prosím o preventivní kontrolu

Zpráva

petouf · #1 Příspěvek od **petouf** » 25 dub 2012 12:45

prosím o preventivní kontrolu, asi tam nic nebude, ale PC se mi poslední dobou seká a zpomaluje... :-/
Dík, přeju pěkný den!

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:41:08, on 25.4.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ConMet\ConMet.exe
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Seznam.cz\postak.exe
C:\Program Files\Kalendar\kalendar.exe
C:\Program Files\System Explorer\SystemExplorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\System Explorer\service\SystemExplorerService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Optimization Client\bmctl.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrator\Plocha\údržba PC\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.3.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ConMet] C:\Program Files\ConMet\ConMet.exe
O4 - HKLM\..\Run: [MobileBroadband] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\postak.exe" -s
O4 - HKCU\..\Run: [Kalendar] C:\Program Files\Kalendar\kalendar.exe
O4 - HKCU\..\Run: [SystemExplorerAutoStart] "C:\Program Files\System Explorer\SystemExplorer.exe" /TRAY
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: SystemExplorerDisabled
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files\System Explorer\service\SystemExplorerService.exe
O23 - Service: Vodafone Mobile Connect Service (VmbService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe

--
End of file - 6706 bytes

#2 Příspěvek od **Márty84** » 25 dub 2012 17:23

Zdravim

Najdete tento soubor C:\Documents and Settings\Administrator\Plocha\údržba PC\hijackthis.exe a spustte ho.
Kliknete na Main menu a na Do a system scan only
U techto radku dejte vlevo zatrzitko

Kód: Vybrat vše

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

Kliknete na nápis Fix checked , potvrdte a restartujte pc.

Pokud to nepomuze, dejte mi sem log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=105895
Je podrobnejsi nez HJT a uz dlouhou dobu se zde pouziva jako vstupni skener!

petouf · #3 Příspěvek od **petouf** » 27 dub 2012 11:47

Dík, nijak moc to nepomohlo, tak ještě log z RSIT.
Ten jsem uložil na http://ulozto.cz/xr1Yk6s/log26-4-txt
Pokud něco objevíte, dejte mi pls. vědět.
Dík, přeji prima den!

#4 Příspěvek od **Márty84** » 27 dub 2012 15:08

Ja si ho sem vlozim, aby se mi to lepe lustilo.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2012-04-26 11:01:39
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 3 GB (16%) free of 20 GB
Total RAM: 503 MB (12% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:02:02, on 26.4.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ConMet\ConMet.exe
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Seznam.cz\postak.exe
C:\Program Files\Kalendar\kalendar.exe
C:\Program Files\System Explorer\SystemExplorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\System Explorer\service\SystemExplorerService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Optimization Client\bmctl.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Administrator\Plocha\údržba PC\RSIT.exe
C:\Program Files\trend micro\Administrator.exe
C:\Program Files\Ask.com\UpdateTask.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.3.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ConMet] C:\Program Files\ConMet\ConMet.exe
O4 - HKLM\..\Run: [MobileBroadband] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\postak.exe" -s
O4 - HKCU\..\Run: [Kalendar] C:\Program Files\Kalendar\kalendar.exe
O4 - HKCU\..\Run: [SystemExplorerAutoStart] "C:\Program Files\System Explorer\SystemExplorer.exe" /TRAY
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: SystemExplorerDisabled
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files\System Explorer\service\SystemExplorerService.exe
O23 - Service: Vodafone Mobile Connect Service (VmbService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe

--
End of file - 6299 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\k9ukgxjv.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"ff-bmboc@bytemobile.com"=C:\Program Files\Vodafone\Vodafone Mobile Broadband\Optimization Client\addon\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.233 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@parallelgraphics.com/Cortona]
"Description"=Cortona VRML Plugin
"Path"=C:\Program Files\Common Files\ParallelGraphics\Cortona\npCortona.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
npCortona.xpt

C:\Program Files\Mozilla Firefox\plugins\
npCortona.dll
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\k9ukgxjv.default\extensions\
toolbar@ask.com
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-15 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-11-15 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Program Files\Seznam.cz\core.3.dll [2011-05-25 1145888]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2004-07-01 155648]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2004-07-01 118784]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-02-23 4031368]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2011-10-07 1387288]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
"ConMet"=C:\Program Files\ConMet\ConMet.exe [2012-04-13 4706816]
""= []
"MobileBroadband"=C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [2011-07-14 279552]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"=C:\Program Files\Seznam.cz\postak.exe [2011-05-25 491040]
"Kalendar"=C:\Program Files\Kalendar\kalendar.exe [2005-11-09 580608]
"SystemExplorerAutoStart"=C:\Program Files\System Explorer\SystemExplorer.exe [2012-03-23 2642064]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
C:\Program Files\Ask.com\Updater\Updater.exe [2012-01-03 1391272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2007-08-24 101784]

C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění
SystemExplorerDisabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2004-07-01 344064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2011-09-27 66328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe"="C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe:*:Enabled:Nero ControlCenter"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"midi"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-04-26 11:01:42 ----D---- C:\Program Files\trend micro
2012-04-26 11:01:39 ----D---- C:\rsit
2012-04-25 13:37:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\Mozilla
2012-04-25 13:37:38 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-04-24 11:07:40 ----A---- C:\WINDOWS\system32\drivers\rfcomm.sys
2012-04-24 11:07:38 ----A---- C:\WINDOWS\system32\drivers\BthEnum.sys
2012-04-24 11:07:35 ----A---- C:\WINDOWS\system32\irmon.dll
2012-04-24 11:07:30 ----A---- C:\WINDOWS\system32\irftp.exe
2012-04-24 11:07:27 ----A---- C:\WINDOWS\system32\wshirda.dll
2012-04-24 11:07:08 ----A---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2012-04-19 09:32:04 ----D---- C:\Program Files\Windows Sidebar
2012-04-19 09:22:29 ----SHD---- C:\Config.Msi
2012-04-18 10:27:18 ----D---- C:\Program Files\CDex
2012-04-18 09:36:57 ----A---- C:\WINDOWS\system32\drivers\sptd.sys
2012-04-18 08:28:28 ----D---- C:\Documents and Settings\Administrator\Data aplikací\CDRoller
2012-04-18 08:28:16 ----D---- C:\Program Files\CDRoller
2012-04-17 15:15:11 ----D---- C:\Program Files\Exact Audio Copy
2012-04-17 15:10:12 ----A---- C:\WINDOWS\cdplayer.ini
2012-04-13 12:38:20 ----A---- C:\WINDOWS\ModemLog_Vodafone Mobile Broadband Modem (Huawei).txt
2012-04-12 13:50:57 ----D---- C:\WINDOWS\pss
2012-04-11 09:14:47 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-04-11 08:45:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2675157$
2012-04-11 08:29:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2653956$
2012-04-10 12:48:35 ----D---- C:\Documents and Settings\Administrator\Data aplikací\calibre
2012-04-10 12:34:25 ----D---- C:\Program Files\Calibre2
2012-04-06 13:47:20 ----A---- C:\Documents and Settings\Administrator\Data aplikací\burnaware.ini
2012-04-06 13:42:11 ----D---- C:\Program Files\BurnAware Free
2012-04-06 13:41:52 ----D---- C:\Program Files\Ask.com
2012-04-06 08:27:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\SystemExplorer
2012-04-06 08:27:04 ----D---- C:\Program Files\System Explorer
2012-04-04 11:13:25 ----D---- C:\Program Files\SpeedFan
2012-04-04 08:00:02 ----D---- C:\Documents and Settings\Administrator\Data aplikací\DRPSu
2012-03-29 07:06:47 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2012-03-29 07:02:01 ----D---- C:\Program Files\MSXML 4.0
2012-03-28 12:28:59 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Nero
2012-03-28 12:15:27 ----D---- C:\Program Files\Nero
2012-03-28 12:15:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\Nero
2012-03-28 12:10:06 ----D---- C:\WINDOWS\RegisteredPackages

