31:57 ----N---- C:\WINDOWS\system32\verclsid.exe
2014-10-19 19:31:57 ----N---- C:\WINDOWS\system32\tspkg.dll
2014-10-19 19:31:57 ----N---- C:\WINDOWS\system32\tsgqec.dll
2014-10-19 19:31:45 ----N---- C:\WINDOWS\system32\wlanapi.dll
2014-10-19 19:31:41 ----N---- C:\WINDOWS\slrundll.exe
2014-10-19 19:31:38 ----D---- C:\WINDOWS\l2schemas
2014-10-19 19:31:37 ----D---- C:\WINDOWS\system32\cs
2014-10-19 19:31:36 ----D---- C:\WINDOWS\system32\bits
2014-10-19 19:11:55 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll
2014-10-19 19:11:55 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll
2014-10-19 19:11:55 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll
2014-10-19 19:11:55 ----D---- C:\WINDOWS\network diagnostic
2014-10-19 19:11:54 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys
2014-10-19 19:11:54 ----N---- C:\WINDOWS\system32\drivers\agp440.sys
2014-10-19 19:11:54 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll
2014-10-19 19:11:54 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll
2014-10-19 19:11:54 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll
2014-10-19 19:11:54 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll
2014-10-19 19:11:53 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2014-10-19 19:11:53 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys
2014-10-19 19:11:53 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2014-10-19 19:11:51 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2014-10-19 19:11:51 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2014-10-19 19:11:51 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2014-10-19 19:11:51 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2014-10-19 19:11:51 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2014-10-19 19:11:51 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2014-10-19 19:11:51 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2014-10-19 19:11:50 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll
2014-10-19 19:11:50 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll
2014-10-19 19:11:50 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll
2014-10-19 19:11:50 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2014-10-19 19:11:50 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2014-10-19 19:11:50 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2014-10-19 19:11:50 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2014-10-19 19:11:49 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys
2014-10-19 19:11:49 ----N---- C:\WINDOWS\system32\drivers\bthenum.sys
2014-10-19 19:11:49 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll
2014-10-19 19:11:49 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll
2014-10-19 19:11:48 ----N---- C:\WINDOWS\system32\drivers\bthpan.sys
2014-10-19 19:11:47 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2014-10-19 19:11:47 ----N---- C:\WINDOWS\system32\drivers\bthusb.sys
2014-10-19 19:11:47 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys
2014-10-19 19:11:46 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys
2014-10-19 19:11:46 ----N---- C:\WINDOWS\system32\drivers\gagp30kx.sys
2014-10-19 19:11:45 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2014-10-19 19:11:45 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2014-10-19 19:11:45 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2014-10-19 19:11:45 ----N---- C:\WINDOWS\system32\drivers\hidir.sys
2014-10-19 19:11:44 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2014-10-19 19:11:44 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2014-10-19 19:11:44 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2014-10-19 19:11:43 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2014-10-19 19:11:43 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys
2014-10-19 19:11:43 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2014-10-19 19:11:42 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2014-10-19 19:11:42 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys
2014-10-19 19:11:42 ----N---- C:\WINDOWS\system32\drivers\rfcomm.sys
2014-10-19 19:11:42 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2014-10-19 19:11:42 ----N---- C:\WINDOWS\system32\drivers\nv4_mini.sys
2014-10-19 19:11:41 ----N---- C:\WINDOWS\system32\drivers\siint5.dll
2014-10-19 19:11:41 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2014-10-19 19:11:40 ----N---- C:\WINDOWS\system32\drivers\smbali.sys
2014-10-19 19:11:40 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2014-10-19 19:11:40 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2014-10-19 19:11:40 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2014-10-19 19:11:40 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2014-10-19 19:11:40 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys
2014-10-19 19:11:39 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys
2014-10-19 19:11:39 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys
2014-10-19 19:11:38 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys
2014-10-19 19:11:38 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys
2014-10-19 19:11:38 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll
2014-10-19 19:11:37 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2014-10-19 19:11:37 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2014-10-19 19:11:37 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2014-10-19 19:11:37 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2014-10-19 19:11:37 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2014-10-19 19:11:37 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2014-10-19 19:00:06 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2014-10-19 10:41:14 ----D---- C:\firefox stažené
======List of files/folders modified in the last 1 month======
2014-10-25 20:27:59 ----D---- C:\WINDOWS\system32
2014-10-25 20:25:27 ----RD---- C:\Program Files
2014-10-25 20:24:37 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-10-25 20:22:30 ----SHD---- C:\WINDOWS\Installer
2014-10-25 20:21:22 ----D---- C:\WINDOWS