======List of files/folders modified in the last 1 month======

2012-04-26 11:01:59 ----D---- C:\WINDOWS\Prefetch
2012-04-26 11:01:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\ConMet
2012-04-26 11:01:42 ----RD---- C:\Program Files
2012-04-26 10:59:02 ----D---- C:\Documents and Settings\Administrator\Data aplikací\ConMet
2012-04-26 10:55:59 ----D---- C:\WINDOWS\Temp
2012-04-26 10:51:35 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-04-26 10:31:48 ----D---- C:\WINDOWS
2012-04-25 16:04:07 ----D---- C:\Program Files\The KMPlayer
2012-04-25 13:37:56 ----D---- C:\Program Files\Mozilla Firefox
2012-04-24 11:07:50 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-04-24 11:07:41 ----D---- C:\WINDOWS\system32\drivers
2012-04-24 11:07:38 ----D---- C:\WINDOWS\system32
2012-04-24 11:07:17 ----D---- C:\WINDOWS\security
2012-04-24 11:07:03 ----D---- C:\WINDOWS\system32\CatRoot2
2012-04-24 11:06:33 ----A---- C:\WINDOWS\nwc.ini
2012-04-19 13:53:54 ----SHD---- C:\WINDOWS\Installer
2012-04-19 09:55:25 ----RSD---- C:\WINDOWS\assembly
2012-04-19 09:55:25 ----D---- C:\WINDOWS\Microsoft.NET
2012-04-19 09:41:31 ----HD---- C:\WINDOWS\inf
2012-04-19 09:39:06 ----D---- C:\WINDOWS\system32\CatRoot
2012-04-19 09:32:04 ----RSD---- C:\WINDOWS\Fonts
2012-04-19 09:32:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\Vodafone
2012-04-19 09:24:18 ----D---- C:\Program Files\Vodafone
2012-04-18 10:31:45 ----D---- C:\Temp
2012-04-16 08:36:10 ----D---- C:\WINDOWS\Debug
2012-04-13 12:31:45 ----D---- C:\Program Files\ConMet
2012-04-13 11:18:45 ----D---- C:\WINDOWS\Network Diagnostic
2012-04-13 08:11:10 ----SH---- C:\boot.ini
2012-04-13 08:11:08 ----A---- C:\WINDOWS\win.ini
2012-04-13 08:11:08 ----A---- C:\WINDOWS\system.ini
2012-04-12 13:41:19 ----SD---- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
2012-04-12 07:51:52 ----D---- C:\Program Files\ABBYY FineReader 10
2012-04-11 09:14:52 ----SD---- C:\WINDOWS\Tasks
2012-04-11 09:02:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-04-11 08:59:44 ----D---- C:\WINDOWS\WinSxS
2012-04-11 08:45:20 ----HD---- C:\WINDOWS\$hf_mig$
2012-04-11 08:33:08 ----A---- C:\WINDOWS\system32\MRT.exe
2012-03-28 16:10:57 ----D---- C:\Program Files\Common Files
2012-03-28 12:15:17 ----D---- C:\WINDOWS\Cursors
2012-03-28 12:12:32 ----D---- C:\Program Files\Windows Media Player

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BMLoad;Bytemobile Boot Time Load Driver; C:\WINDOWS\system32\drivers\BMLoad.sys [2010-03-11 13184]
R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2011-03-18 25240]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2012-04-18 477240]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-03-07 24920]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2012-02-23 35672]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-02-23 610648]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-02-23 337112]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-02-23 53848]
R1 EterlogicVirtualSerialDriver;EterlogicVirtualSerialDriver; \??\C:\WINDOWS\system32\drivers\VSPE.sys []
R1 tcpipBM;Bytemobile Kernel Network Provider; \??\C:\WINDOWS\system32\drivers\tcpipBM.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-02-23 20696]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-02-23 95704]
R2 LBeepKE;Logitech Beep Suppression Driver; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2011-09-02 12184]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2008-04-14 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2008-04-14 55936]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
R3 ewusbnet;HUAWEI USB-NDIS miniport; C:\WINDOWS\system32\DRIVERS\ewusbnet.sys [2011-07-12 237440]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys [2011-07-12 73344]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2011-07-12 192768]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-07-01 724221]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2011-09-02 41240]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2011-09-02 39192]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2011-09-02 30360]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-14 20992]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 vodafone_K3805-z_dc_enum;vodafone_K3805-z_dc_enum; C:\WINDOWS\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys [2010-09-01 80000]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 BthEnum;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [2011-07-12 102784]
S3 hwusbfake;Huawei DataCard USB Fake; C:\WINDOWS\system32\DRIVERS\ewusbfake.sys []
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 rtl8185;Realtek RTL8185 54M Wireless LAN Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\rtl8185.sys [2010-03-23 835616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 WinUSB;Sony Ericsson USB Device sa0101 Driver; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2006-11-02 39368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-02-23 44768]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-11-15 153376]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R2 VmbService;Vodafone Mobile Connect Service; C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [2011-07-14 9216]
R3 SystemExplorerHelpService;System Explorer Service; C:\Program Files\System Explorer\service\SystemExplorerService.exe [2012-03-01 536208]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-09-26 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-16 253088]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-09-26 136176]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2011-09-27 295192]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-25 129976]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#5 Příspěvek od **Márty84** » 27 dub 2012 15:41

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe , ulozte nejlepe na plochu a spustte.
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem files)

Kód: Vybrat vše

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\k9ukgxjv.default\extensions\toolbar@ask.com
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\Program Files\Ask.com

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
[-HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]

:services
JavaQuickStarterService
gupdate
AdobeFlashPlayerUpdateSvc
gupdatem

:commands
[RESETHOSTS]
[Purity]
[EMPTYTEMP]
[EMPTYFLASH]

Kliknete na MoveIt a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)

petouf · #6 Příspěvek od **petouf** » 27 dub 2012 16:55

Za tyden, jedu na dovolenou, ale dík

#7 Příspěvek od **Márty84** » 27 dub 2012 17:08

OK, zatim tedy neni zac

Tak stastnou cestu a hlavne stastny navrat

petouf · #8 Příspěvek od **petouf** » 04 kvě 2012 07:51

Tak po dovolené, bylo nádherně

K tomu logu z OTM:
All processes killed
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
C:\WINDOWS\system32\SET100.tmp moved successfully.
C:\WINDOWS\system32\SET102.tmp moved successfully.
C:\WINDOWS\system32\SET104.tmp moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\k9ukgxjv.default\extensions\toolbar@ask.com\searchplugins folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\k9ukgxjv.default\extensions\toolbar@ask.com\defaults\preferences folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\k9ukgxjv.default\extensions\toolbar@ask.com\defaults folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\k9ukgxjv.default\extensions\toolbar@ask.com\chrome\skin folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\k9ukgxjv.default\extensions\toolbar@ask.com\chrome\content folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\k9ukgxjv.default\extensions\toolbar@ask.com\chrome folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\k9ukgxjv.default\extensions\toolbar@ask.com folder moved successfully.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job moved successfully.
C:\Program Files\Ask.com\Updater folder moved successfully.
C:\Program Files\Ask.com\assets\oobe folder moved successfully.
C:\Program Files\Ask.com\assets folder moved successfully.
C:\Program Files\Ask.com folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor\ deleted successfully.
========== SERVICES/DRIVERS ==========
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 72676978 bytes
->Temporary Internet Files folder emptied: 64389 bytes
->Java cache emptied: 530769 bytes
->FireFox cache emptied: 50700127 bytes
->Google Chrome cache emptied: 31007053 bytes
->Flash cache emptied: 60113 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56475 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 49152 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 98585854 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 13431059 bytes

Total Files Cleaned = 255,00 mb

[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

OTM by OldTimer - Version 3.1.19.0 log created on 05042012_083218

Files moved on Reboot...
File C:\Documents and Settings\Administrator\Local Settings\Temp\Dočasný adresář 9 pro Závěť-profesora-Dowella---Zaveshchaniye-professora-Douelya---The-Testament-of-Professor-Dowellsubs.ENG.ESP.BG.(1984).zip\Závěť profesora Dowella - Zaveshchaniye professora Douelya - The Testament of Pro not found!
File C:\Documents and Settings\Administrator\Local Settings\Temp\Dočasný adresář 8 pro Závěť-profesora-Dowella---Zaveshchaniye-professora-Douelya---The-Testament-of-Professor-Dowellsubs.ENG.ESP.BG.(1984).zip\Závěť profesora Dowella - Zaveshchaniye professora Douelya - The Testament of Pro not found!
File C:\Documents and Settings\Administrator\Local Settings\Temp\Dočasný adresář 7 pro Závěť-profesora-Dowella---Zaveshchaniye-professora-Douelya---The-Testament-of-Professor-Dowellsubs.ENG.ESP.BG.(1984).zip\Závěť profesora Dowella - Zaveshchaniye professora Douelya - The Testament of Pro not found!
File C:\Documents and Settings\Administrator\Local Settings\Temp\Dočasný adresář 6 pro Závěť-profesora-Dowella---Zaveshchaniye-professora-Douelya---The-Testament-of-Professor-Dowellsubs.ENG.ESP.BG.(1984).zip\Závěť profesora Dowella - Zaveshchaniye professora Douelya - The Testament of Pro not found!
File C:\Documents and Settings\Administrator\Local Settings\Temp\Dočasný adresář 5 pro Závěť-profesora-Dowella---Zaveshchaniye-professora-Douelya---The-Testament-of-Professor-Dowellsubs.ENG.ESP.BG.(1984).zip\Závěť profesora Dowella - Zaveshchaniye professora Douelya - The Testament of Pro not found!
File C:\Documents and Settings\Administrator\Local Settings\Temp\Dočasný adresář 4 pro Závěť-profesora-Dowella---Zaveshchaniye-professora-Douelya---The-Testament-of-Professor-Dowellsubs.ENG.ESP.BG.(1984).zip\Závěť profesora Dowella - Zaveshchaniye professora Douelya - The Testament of Pro not found!
File C:\Documents and Settings\Administrator\Local Settings\Temp\Dočasný adresář 3 pro Závěť-profesora-Dowella---Zaveshchaniye-professora-Douelya---The-Testament-of-Professor-Dowellsubs.ENG.ESP.BG.(1984).zip\Závěť profesora Dowella - Zaveshchaniye professora Douelya - The Testament of Pro not found!
File C:\Documents and Settings\Administrator\Local Settings\Temp\Dočasný adresář 2 pro Závěť-profesora-Dowella---Zaveshchaniye-professora-Douelya---The-Testament-of-Professor-Dowellsubs.ENG.ESP.BG.(1984).zip\Závěť profesora Dowella - Zaveshchaniye professora Douelya - The Testament of Pro not found!
File C:\Documents and Settings\Administrator\Local Settings\Temp\Dočasný adresář 1 pro Závěť-profesora-Dowella---Zaveshchaniye-professora-Douelya---The-Testament-of-Professor-Dowellsubs.ENG.ESP.BG.(1984).zip\Závěť profesora Dowella - Zaveshchaniye professora Douelya - The Testament of Pro not found!
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Dík a přeju pěkný den!

#9 Příspěvek od **Márty84** » 04 kvě 2012 09:02

petouf píše:Tak po dovolené, bylo nádherně

To verim a tise zavidim

OTM provedlo co melo. Nastala nejaka zmena?

petouf · #10 Příspěvek od **petouf** » 09 kvě 2012 13:20

Tak zdá se že proběhla změna k lepšímu. Sice se občas kouše mozilla, ale mám pocit, že to bude něco v rychlosti připojení a možná pomalejší PC... Jen se ještě optám, co tam bylo za problém? Bych byl v obraze...

Díky moc a přeji pěkný den!

#11 Příspěvek od **Márty84** » 09 kvě 2012 17:42

Na tu mozillu se jeste koukneme. RSIT ji bere jen tak okrajove, Treba tam bude jeste nejaka brzda.