2014-10-25 20:16:00 ----D---- C:\WINDOWS\temp
2014-10-25 20:15:12 ----D---- C:\WINDOWS\system32\CatRoot2
2014-10-25 18:20:07 ----SD---- C:\WINDOWS\Tasks
2014-10-25 18:12:16 ----D---- C:\Documents and Settings\zakaznik\Data aplikací\uTorrent
2014-10-25 18:03:42 ----D---- C:\Program Files\Google
2014-10-25 10:59:38 ----D---- C:\WINDOWS\Debug
2014-10-25 10:56:18 ----D---- C:\Program Files\CCleaner
2014-10-25 10:45:03 ----SHD---- C:\System Volume Information
2014-10-25 10:45:03 ----D---- C:\WINDOWS\system32\Restore
2014-10-25 10:30:05 ----D---- C:\WINDOWS\Microsoft.NET
2014-10-25 10:22:52 ----D---- C:\WINDOWS\Minidump
2014-10-25 09:50:34 ----D---- C:\WINDOWS\system32\XPSViewer
2014-10-25 09:50:33 ----RSD---- C:\WINDOWS\Fonts
2014-10-25 09:50:10 ----HD---- C:\WINDOWS\inf
2014-10-25 09:49:48 ----D---- C:\WINDOWS\system32\CatRoot
2014-10-25 09:49:11 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-25 09:49:06 ----RSD---- C:\WINDOWS\assembly
2014-10-25 09:49:00 ----D---- C:\WINDOWS\WinSxS
2014-10-25 09:48:25 ----D---- C:\Program Files\Internet Explorer
2014-10-25 09:03:13 ----D---- C:\WINDOWS\system32\drivers
2014-10-25 08:33:50 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2014-10-25 07:37:33 ----D---- C:\WINDOWS\Help
2014-10-25 07:37:13 ----D---- C:\WINDOWS\system32\drivers\etc
2014-10-25 07:37:12 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-10-24 20:14:48 ----D---- C:\Program Files\Full Tilt Poker
2014-10-20 11:01:44 ----D---- C:\WINDOWS\system32\inetsrv
2014-10-19 22:02:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2014-10-19 21:02:11 ----D---- C:\WINDOWS\system32\Setup
2014-10-19 21:02:11 ----D---- C:\WINDOWS\AppPatch
2014-10-19 21:02:10 ----D---- C:\WINDOWS\system32\wbem
2014-10-19 21:01:21 ----D---- C:\WINDOWS\security
2014-10-19 20:39:34 ----D---- C:\Program Files\Outlook Express
2014-10-19 20:32:10 ----D---- C:\Program Files\Movie Maker
2014-10-19 19:43:46 ----D---- C:\Program Files\Messenger
2014-10-19 19:35:28 ----D---- C:\WINDOWS\ehome
2014-10-19 19:35:21 ----D---- C:\WINDOWS\ime
2014-10-19 19:31:41 ----D---- C:\WINDOWS\system32\usmt
2014-10-19 19:31:41 ----D---- C:\WINDOWS\system32\cs-cz
2014-10-19 19:31:36 ----D---- C:\WINDOWS\PeerNet
2014-10-19 19:18:10 ----D---- C:\WINDOWS\ServicePackFiles
2014-10-19 19:17:47 ----D---- C:\WINDOWS\system32\npp
2014-10-19 19:17:46 ----D---- C:\WINDOWS\msagent
2014-10-19 19:17:40 ----D---- C:\WINDOWS\srchasst
2014-10-19 19:17:33 ----D---- C:\Program Files\NetMeeting
2014-10-19 19:17:27 ----D---- C:\WINDOWS\system32\Com
2014-10-19 19:17:22 ----D---- C:\Program Files\Windows Media Player
2014-10-19 19:17:13 ----D---- C:\Program Files\Common Files\System
2014-10-19 19:16:23 ----D---- C:\WINDOWS\system32\oobe
2014-10-19 19:16:18 ----D---- C:\WINDOWS\system
2014-10-19 19:05:54 ----D---- C:\WINDOWS\system32\ReinstallBackups
2014-10-19 18:53:50 ----D---- C:\WINDOWS\system32\NtmsData
2014-10-19 18:46:36 ----D---- C:\WINDOWS\repair
2014-10-19 18:46:25 ----D---- C:\WINDOWS\Registration
2014-10-19 12:28:25 ----A---- C:\WINDOWS\WININIT.INI
2014-10-18 10:57:13 ----RD---- C:\Person
2014-10-18 10:18:49 ----D---- C:\Ségra
2014-10-11 08:29:31 ----D---- C:\Program Files\PokerStars
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 avc3;avc3; C:\WINDOWS\system32\DRIVERS\avc3.sys [2013-04-17 633344]
R0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [2005-04-30 28271]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-10-21 721904]
R0 trufos;trufos; C:\WINDOWS\system32\DRIVERS\trufos.sys [2013-05-28 355744]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 bdftdif;bdftdif; \??\C:\Program Files\Bitdefender\Antivirus Free Edition\bdftdif.sys []
R1 bdselfpr;bdselfpr; \??\C:\Program Files\Bitdefender\Antivirus Free Edition\bdselfpr.sys []
R1 gzflt;gzflt; C:\WINDOWS\system32\DRIVERS\gzflt.sys [2013-04-22 164952]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 null_flt;null_flt; \??\C:\WINDOWS\System32\Drivers\null_flt.sys []
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-02-26 3565568]
R3 avckf;avckf; C:\WINDOWS\system32\DRIVERS\avckf.sys [2013-04-17 486536]
R3 avchv;avchv Function Driver; C:\WINDOWS\system32\DRIVERS\avchv.sys [2012-11-02 242504]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-05-22 5082624]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 aqzoy104;aqzoy104; C:\WINDOWS\system32\drivers\aqzoy104.sys []
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2005-05-31 20480]
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2005-04-30 10804]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-05-31 23000]
S3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-04-30 11860]
S3 BTNetFilter;Bluetooth Network Filter; \??\C:\WINDOWS\system32\drivers\BTNetFilter.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys []
S3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2008-12-18 20240]
S3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2008-12-18 63248]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-12-18 35472]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-12-18 37392]
S3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2008-12-18 79248]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2008-12-18 28816]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver; C:\WINDOWS\System32\Drivers\nx6000.sys [2010-05-20 30576]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2005-03-25 82148]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-02-25 602112]
R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2007-01-31 96370]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2010-11-15 217088]
R2 gzserv;Bitdefender Antivirus Free Edition; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [2013-10-23 57520]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2010-05-20 139632]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-02-25 593920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 wmcmgc;Windows Management Configuration; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-17 651720]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
) Žádné další nebyly.
Log:
Logfile of random's system information tool 1.10 (written by random/random)
Run by zakaznik at 2014-10-25 20:29:24
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 26 GB (17%) free of 153 GB
Total RAM: 1022 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:29:47, on 25.10.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17055)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Documents and Settings\zakaznik\Plocha\firefox stažené\RSIT.exe
C:\Program Files\trend micro\zakaznik.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = ${SEARCH_URL_IE7}
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Bitdefender Antivirus Free Edition (gzserv) - Bitdefender - C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
--
End of file - 4985 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\8659b09c-dda9-42d0-85f4-34019f78e5f1-4.job - C:\Program Files\TheTorntv V10\8659b09c-dda9-42d0-85f4-34019f78e5f1-4.exe /rawdata=QERZplAtCVLgr5ki7WqZFmjTMxEeUG3Oy3XbuGd8vQzdVByT3uO8297FHi1LSpOASmWZRL4dPVGSMGLGs2pQMAnwrEzu4MPdS4WDJA64csfULf1x1mQQoEZpfDh94LpbuXPprDkY0g4QNZCj1klNhOGaCWgZVGJ7soRpaX/6h7BUstqG4l8bAhL6C4ozm4H1iwDy4hCkGU0brM9k+c8N7Z5aeKI/eBBeYWQ52b2S1CCbf82Rn907xhhdsV7OJ3cnGHgSwzgHwTh+bBObRe5EX1WCwZV8pizb09hg2cXbfGCN7W6RjfLwh08znNRKDR8SHnKKtZ/WUw1vlSwiw41MWjXvxe62G3Ju5yqcQrKn1IxJNZjIEgxmR+jsg4twzMoheJzeS3h1EWYo5KD64bx4rA1kzapXQlJyZr6LkQR045Eno9ZH2iLo8/aSK8u+DRqCpfn/0ZOM3J42t37uCfkkU1fUfQTmwj8VMjMrmlBlvIziYFd8DcJoZ0acUbEX4b0WIB2JAIdqZX9GBxiBOHQuWXGC6ELN7DGhDA3jV8WvwF96HxXA0XPLGgrZwukAAluqWlVtNnldnX+DZ1lf1Q1bm5sb5u0XbGi2CYqcYXf5295r8hGhfSXJodYzb4mwNxStgY2pm70bdWSuDzz06yprBGenl7OF47DIl1RY+XYJrV67s8Dav1yFbiFMEOYYWq3XSUFOlr2ZXd3Y40u40AprBJnIYCyYsGB+94WU5ygkqiwU6SDG0D95GAOsRxyR9wso+Z/xoFSqObquZ6v+lW9wwyNcGcZnQX8my8oTIly+iqkf2zWJhYJoXsOeg929m2qp94Cb+zZv0PN40k/WLfFdxnJyeE4TIicvgEzb87+Zem9XyRDHppW2vfJU02cMPQplOc0xsyAofQtPETIVLVj8ZPalf3saOhwTrtAlldPD/UzwZnUCAy2FeLrZitFX4UvyLno6rgURRXMWYFfpWKQrVhGzLpLPe4hZJZhODu165XEZBUBw5VOhPr/v/0o3V3QZt4OIJowXLEG6/MhcluMpGRNTqQriAZHltfQ9uk7pQRN4bQBemtD9b0PD9vsl7pndqaRhQp7+b7L2YIxZ6hZvKLtLLO/bsE5oqNwAohgmcxC4Ry7HG90RsjiWMYvV1hlg4eI/eQJ0EGDAXk0zLs814bgukEUk8rIboxCaJ2UjXWqp9vhRhiu6eVxq4LvTpbziEg+2KSCyfnLmarHzUurkIok93AWny4VmphyqsY8l/DJs87UYUVreITVj1Y4Asjk2zsGL7ENdtAfrnmbsHp6rpq+OcGZK80FV4s8CCugCp0fzorlfsFEjW01AJvXBxEKyU1faZ0Wtf9nin8Gnx0pvZS8IM0dRaF5b6RTR5BmUUv7n3trZqfGVMLl+K9s/zFIzELOyeVFmlz2RpX0rQUJDCgx92FKIz4G4IDCpKYUBFYs1GiPtcPIU0tLLvr+Vs7dIbosd4Z38UXnCR98mRhxnboSLuEh02xvs0fY0L/cRrrW/ypNcnfCkRCHD+mjuajNrF8Dbi8K4gFH8ifP3uziXOlNDL1W832BLmzUBlWv3idYgtwOOR4Prv5B/z6h1Jk7molNe3z89R6rsxXfv/AmLDrYyFAJyzxUnH0Nf+odhNHRb5+e1c/fgaymayOmNeEDy6BPkkERzDM1A5vHd3FpvW0BxVO6X5xPxTVZmJGCHFxGCvxFi4G18i967QAAii7S47oQP8pJhGF5o1zmoAi6NKfFg3ezUvbZWlSb8d4LEgZgV9bl+bZHMxU2hIDDZdEyc0c0p21rpeEw/lsL0zQtgR8BbT5vVPcIIaPD2Tx5WIIgHS4WBZLBlJQzy1S+WicXi7j4YHZqK4g+XuFMkrYVDNx0X49u4/mfQEu1win62RQA8utGZs93PTn1hj772IbeFF49qmz5NF0vqe/YKLaNemOejBaiLIzPYosGR7rgX0ltduj8rOGNR4blvYK/AwmluwxWIyJc9RzQLHI1RZ8m2Pa+iP2P9NoaCEE4MH6dDLJp5i3IPMs98Y9hFaSeV7x0a
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.64 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pages.tvunetworks.com/WebPlayer]
"Description"=TVU Web Player Plugin
"Path"=C:\Program Files\TVUPlayer\npTVUAx.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll
C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default\searchplugins\
doplky-pro-firefox.xml
google-esk-republika---pouze-esky.xml
google-esk-republika.xml
google-peklada.xml
google-us.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-05-21 17881600]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-02-25 61440]
"LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2010-05-20 119152]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2014-10-23 4825880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-02-25 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Microsoft LifeCam\LifeCam.exe"="C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe"
"C:\Program Files\Microsoft LifeCam\LifeEnC2.exe"="C:\Program Files\Microsoft LifeCam\LifeEnC2.exe:*:Enabled:LifeEnC2.exe"
"C:\Program Files\Microsoft LifeCam\LifeExp.exe"="C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe"
"C:\Program Files\Microsoft LifeCam\LifeTray.exe"="C:\Program Files\Microsoft LifeCam\LifeTray.exe:*:Enabled:LifeTray.exe"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Steam\steamapps\poorfox\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\poorfox\counter-strike\hl.exe:*:Enabled:Counter-Strike"
"C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe"="C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe:*:Enabled:Opera Internet Browser - Plugin wrapper"
"C:\Documents and Settings\zakaznik\Plocha\uTorrent.exe"="C:\Documents and Settings\zakaznik\Plocha\uTorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\zakaznik\Data aplikací\uTorrent\uTorrent.exe"="C:\Documents and Settings\zakaznik\Data aplikací\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe"="C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe:*:Enabled:True Vector"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe"="C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe:*:Enabled:True Vector"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2014-10-25 20:29:24 ----D---- C:\rsit