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

Nejvetsi problem byl asi Ask Toolbar. To je velka brzda. Jinak nejake ty zbytecnosti. Vylozene havet RSIT neukazalo

petouf · #12 Příspěvek od **petouf** » 10 kvě 2012 12:22

Tak tu je log. Ale udělalo mi to jen OTL.txt, ten Extras.txt mi to nedělá. Asi mám něco blbě nastaveno? Jo- a když spustim správce systemu tak se mi zobrazí pouze procesy, bez možnosti minimalizace, zavření a přepínání záložek - ale to není tragedie, spíš zajímavost...
To nastavení OTL posílám jako přílohu v jpg a teď ten log:

OTL logfile created on: 10.5.2012 10:51:17 - Run 3
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\Administrator\Plocha\údržba PC
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

503,48 Mb Total Physical Memory | 151,82 Mb Available Physical Memory | 30,15% Memory free
1,94 Gb Paging File | 1,46 Gb Available in Paging File | 75,42% Paging File free
Paging file location(s): C:\pagefile.sys 1512 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,17 Gb Total Space | 2,89 Gb Free Space | 15,09% Space Free | Partition Type: NTFS
Drive D: | 19,17 Gb Total Space | 2,49 Gb Free Space | 12,98% Space Free | Partition Type: NTFS
Drive E: | 35,15 Gb Total Space | 5,65 Gb Free Space | 16,07% Space Free | Partition Type: NTFS
Drive G: | 38,33 Gb Total Space | 27,88 Gb Free Space | 72,72% Space Free | Partition Type: NTFS
Drive H: | 35,91 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: PPP-CCE959B58B8 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.04.13 12:30:21 | 004,706,816 | ---- | M] (Mgr. Tomáš Papoušek) -- C:\Program Files\ConMet\ConMet.exe
PRC - [2012.04.12 09:37:36 | 001,224,176 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2012.03.23 09:36:10 | 002,642,064 | ---- | M] (Mister Group) -- C:\Program Files\System Explorer\SystemExplorer.exe
PRC - [2012.03.01 12:12:38 | 000,536,208 | ---- | M] (Mister Group) -- C:\Program Files\System Explorer\service\SystemExplorerService.exe
PRC - [2012.02.23 18:23:24 | 004,031,368 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.02.23 18:23:21 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.10.07 11:40:42 | 001,387,288 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
PRC - [2011.10.04 08:00:34 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\údržba PC\OTL.exe
PRC - [2011.09.27 21:05:24 | 000,149,784 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
PRC - [2011.07.14 15:45:44 | 000,009,216 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
PRC - [2011.07.14 15:45:14 | 000,279,552 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
PRC - [2010.03.11 09:36:32 | 000,390,272 | ---- | M] (Bytemobile, Inc.) -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Optimization Client\bmctl.exe
PRC - [2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.04.16 16:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2005.11.09 22:12:44 | 000,580,608 | ---- | M] () -- C:\Program Files\Kalendar\kalendar.exe

========== Modules (No Company Name) ==========

MOD - [2012.05.09 21:16:26 | 001,756,160 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12050901\algo.dll
MOD - [2012.04.19 09:52:43 | 000,218,624 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Interop.FNCClient11#\6dadc3fe140a6a8f841c73c8e7b1c435\Interop.FNCClient11Lib.ni.dll
MOD - [2012.04.19 09:52:40 | 000,034,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.UpdateMana#\90ff72adbe78a38a908dfdba04e79261\Vodafone.UpdateManager.ni.dll
MOD - [2012.04.19 09:52:38 | 000,192,512 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Model.Conn#\6175d0801d057bff24db76e30bc0d63a\Vodafone.Model.Connection.ni.dll
MOD - [2012.04.19 09:52:34 | 000,025,088 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.View.Manag#\93c45f75bed563c4a65d43552ffcabf0\Vodafone.View.ManagedToolTip.ni.dll
MOD - [2012.04.19 09:52:30 | 000,859,136 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.View.Shared\6f5a942eb471d581e0f967ffaf2e9ed3\Vodafone.View.Shared.ni.dll
MOD - [2012.04.19 09:52:18 | 000,531,968 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.View.Secon#\5da6bc6efc8e4ffc8fe47467fc9749e4\Vodafone.View.SecondaryWindows.ni.dll
MOD - [2012.04.19 09:52:11 | 000,082,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.Remot#\a76bfd340c4f84c369081af343987289\Vodafone.Core.Remoting.ni.dll
MOD - [2012.04.19 09:52:08 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.CoreI#\47d1fc1a5dcd1ebe3599f3f3c9bbdf5a\Vodafone.Core.CoreInstanceProvider.ni.dll
MOD - [2012.04.19 09:52:05 | 000,055,808 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.TrafficOpt#\fafdfb9e6efc74249d3ee8a951e63fce\Vodafone.TrafficOptimiser.ni.dll
MOD - [2012.04.19 09:52:03 | 000,734,720 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.WwanWrapper\d5dba8326c1e4c4ae656c5ce9079ceea\Vodafone.WwanWrapper.ni.dll
MOD - [2012.04.19 09:51:57 | 000,657,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Connection#\7bd2aa67bbad00d40fcc250282e1a0a3\Vodafone.ConnectionServices.ni.dll
MOD - [2012.04.19 09:51:46 | 000,395,776 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.MbbManagem#\0bdbd14db695635de3ddbf9451165b72\Vodafone.MbbManagement.ni.dll
MOD - [2012.04.19 09:51:35 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\928d68e598e850c24f95aa5e93051315\Vodafone.DeviceAccess.Interfaces.ni.dll
MOD - [2012.04.19 09:51:33 | 000,506,880 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\bdf128f62bebe6dc4f2db78fdca6a4a1\Vodafone.DeviceAccess.Internals.ni.dll
MOD - [2012.04.19 09:51:28 | 000,038,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\bbb9d5a69554850388367d74e6e9de7d\Vodafone.DeviceAccess.Factory.ni.dll
MOD - [2012.04.19 09:51:25 | 000,022,528 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Interop.INSTALLERCO#\bb68825da695f269a6def3efff032e7a\Interop.INSTALLERCONTROLLib.ni.dll
MOD - [2012.04.19 09:51:23 | 000,217,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Inter#\bd3af4aa7624c56cd5fca8d4137858c6\Vodafone.Base.Internals.ni.dll
MOD - [2012.04.19 09:51:20 | 000,031,744 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Facto#\6a203982d4c9e64b0390f21ed5fb052f\Vodafone.Base.Factory.ni.dll
MOD - [2012.04.19 09:51:18 | 000,120,832 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Connection#\5c06607350167b2556c726270e4cb681\Vodafone.ConnectionManagement.ni.dll
MOD - [2012.04.19 09:51:15 | 000,070,144 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Interop.VpnApiLib\b4a18d6862249ec6d4bbd0e7b317fe50\Interop.VpnApiLib.ni.dll
MOD - [2012.04.19 09:51:14 | 000,031,744 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Interop.FCCOMINTDLL#\3caeeeb61c505d7761e35225c0fc6414\Interop.FCCOMINTDLLLib.ni.dll
MOD - [2012.04.19 09:51:12 | 000,119,808 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Vpn\b4e2c8a81f0967dc638364d0c09d19f6\Vodafone.Vpn.ni.dll
MOD - [2012.04.19 09:51:09 | 000,108,544 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.LanWlanMan#\ad7cb41d8d6340fed1e5f8dbe9ae739e\Vodafone.LanWlanManager.ni.dll
MOD - [2012.04.19 09:51:06 | 000,023,552 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.Inter#\3498242e96c46a11a14e488e3dd21cac\Vodafone.Core.Interfaces.ni.dll
MOD - [2012.04.19 09:51:02 | 001,033,728 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.BusinessLo#\127b9b021fb00800e125d15471a6a431\Vodafone.BusinessLogic.ni.dll
MOD - [2012.04.19 09:50:50 | 000,050,176 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\5a237fc6853d25fb86e8493203fb7d68\Vodafone.Contracts.Adapter.ni.dll
MOD - [2012.04.19 09:50:22 | 001,303,552 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.U#\9098ca5de4fbbe38ac065d3d7b723860\Infragistics2.Win.UltraWinEditors.v9.2.ni.dll
MOD - [2012.04.19 09:50:11 | 003,346,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.M#\1a397c88e6ce2b1f0923657fad2927cb\Infragistics2.Win.Misc.v9.2.ni.dll
MOD - [2012.04.19 09:49:45 | 011,052,032 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.v#\bc724140ed5ca8ff586ad3cf647942a7\Infragistics2.Win.v9.2.ni.dll
MOD - [2012.04.19 09:48:40 | 000,871,424 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Infragistics2.Share#\a685a8d02df564b1456b7df3256c1e3e\Infragistics2.Shared.v9.2.ni.dll
MOD - [2012.04.19 09:48:28 | 007,135,744 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.U#\d0f8ed44e6d208705db2676353eaf207\Infragistics2.Win.UltraWinToolbars.v9.2.ni.dll
MOD - [2012.04.19 09:47:46 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\63655b860c0fb495703ce42fabe2bb6c\Vodafone.Contracts.Presenter.ni.dll
MOD - [2012.04.19 09:47:43 | 000,114,176 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.Contr#\be46289d81c9546a729f3ac4f360ca94\Vodafone.Core.Contracts.ni.dll
MOD - [2012.04.19 09:47:41 | 000,132,608 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\6cb76654ea5750a68db78e6c8bd97411\Vodafone.Contracts.Model.ni.dll
MOD - [2012.04.19 09:47:38 | 000,104,448 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\b2965b16bf93b1855b3d2370972cc778\Vodafone.Contracts.View.ni.dll
MOD - [2012.04.19 09:47:35 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\b578000f217b8364b7192e69929f69f2\Vodafone.DeviceAccess.Contracts.ni.dll
MOD - [2012.04.19 09:47:33 | 000,097,280 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\5b2bcca9fcada8b5008bc11ea91050c2\Vodafone.Contracts.Common.ni.dll
MOD - [2012.04.19 09:47:30 | 000,047,104 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Common.Logging\65c578108746aab7d0707dcc9e7c0634\Common.Logging.ni.dll
MOD - [2012.04.19 09:47:26 | 002,104,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Spring.Core\2db9733975730530cef387c22241d375\Spring.Core.ni.dll
MOD - [2012.04.19 09:47:10 | 000,042,496 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.InstancePr#\13d7da2a5880b2f818e62a70455212e3\Vodafone.InstanceProvider.Impl.ni.dll
MOD - [2012.04.19 09:47:07 | 000,810,496 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Applicatio#\2db9f30c05b730af112507556d0f144a\Vodafone.ApplicationHost.Impl.ni.dll
MOD - [2012.04.19 09:46:56 | 000,031,232 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.OutlookCon#\e0113873210eb74de2036ada3ed77a8a\Vodafone.OutlookConnector.ni.dll
MOD - [2012.04.19 09:46:50 | 000,351,744 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.ReportingM#\fc40ebc3c03580f557b10f716eeb0f68\Vodafone.ReportingManager.ni.dll
MOD - [2012.04.19 09:46:41 | 000,197,632 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.SmsContact#\c0217c6e7389986070f8f4d18c277a0b\Vodafone.SmsContactManager.ni.dll
MOD - [2012.04.19 09:46:23 | 000,335,872 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.CommonDial#\35a25875b1e45a852921f0174488004d\Vodafone.CommonDialogs.ni.dll
MOD - [2012.04.19 09:46:15 | 000,119,808 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Interop.Shell32\b374e487a634d465b01895af510f2866\Interop.Shell32.ni.dll
MOD - [2012.04.19 09:46:13 | 000,067,072 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.SettingsMa#\4ab59cb82b004d193b15d4c152c4fc66\Vodafone.SettingsManager.ni.dll
MOD - [2012.04.19 09:46:10 | 000,080,384 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.SmsProfile#\5f0691a071866389822b134ee9a088c6\Vodafone.SmsProfileManager.ni.dll
MOD - [2012.04.19 09:46:00 | 000,351,232 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.DataAccess#\d1aff24463cd4310aa9997afaf14a132\Vodafone.DataAccessor.ni.dll
MOD - [2012.04.19 09:45:05 | 000,074,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.NtServiceM#\f056c8366c830fa220c286aa474d31ec\Vodafone.NtServiceMessaging.ni.dll
MOD - [2012.04.19 09:45:01 | 001,446,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\MobileBroadbandReso#\dcfcb206808afed28c7c2acfae137439\MobileBroadbandResources.ni.dll
MOD - [2012.04.19 09:44:17 | 000,352,768 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Win32\205631688d1d84657bef45c7f980612a\Vodafone.Base.Win32.ni.dll
MOD - [2012.04.19 09:40:41 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\c14e58265386feb509cc61bb5e8dd296\System.Runtime.Remoting.ni.dll
MOD - [2012.04.19 09:40:11 | 000,019,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.MobileBroa#\8fdcc1d2d5d969553bdaa442e7cdb250\Vodafone.MobileBroadband.CallbackHandler.ni.dll
MOD - [2012.04.19 09:40:09 | 000,181,248 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Common\e0903992e5e585510a31b53041dbbe5c\Vodafone.Common.ni.dll
MOD - [2012.04.19 09:39:43 | 000,171,520 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Contr#\82fcd35355e6c47c5c13b1d3789e1b5b\Vodafone.Base.Contracts.ni.dll
MOD - [2012.04.19 09:39:19 | 000,671,744 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Data\d753c452ba10c16bd3398be6fd40e205\Vodafone.Data.ni.dll
MOD - [2012.04.19 09:38:04 | 001,385,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Platform\31cbc3874a34866ba2d1f1a29ccfbde5\Vodafone.Platform.ni.dll
MOD - [2012.04.19 09:37:26 | 000,098,304 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.LogEngine\60c5a3e1f2d4e449bbde469109c471d2\Vodafone.LogEngine.ni.dll
MOD - [2012.04.19 09:37:16 | 000,264,704 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\MobileBroadband\dc489b28c38f6716fe6252caeb121a5e\MobileBroadband.ni.exe
MOD - [2012.04.12 09:37:34 | 000,444,400 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\18.0.1025.162\ppgooglenaclpluginchrome.dll
MOD - [2012.04.12 09:37:33 | 003,915,248 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\18.0.1025.162\pdf.dll
MOD - [2012.04.12 09:36:08 | 000,122,880 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\18.0.1025.162\avutil-51.dll
MOD - [2012.04.12 09:36:06 | 000,220,672 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\18.0.1025.162\avformat-53.dll
MOD - [2012.04.12 09:36:05 | 001,747,456 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\18.0.1025.162\avcodec-53.dll
MOD - [2012.04.12 08:51:55 | 008,743,584 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
MOD - [2012.04.11 09:28:03 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\56e433394df8d44e43690a855e403555\System.ServiceProcess.ni.dll
MOD - [2012.04.11 09:21:10 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d96906db18e87ffe2e08f6cda7e2be0f\System.Windows.Forms.ni.dll
MOD - [2012.04.11 09:19:10 | 001,591,808 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\8d886cdc2ca5f0ff97cd1afe8773bb6e\System.Drawing.ni.dll
MOD - [2012.04.11 09:00:36 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2012.04.11 08:59:31 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2012.02.16 11:17:39 | 001,840,640 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\e9ba004858dcdb5958d86f26f043f85a\System.Web.Services.ni.dll
MOD - [2012.02.16 11:16:56 | 000,627,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\f25d114cb629d1f512f98883c6535a75\System.Transactions.ni.dll
MOD - [2012.02.16 11:11:31 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\a2a14380e8c9149d5b212d0100ef588a\System.Management.ni.dll
MOD - [2012.02.16 11:09:22 | 000,679,936 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\5fb9981f4147b537b53be9d58bf4e9b4\System.Security.ni.dll
MOD - [2012.02.16 11:08:42 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\94a40f415bfa947e251888bbe88bb973\System.Configuration.ni.dll
MOD - [2012.02.16 10:24:10 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\77e1279cbf4eecfb0284b63316fe43fe\System.Xml.ni.dll
MOD - [2012.02.16 10:15:42 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\ae888f8633fce3ff1de98e32bce0abbf\System.Data.ni.dll
MOD - [2012.02.16 09:58:11 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll
MOD - [2011.10.21 08:14:57 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll
MOD - [2011.10.21 05:58:26 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011.10.07 11:41:16 | 000,879,896 | ---- | M] () -- C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
MOD - [2011.07.12 13:02:20 | 001,101,824 | R--- | M] () -- c:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\NDISAPI.dll
MOD - [2011.06.16 00:14:48 | 000,331,776 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2011.05.28 22:04:58 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008.04.14 14:00:00 | 000,355,112 | ---- | M] () -- C:\WINDOWS\system32\msjetoledb40.dll
MOD - [2005.11.09 22:12:44 | 000,580,608 | ---- | M] () -- C:\Program Files\Kalendar\kalendar.exe
MOD - [2001.10.28 17:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2012.04.25 13:37:24 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.03.01 12:12:38 | 000,536,208 | ---- | M] (Mister Group) [On_Demand | Running] -- C:\Program Files\System Explorer\service\SystemExplorerService.exe -- (SystemExplorerHelpService)
SRV - [2012.02.23 18:23:21 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011.09.27 21:03:28 | 000,295,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011.07.14 15:45:44 | 000,009,216 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe -- (VmbService)