2014-10-25 20:22:11 ----SHD---- C:\Config.Msi
2014-10-25 19:42:16 ----D---- C:\AdwCleaner
2014-10-25 11:09:26 ----D---- C:\Program Files\Defraggler
2014-10-25 10:13:06 ----D---- C:\FOTO
2014-10-25 09:49:31 ----D---- C:\bdb71480e446a48e8f87aeb01079
2014-10-25 09:36:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\CheckPoint
2014-10-25 09:02:57 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2014-10-25 09:02:50 ----A---- C:\WINDOWS\system32\WdfCoInstaller01009.dll
2014-10-25 09:02:46 ----A---- C:\WINDOWS\system32\drivers\avchv.sys
2014-10-25 09:02:46 ----A---- C:\WINDOWS\system32\drivers\avckf.sys
2014-10-25 09:02:46 ----A---- C:\WINDOWS\system32\drivers\avc3.sys
2014-10-25 09:01:32 ----A---- C:\Report 2014-10-25 09.01.32.txt
2014-10-25 09:01:10 ----D---- C:\Documents and Settings\zakaznik\Data aplikací\QuickScan
2014-10-25 09:00:58 ----D---- C:\Program Files\Bitdefender
2014-10-25 09:00:40 ----A---- C:\WINDOWS\system32\drivers\trufos.sys
2014-10-25 09:00:40 ----A---- C:\WINDOWS\system32\drivers\gzflt.sys
2014-10-24 17:29:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2014-10-19 21:09:50 ----D---- C:\Program Files\trend micro
2014-10-19 21:02:44 ----D---- C:\WINDOWS\Prefetch
2014-10-19 20:51:41 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2014-10-19 20:50:08 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2014-10-19 20:48:07 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2014-10-19 20:46:31 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2014-10-19 20:44:55 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2014-10-19 20:43:21 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2014-10-19 20:41:46 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2014-10-19 20:40:12 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2014-10-19 20:38:42 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2014-10-19 20:37:13 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2014-10-19 20:35:48 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2014-10-19 20:34:23 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2014-10-19 20:33:23 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2014-10-19 20:32:28 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2014-10-19 20:31:35 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2014-10-19 20:30:38 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2014-10-19 20:29:45 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2014-10-19 20:28:51 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2014-10-19 20:27:59 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2014-10-19 20:27:01 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2014-10-19 20:26:11 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2014-10-19 20:25:17 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2014-10-19 20:24:20 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2014-10-19 20:23:27 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2014-10-19 20:22:33 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2014-10-19 20:21:35 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2014-10-19 20:20:39 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2014-10-19 20:19:45 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2014-10-19 20:18:46 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2014-10-19 20:17:51 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2014-10-19 20:16:53 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2014-10-19 20:15:59 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2014-10-19 20:14:45 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2014-10-19 20:13:48 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2014-10-19 20:12:53 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2014-10-19 20:12:00 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2014-10-19 20:11:01 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2014-10-19 20:10:03 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2014-10-19 20:09:01 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2014-10-19 20:08:00 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2014-10-19 20:07:00 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2014-10-19 20:06:00 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
2014-10-19 20:04:50 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2014-10-19 20:03:52 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2014-10-19 20:02:54 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2014-10-19 20:01:55 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2014-10-19 20:00:57 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2014-10-19 20:00:02 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2014-10-19 19:59:05 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2014-10-19 19:58:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2014-10-19 19:57:12 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2014-10-19 19:56:15 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2014-10-19 19:54:53 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2014-10-19 19:53:55 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2014-10-19 19:52:56 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
2014-10-19 19:52:02 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2014-10-19 19:51:05 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2014-10-19 19:50:06 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2014-10-19 19:48:59 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2014-10-19 19:47:59 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2014-10-19 19:47:00 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2014-10-19 19:46:00 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2014-10-19 19:45:00 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2014-10-19 19:44:03 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2014-10-19 19:43:06 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2014-10-19 19:42:07 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2014-10-19 19:41:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2014-10-19 19:35:26 ----N---- C:\WINDOWS\system32\drivers\irbus.sys
2014-10-19 19:35:25 ----N---- C:\WINDOWS\system32\comsdupd.exe
2014-10-19 19:35:19 ----N---- C:\WINDOWS\system32\aaclient.dll
2014-10-19 19:35:18 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2014-10-19 19:35:18 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2014-10-19 19:35:17 ----N---- C:\WINDOWS\system32\azroles.dll
2014-10-19 19:35:17 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2014-10-19 19:35:16 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2014-10-19 19:35:15 ----N---- C:\WINDOWS\system32\credssp.dll
2014-10-19 19:35:04 ----N---- C:\WINDOWS\system32\dimsroam.dll
2014-10-19 19:35:04 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2014-10-19 19:35:04 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2014-10-19 19:35:03 ----N---- C:\WINDOWS\system32\dot3api.dll
2014-10-19 19:34:54 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2014-10-19 19:34:54 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2014-10-19 19:34:45 ----N---- C:\WINDOWS\system32\dot3msm.dll
2014-10-19 19:34:45 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2014-10-19 19:34:35 ----N---- C:\WINDOWS\system32\dot3ui.dll
2014-10-19 19:34:35 ----N---- C:\WINDOWS\system32\dot3svc.dll
2014-10-19 19:34:34 ----N---- C:\WINDOWS\system32\eapolqec.dll
2014-10-19 19:34:24 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2014-10-19 19:34:15 ----N---- C:\WINDOWS\system32\eappcfg.dll
2014-10-19 19:34:06 ----N---- C:\WINDOWS\system32\eappgnui.dll
2014-10-19 19:33:57 ----N---- C:\WINDOWS\system32\eapphost.dll
2014-10-19 19:33:48 ----N---- C:\WINDOWS\system32\eappprxy.dll
2014-10-19 19:33:38 ----N---- C:\WINDOWS\system32\eapsvc.dll
2014-10-19 19:33:38 ----N---- C:\WINDOWS\system32\eapqec.dll
2014-10-19 19:33:36 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2014-10-19 19:33:31 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2014-10-19 19:33:31 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2014-10-19 19:33:30 ----N---- C:\WINDOWS\system32\kbdpash.dll
2014-10-19 19:33:30 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2014-10-19 19:33:20 ----N---- C:\WINDOWS\system32\kmsvc.dll
2014-10-19 19:33:11 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2014-10-19 19:33:08 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2014-10-19 19:33:08 ----N---- C:\WINDOWS\system32\mmcex.dll
2014-10-19 19:33:08 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2014-10-19 19:33:08 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2014-10-19 19:33:07 ----N---- C:\WINDOWS\system32\mmcperf.exe
2014-10-19 19:32:57 ----N---- C:\WINDOWS\system32\mssha.dll
2014-10-19 19:32:56 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2014-10-19 19:32:55 ----N---- C:\WINDOWS\system32\napipsec.dll
2014-10-19 19:32:55 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2014-10-19 19:32:46 ----N---- C:\WINDOWS\system32\napmontr.dll
2014-10-19 19:32:45 ----N---- C:\WINDOWS\system32\napstat.exe
2014-10-19 19:32:42 ----N---- C:\WINDOWS\system32\onex.dll
2014-10-19 19:32:42 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2014-10-19 19:32:30 ----N---- C:\WINDOWS\system32\qagent.dll
2014-10-19 19:32:21 ----N---- C:\WINDOWS\system32\qagentrt.dll
2014-10-19 19:32:11 ----N---- C:\WINDOWS\system32\qcliprov.dll
2014-10-19 19:32:02 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2014-10-19 19:32:02 ----N---- C:\WINDOWS\system32\rasqec.dll
2014-10-19 19:32:02 ----N---- C:\WINDOWS\system32\qutil.dll
2014-10-19 19:32:01 ----N---- C:\WINDOWS\system32\s3gnb.dll
2014-10-19 19:32:00 ----N---- C:\WINDOWS\system32\slextspk.dll
2014-10-19 19:32:00 ----N---- C:\WINDOWS\system32\slcoinst.dll
2014-10-19 19:32:00 ----N---- C:\WINDOWS\system32\setupn.exe
2014-10-19 19:31:59 ----N---- C:\WINDOWS\system32\slserv.exe
2014-10-19 19:31:59 ----N---- C:\WINDOWS\system32\slrundll.exe
2014-10-19 19:31:59 ----N---- C:\WINDOWS\system32\slgen.dll
2014-10-19 19:31:57 ----N---- C:\WINDOWS\system32\verclsid.exe
2014-10-19 19:31:57 ----N---- C:\WINDOWS\system32\tspkg.dll
2014-10-19 19:31:57 ----N---- C:\WINDOWS\system32\tsgqec.dll
2014-10-19 19:31:45 ----N---- C:\WINDOWS\system32\wlanapi.dll
2014-10-19 19:31:41 ----N---- C:\WINDOWS\slrundll.exe
2014-10-19 19:31:38 ----D---- C:\WINDOWS\l2schemas