========== Driver Services (SafeList) ==========

DRV - [2012.04.18 09:36:57 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2012.03.07 01:58:29 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012.02.23 18:12:28 | 000,610,648 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.02.23 18:12:16 | 000,337,112 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.02.23 18:10:46 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012.02.23 18:10:39 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.02.23 18:10:25 | 000,095,704 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.02.23 18:10:16 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.02.16 16:19:51 | 000,025,984 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VSPE.sys -- (EterlogicVirtualSerialDriver)
DRV - [2011.09.02 08:31:28 | 000,039,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2011.09.02 08:31:28 | 000,030,360 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2011.09.02 08:31:20 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2011.09.02 08:30:58 | 000,012,184 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2011.07.12 15:02:18 | 000,102,784 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2011.07.12 14:02:30 | 000,073,344 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2011.07.12 14:02:24 | 000,237,440 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2011.07.12 14:02:24 | 000,192,768 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2011.03.18 18:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2010.09.01 14:33:12 | 000,080,000 | ---- | M] (Vodafone) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vodafone_K3805-z_dc_enum.sys -- (vodafone_K3805-z_dc_enum)
DRV - [2010.03.11 09:36:26 | 000,024,192 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2010.03.11 09:36:24 | 000,013,184 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\BMLoad.sys -- (BMLoad)
DRV - [2008.09.24 11:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2008.04.14 14:00:00 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008.04.14 14:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2008.04.14 14:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2008.04.14 02:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008.04.14 00:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2006.11.02 08:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2001.08.18 00:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2025429265-1592454029-842925246-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@parallelgraphics.com/Cortona: C:\Program Files\Common Files\ParallelGraphics\Cortona\npCortona.dll (ParallelGraphics)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.03.21 09:23:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\Vodafone\Vodafone Mobile Broadband\Optimization Client\addon\ [2012.04.19 09:30:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.04.25 13:37:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.19 13:53:05 | 000,000,000 | ---D | M]

[2011.09.26 08:26:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Extensions
[2012.05.04 08:52:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\k9ukgxjv.default\Extensions
[2012.04.02 09:49:20 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\k9ukgxjv.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.02.09 16:06:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\K9UKGXJV.DEFAULT\EXTENSIONS\{B9DB16A4-6EDC-47EC-A1F4-B86292ED211D}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\K9UKGXJV.DEFAULT\EXTENSIONS\{CE7E73DF-6A44-4028-8079-5927A588C948}.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\K9UKGXJV.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012.03.21 09:23:58 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011.11.15 13:06:33 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2012.04.19 09:30:53 | 000,000,000 | ---D | M] (Bytemobile Optimization Client) -- C:\PROGRAM FILES\VODAFONE\VODAFONE MOBILE BROADBAND\OPTIMIZATION CLIENT\ADDON
[2011.10.25 07:14:55 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012.04.25 13:37:23 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.08.09 16:17:46 | 000,873,888 | ---- | M] (ParallelGraphics) -- C:\Program Files\mozilla firefox\plugins\npCortona.dll
[2011.11.15 13:06:29 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.01.29 17:37:00 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.01.29 17:37:00 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.01.29 17:37:00 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.01.29 17:37:00 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.01.29 17:37:00 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Administrator\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Cortona3D Viewer (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npCortona.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll
CHR - Extension: avast! WebRep = C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1407_0\