2014-10-19 19:31:37 ----D---- C:\WINDOWS\system32\cs
2014-10-19 19:31:36 ----D---- C:\WINDOWS\system32\bits
2014-10-19 19:11:55 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll
2014-10-19 19:11:55 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll
2014-10-19 19:11:55 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll
2014-10-19 19:11:55 ----D---- C:\WINDOWS\network diagnostic
2014-10-19 19:11:54 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys
2014-10-19 19:11:54 ----N---- C:\WINDOWS\system32\drivers\agp440.sys
2014-10-19 19:11:54 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll
2014-10-19 19:11:54 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll
2014-10-19 19:11:54 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll
2014-10-19 19:11:54 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll
2014-10-19 19:11:53 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2014-10-19 19:11:53 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys
2014-10-19 19:11:53 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2014-10-19 19:11:51 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2014-10-19 19:11:51 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2014-10-19 19:11:51 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2014-10-19 19:11:51 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2014-10-19 19:11:51 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2014-10-19 19:11:51 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2014-10-19 19:11:51 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2014-10-19 19:11:50 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll
2014-10-19 19:11:50 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll
2014-10-19 19:11:50 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll
2014-10-19 19:11:50 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2014-10-19 19:11:50 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2014-10-19 19:11:50 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2014-10-19 19:11:50 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2014-10-19 19:11:49 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys
2014-10-19 19:11:49 ----N---- C:\WINDOWS\system32\drivers\bthenum.sys
2014-10-19 19:11:49 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll
2014-10-19 19:11:49 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll
2014-10-19 19:11:48 ----N---- C:\WINDOWS\system32\drivers\bthpan.sys
2014-10-19 19:11:47 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2014-10-19 19:11:47 ----N---- C:\WINDOWS\system32\drivers\bthusb.sys
2014-10-19 19:11:47 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys
2014-10-19 19:11:46 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys
2014-10-19 19:11:46 ----N---- C:\WINDOWS\system32\drivers\gagp30kx.sys
2014-10-19 19:11:45 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2014-10-19 19:11:45 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2014-10-19 19:11:45 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2014-10-19 19:11:45 ----N---- C:\WINDOWS\system32\drivers\hidir.sys
2014-10-19 19:11:44 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2014-10-19 19:11:44 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2014-10-19 19:11:44 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2014-10-19 19:11:43 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2014-10-19 19:11:43 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys
2014-10-19 19:11:43 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2014-10-19 19:11:42 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2014-10-19 19:11:42 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys
2014-10-19 19:11:42 ----N---- C:\WINDOWS\system32\drivers\rfcomm.sys
2014-10-19 19:11:42 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2014-10-19 19:11:42 ----N---- C:\WINDOWS\system32\drivers\nv4_mini.sys
2014-10-19 19:11:41 ----N---- C:\WINDOWS\system32\drivers\siint5.dll
2014-10-19 19:11:41 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2014-10-19 19:11:40 ----N---- C:\WINDOWS\system32\drivers\smbali.sys
2014-10-19 19:11:40 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2014-10-19 19:11:40 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2014-10-19 19:11:40 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2014-10-19 19:11:40 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2014-10-19 19:11:40 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys
2014-10-19 19:11:39 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys
2014-10-19 19:11:39 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys
2014-10-19 19:11:38 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys
2014-10-19 19:11:38 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys
2014-10-19 19:11:38 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll
2014-10-19 19:11:37 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2014-10-19 19:11:37 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2014-10-19 19:11:37 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2014-10-19 19:11:37 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2014-10-19 19:11:37 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2014-10-19 19:11:37 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2014-10-19 19:00:06 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2014-10-19 10:41:14 ----D---- C:\firefox stažené
======List of files/folders modified in the last 1 month======
2014-10-25 20:27:59 ----D---- C:\WINDOWS\system32
2014-10-25 20:25:27 ----RD---- C:\Program Files
2014-10-25 20:24:37 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-10-25 20:22:30 ----SHD---- C:\WINDOWS\Installer
2014-10-25 20:21:22 ----D---- C:\WINDOWS
2014-10-25 20:16:00 ----D---- C:\WINDOWS\temp
2014-10-25 20:15:12 ----D---- C:\WINDOWS\system32\CatRoot2
2014-10-25 18:20:07 ----SD---- C:\WINDOWS\Tasks
2014-10-25 18:12:16 ----D---- C:\Documents and Settings\zakaznik\Data aplikací\uTorrent
2014-10-25 18:03:42 ----D---- C:\Program Files\Google
2014-10-25 10:59:38 ----D---- C:\WINDOWS\Debug
2014-10-25 10:56:18 ----D---- C:\Program Files\CCleaner
2014-10-25 10:45:03 ----SHD---- C:\System Volume Information
2014-10-25 10:45:03 ----D---- C:\WINDOWS\system32\Restore
2014-10-25 10:30:05 ----D---- C:\WINDOWS\Microsoft.NET
2014-10-25 10:22:52 ----D---- C:\WINDOWS\Minidump
2014-10-25 09:50:34 ----D---- C:\WINDOWS\system32\XPSViewer
2014-10-25 09:50:33 ----RSD---- C:\WINDOWS\Fonts
2014-10-25 09:50:10 ----HD---- C:\WINDOWS\inf
2014-10-25 09:49:48 ----D---- C:\WINDOWS\system32\CatRoot
2014-10-25 09:49:11 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-25 09:49:06 ----RSD---- C:\WINDOWS\assembly
2014-10-25 09:49:00 ----D---- C:\WINDOWS\WinSxS
2014-10-25 09:48:25 ----D---- C:\Program Files\Internet Explorer
2014-10-25 09:03:13 ----D---- C:\WINDOWS\system32\drivers
2014-10-25 08:33:50 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2014-10-25 07:37:33 ----D---- C:\WINDOWS\Help
2014-10-25 07:37:13 ----D---- C:\WINDOWS\system32\drivers\etc
2014-10-25 07:37:12 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-10-24 20:14:48 ----D---- C:\Program Files\Full Tilt Poker
2014-10-20 11:01:44 ----D---- C:\WINDOWS\system32\inetsrv
2014-10-19 22:02:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2014-10-19 21:02:11 ----D---- C:\WINDOWS\system32\Setup
2014-10-19 21:02:11 ----D---- C:\WINDOWS\AppPatch
2014-10-19 21:02:10 ----D---- C:\WINDOWS\system32\wbem
2014-10-19 21:01:21 ----D---- C:\WINDOWS\security
2014-10-19 20:39:34 ----D---- C:\Program Files\Outlook Express
2014-10-19 20:32:10 ----D---- C:\Program Files\Movie Maker
2014-10-19 19:43:46 ----D---- C:\Program Files\Messenger
2014-10-19 19:35:28 ----D---- C:\WINDOWS\ehome
2014-10-19 19:35:21 ----D---- C:\WINDOWS\ime
2014-10-19 19:31:41 ----D---- C:\WINDOWS\system32\usmt
2014-10-19 19:31:41 ----D---- C:\WINDOWS\system32\cs-cz
2014-10-19 19:31:36 ----D---- C:\WINDOWS\PeerNet
2014-10-19 19:18:10 ----D---- C:\WINDOWS\ServicePackFiles
2014-10-19 19:17:47 ----D---- C:\WINDOWS\system32\npp
2014-10-19 19:17:46 ----D---- C:\WINDOWS\msagent
2014-10-19 19:17:40 ----D---- C:\WINDOWS\srchasst
2014-10-19 19:17:33 ----D---- C:\Program Files\NetMeeting
2014-10-19 19:17:27 ----D---- C:\WINDOWS\system32\Com
2014-10-19 19:17:22 ----D---- C:\Program Files\Windows Media Player
2014-10-19 19:17:13 ----D---- C:\Program Files\Common Files\System
2014-10-19 19:16:23 ----D---- C:\WINDOWS\system32\oobe
2014-10-19 19:16:18 ----D---- C:\WINDOWS\system
2014-10-19 19:05:54 ----D---- C:\WINDOWS\system32\ReinstallBackups
2014-10-19 18:53:50 ----D---- C:\WINDOWS\system32\NtmsData
2014-10-19 18:46:36 ----D---- C:\WINDOWS\repair
2014-10-19 18:46:25 ----D---- C:\WINDOWS\Registration
2014-10-19 12:28:25 ----A---- C:\WINDOWS\WININIT.INI
2014-10-18 10:57:13 ----RD---- C:\Person
2014-10-18 10:18:49 ----D---- C:\Ségra
2014-10-11 08:29:31 ----D---- C:\Program Files\PokerStars
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 avc3;avc3; C:\WINDOWS\system32\DRIVERS\avc3.sys [2013-04-17 633344]
R0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [2005-04-30 28271]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-10-21 721904]
R0 trufos;trufos; C:\WINDOWS\system32\DRIVERS\trufos.sys [2013-05-28 355744]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 bdftdif;bdftdif; \??\C:\Program Files\Bitdefender\Antivirus Free Edition\bdftdif.sys []
R1 bdselfpr;bdselfpr; \??\C:\Program Files\Bitdefender\Antivirus Free Edition\bdselfpr.sys []
R1 gzflt;gzflt; C:\WINDOWS\system32\DRIVERS\gzflt.sys [2013-04-22 164952]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 null_flt;null_flt; \??\C:\WINDOWS\System32\Drivers\null_flt.sys []
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-02-26 3565568]
R3 avckf;avckf; C:\WINDOWS\system32\DRIVERS\avckf.sys [2013-04-17 486536]
R3 avchv;avchv Function Driver; C:\WINDOWS\system32\DRIVERS\avchv.sys [2012-11-02 242504]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-05-22 5082624]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 aqzoy104;aqzoy104; C:\WINDOWS\system32\drivers\aqzoy104.sys []
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2005-05-31 20480]
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2005-04-30 10804]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-05-31 23000]
S3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-04-30 11860]