O1 HOSTS File: ([2012.05.04 08:33:00 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Ukazatel S-Rank) - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.3.dll ()
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [ConMet] C:\Program Files\ConMet\ConMet.exe (Mgr. Tomáš Papoušek)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [MobileBroadband] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-2025429265-1592454029-842925246-500..\Run: [Kalendar] C:\Program Files\Kalendar\kalendar.exe ()
O4 - HKU\S-1-5-21-2025429265-1592454029-842925246-500..\Run: [SystemExplorerAutoStart] C:\Program Files\System Explorer\SystemExplorer.exe (Mister Group)
O4 - Startup: C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\SystemExplorerDisabled [2012.04.06 08:48:47 | 000,000,000 | -H-D | M]
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2025429265-1592454029-842925246-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.77.165.81 217.77.161.131
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{30AC7329-D322-4DFD-8747-CE30AC80D933}: DhcpNameServer = 217.77.165.81 217.77.161.131
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.09.26 07:40:26 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009.04.22 15:56:22 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007.10.13 09:18:04 | 464,349,184 | ---- | M] () - E:\autoškola.iso -- [ NTFS ]
O32 - AutoRun File - [2009.11.04 18:55:13 | 000,000,119 | R--- | M] () - H:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{5a2258ce-e80f-11e0-a89e-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{5a2258ce-e80f-11e0-a89e-806d6172696f}\Shell\AutoRun\command - "" = K:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{73c56bac-611a-11e1-8d38-0020ed3a97bd}\Shell - "" = AutoRun
O33 - MountPoints2\{73c56bac-611a-11e1-8d38-0020ed3a97bd}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe -- [2009.11.03 15:38:25 | 000,270,336 | R--- | M] (Vodafone)
O33 - MountPoints2\{af6b2636-4d89-11e1-8d24-0020ed3a97bd}\Shell - "" = AutoRun
O33 - MountPoints2\{af6b2636-4d89-11e1-8d24-0020ed3a97bd}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe -- [2009.11.03 15:38:25 | 000,270,336 | R--- | M] (Vodafone)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012.05.04 08:32:18 | 000,000,000 | ---D | C] -- C:\_OTM
[2012.04.27 13:53:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\Stellarium
[2012.04.27 13:52:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Stellarium
[2012.04.27 13:52:06 | 000,000,000 | ---D | C] -- C:\Program Files\Stellarium
[2012.04.26 19:19:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha\kocarky
[2012.04.26 12:21:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha\foto
[2012.04.26 11:01:42 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.04.26 11:01:39 | 000,000,000 | ---D | C] -- C:\rsit
[2012.04.25 13:37:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Mozilla
[2012.04.25 13:37:38 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.04.25 13:35:02 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2012.04.24 11:07:40 | 000,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rfcomm.sys
[2012.04.24 11:07:38 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthenum.sys
[2012.04.24 11:07:35 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irmon.dll
[2012.04.24 11:07:30 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irftp.exe
[2012.04.24 11:07:30 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irftp.exe
[2012.04.24 11:07:27 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshirda.dll
[2012.04.24 11:07:27 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshirda.dll
[2012.04.24 11:07:08 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthusb.sys
[2012.04.19 09:32:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Vodafone
[2012.04.19 09:32:04 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2012.04.19 09:22:29 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.04.18 10:30:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CDex
[2012.04.18 10:27:18 | 000,000,000 | ---D | C] -- C:\Program Files\CDex
[2012.04.18 09:36:57 | 000,477,240 | ---- | C] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys
[2012.04.18 08:28:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CDRoller 9.30
[2012.04.18 08:28:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\CDRoller
[2012.04.18 08:28:16 | 000,000,000 | ---D | C] -- C:\Program Files\CDRoller
[2012.04.17 15:15:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Nabídka Start\Programy\Exact Audio Copy
[2012.04.17 15:15:11 | 000,000,000 | ---D | C] -- C:\Program Files\Exact Audio Copy
[2012.04.17 15:08:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Nabídka Start\Programy\Audiograbber
[2012.04.13 11:44:41 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\UserData
[2012.04.12 13:50:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2012.04.11 09:14:47 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.04.10 12:50:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha\kindle knihy
[2012.04.10 12:48:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\calibre
[2012.04.10 12:34:25 | 000,000,000 | ---D | C] -- C:\Program Files\Calibre2
[2012.04.10 12:34:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\calibre - E-book Management

========== Files - Modified Within 30 Days ==========

[2012.05.10 11:18:00 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.05.10 08:11:39 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.05.10 08:11:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.05.09 08:31:16 | 000,185,987 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Dan-z-prevodu-spoluvlastnictvi-pomucka-vzor1.pdf
[2012.05.04 08:33:00 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012.04.27 13:52:54 | 000,001,590 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Stellarium.lnk
[2012.04.26 19:14:54 | 046,904,168 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\calibre-0.8.48.msi
[2012.04.25 15:58:31 | 000,022,528 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.04.24 11:06:33 | 000,001,250 | ---- | M] () -- C:\WINDOWS\nwc.ini
[2012.04.19 15:58:46 | 000,275,760 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.04.19 09:32:20 | 000,001,911 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Vodafone Mobile Broadband.lnk
[2012.04.19 08:55:31 | 062,917,152 | ---- | M] () -- C:\Program Files\Vodafone Mobile Broadband.msi
[2012.04.19 08:55:01 | 000,097,792 | ---- | M] () -- C:\Program Files\1029.MST
[2012.04.18 09:55:47 | 000,000,392 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\burnaware.ini
[2012.04.18 08:28:33 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\CDRoller.lnk
[2012.04.17 15:15:15 | 000,000,707 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Exact Audio Copy.lnk
[2012.04.17 15:12:43 | 000,000,034 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[2012.04.16 15:57:43 | 000,032,320 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\Radotín - Pančava.t
[2012.04.16 12:58:19 | 000,077,323 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\441532-da-01-de-Crement_Drahtdrehwinderst_10K_Ohm.pdf
[2012.04.16 09:38:33 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.04.16 09:38:33 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.04.13 08:11:10 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2012.04.11 09:13:51 | 005,980,002 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Výnos 1_2011 - zpřístupnění.pdf
[2012.04.11 09:09:14 | 005,578,334 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Mapa_Výnos 1_2011.pdf
[2012.04.11 09:02:26 | 000,435,886 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.04.11 09:02:26 | 000,432,768 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2012.04.11 09:02:26 | 000,079,732 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2012.04.11 09:02:26 | 000,068,782 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.04.10 12:36:27 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\calibre - E-book management.lnk