S3 BTNetFilter;Bluetooth Network Filter; \??\C:\WINDOWS\system32\drivers\BTNetFilter.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys []
S3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2008-12-18 20240]
S3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2008-12-18 63248]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-12-18 35472]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-12-18 37392]
S3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2008-12-18 79248]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2008-12-18 28816]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver; C:\WINDOWS\System32\Drivers\nx6000.sys [2010-05-20 30576]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2005-03-25 82148]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-02-25 602112]
R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2007-01-31 96370]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2010-11-15 217088]
R2 gzserv;Bitdefender Antivirus Free Edition; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [2013-10-23 57520]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2010-05-20 139632]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-02-25 593920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 wmcmgc;Windows Management Configuration; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-17 651720]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Re: prosím o kontrolu
Jsou tam zbytky...
Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe , ulozte nejlepe na plochu a spustte.
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem commands)
Kliknete na MoveIt a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)
Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe , ulozte nejlepe na plochu a spustte.Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem commands)
Kód: Vybrat vše
:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]
:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\WINDOWS\tasks\8659b09c-dda9-42d0-85f4-34019f78e5f1-4.job
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineCore.job
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineUA.job
C:\Program Files\TheTorntv V10
C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=-
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
casablancass
- Návštěvník
- Příspěvky: 51
- Registrován: 04 črc 2012 15:06
Re: prosím o kontrolu
Na ploše se mi po restartu objevilo pár dokumentů Microsoft Office, které jsem přesunul do koše.
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: zakaznik
->Temp folder emptied: 6013278 bytes
->Temporary Internet Files folder emptied: 669455 bytes
->FireFox cache emptied: 26617593 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 925 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 25258 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 2662585620 bytes
Total Files Cleaned = 2 571,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: LocalService
User: NetworkService
User: zakaznik
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
Restore point Set: OTM Restore Point
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\8659b09c-dda9-42d0-85f4-34019f78e5f1-4.job moved successfully.
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineUA.job moved successfully.
File/Folder C:\Program Files\TheTorntv V10 not found.
C:\Documents and Settings\All Users\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware\Logs folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Malwarebytes folder moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring deleted successfully.
OTM by OldTimer - Version 3.1.21.0 log created on 10262014_053301
Files moved on Reboot...
File move failed. C:\Documents and Settings\zakaznik\Local Settings\Temp\gziface1.log scheduled to be moved on reboot.
Registry entries deleted on Reboot...
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: zakaznik
->Temp folder emptied: 6013278 bytes
->Temporary Internet Files folder emptied: 669455 bytes
->FireFox cache emptied: 26617593 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 925 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 25258 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 2662585620 bytes
Total Files Cleaned = 2 571,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: LocalService
User: NetworkService
User: zakaznik
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
Restore point Set: OTM Restore Point
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\8659b09c-dda9-42d0-85f4-34019f78e5f1-4.job moved successfully.
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineUA.job moved successfully.
File/Folder C:\Program Files\TheTorntv V10 not found.
C:\Documents and Settings\All Users\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware\Logs folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Malwarebytes folder moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring deleted successfully.
OTM by OldTimer - Version 3.1.21.0 log created on 10262014_053301
Files moved on Reboot...
File move failed. C:\Documents and Settings\zakaznik\Local Settings\Temp\gziface1.log scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Přispějete na provoz fóra?