========== Files Created - No Company Name ==========

[2012.05.10 09:10:38 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.05.09 08:31:13 | 000,185,987 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\Dan-z-prevodu-spoluvlastnictvi-pomucka-vzor1.pdf
[2012.04.27 13:52:54 | 000,001,590 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Stellarium.lnk
[2012.04.26 19:13:04 | 046,904,168 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\calibre-0.8.48.msi
[2012.04.19 09:32:20 | 000,001,911 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Vodafone Mobile Broadband.lnk
[2012.04.19 09:13:28 | 000,097,792 | ---- | C] () -- C:\Program Files\1029.MST
[2012.04.19 09:13:16 | 062,917,152 | ---- | C] () -- C:\Program Files\Vodafone Mobile Broadband.msi
[2012.04.18 08:28:33 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\CDRoller.lnk
[2012.04.17 15:15:15 | 000,000,707 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\Exact Audio Copy.lnk
[2012.04.17 15:10:12 | 000,000,034 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2012.04.16 15:57:42 | 000,032,320 | ---- | C] () -- C:\Documents and Settings\Administrator\Dokumenty\Radotín - Pančava.t
[2012.04.16 12:58:19 | 000,077,323 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\441532-da-01-de-Crement_Drahtdrehwinderst_10K_Ohm.pdf
[2012.04.11 09:13:47 | 005,980,002 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\Výnos 1_2011 - zpřístupnění.pdf
[2012.04.11 09:09:12 | 005,578,334 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\Mapa_Výnos 1_2011.pdf
[2012.04.10 12:36:27 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\calibre - E-book management.lnk
[2012.04.06 13:47:20 | 000,000,392 | ---- | C] () -- C:\Documents and Settings\Administrator\Data aplikací\burnaware.ini
[2012.02.16 16:19:51 | 000,025,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\VSPE.sys
[2012.02.16 08:45:45 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.01.27 09:31:10 | 000,000,247 | ---- | C] () -- C:\WINDOWS\RewardDemo.ini
[2012.01.11 09:52:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\{96B51C0B-D3BE-4DF3-959C-28B22C10CFBB}.ini
[2012.01.11 09:27:43 | 000,000,219 | ---- | C] () -- C:\WINDOWS\{96B51C0B-D3BE-4DF3-959C-28B22C10CFBB}.ini
[2011.12.29 13:53:04 | 000,000,495 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\SRDownloader.err
[2011.12.01 07:34:52 | 000,000,305 | ---- | C] () -- C:\WINDOWS\GRED.INI
[2011.11.24 10:16:47 | 000,000,203 | ---- | C] () -- C:\WINDOWS\ScrAntic.ini
[2011.11.21 15:12:44 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\SRDownloader.nast
[2011.11.10 08:56:58 | 000,001,250 | ---- | C] () -- C:\WINDOWS\nwc.ini
[2011.11.03 15:05:02 | 000,602,704 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2011.10.12 07:28:46 | 000,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2011.10.05 08:17:35 | 000,022,528 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.10.03 08:13:23 | 000,133,120 | ---- | C] () -- C:\WINDOWS\System32\cp211_vrml1to2.dll
[2011.10.03 08:13:23 | 000,003,584 | ---- | C] () -- C:\WINDOWS\System32\vrml1tovrml2.exe
[2011.10.03 08:13:22 | 000,779,776 | ---- | C] () -- C:\WINDOWS\System32\cp211_main.dll
[2011.10.03 08:13:22 | 000,252,416 | ---- | C] () -- C:\WINDOWS\System32\cp211_javascript.dll
[2011.10.03 08:13:22 | 000,226,304 | ---- | C] () -- C:\WINDOWS\System32\cp211_msjava.dll
[2011.10.03 08:13:22 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\cp211_graphicssmall8.dll
[2011.10.03 08:13:22 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\cp211_graphicssmall16.dll
[2011.10.03 08:13:22 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\cp211_lang.dll
[2011.10.03 08:13:22 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\cp211_graphicspos.dll
[2011.10.03 08:13:21 | 000,285,184 | ---- | C] () -- C:\WINDOWS\System32\cp211_graphicslarge8.dll
[2011.10.03 08:13:21 | 000,285,184 | ---- | C] () -- C:\WINDOWS\System32\cp211_graphicslarge16.dll
[2011.10.03 08:13:21 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\cp211_graphicsmed8.dll
[2011.10.03 08:13:21 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\cp211_graphicsmed16.dll
[2011.10.03 08:13:21 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\cp211_basic.dll
[2011.09.27 12:29:10 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2011.09.26 09:28:06 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.09.26 09:26:36 | 000,275,760 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.09.26 07:49:58 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011.09.26 07:49:21 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2011.09.26 07:44:16 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.09.26 07:35:58 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011.07.12 14:02:16 | 000,232,496 | R--- | C] () -- C:\Documents and Settings\All Users\Data aplikací\DeviceManager.xml.rc4
[2008.04.14 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008.04.14 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008.04.14 14:00:00 | 000,435,886 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008.04.14 14:00:00 | 000,432,768 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2008.04.14 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008.04.14 14:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2008.04.14 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008.04.14 14:00:00 | 000,079,732 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2008.04.14 14:00:00 | 000,068,782 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008.04.14 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008.04.14 14:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2008.04.14 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008.04.14 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008.04.14 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008.04.14 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008.04.14 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002.03.13 16:46:46 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2012.04.10 12:52:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\calibre
[2012.04.18 08:28:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\CDRoller
[2012.05.10 11:26:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ConMet
[2012.04.04 08:00:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DRPSu
[2012.03.20 14:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Guitar Pro 6
[2011.10.31 07:30:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Administrator\Data aplikací\IFViewer
[2012.01.27 09:11:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\JAM Software
[2012.02.02 15:46:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Leadertech
[2011.11.03 10:37:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\MyPhoneExplorer
[2011.11.03 09:40:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\OpenCandy
[2011.09.27 12:29:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\pdfforge
[2011.10.03 13:27:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\PDM
[2011.11.03 10:54:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\PLANStudio Setup
[2011.12.06 13:02:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ProfiCAD
[2012.02.09 13:42:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\SodaBush
[2012.04.27 13:53:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Stellarium
[2012.02.27 09:09:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\TuneUp Software
[2012.02.17 15:14:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ulozto File Manager
[2012.01.11 09:38:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Vodafone
[2011.09.26 08:21:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2012.05.10 11:28:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ConMet
[2012.02.02 16:20:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DobeSoftCZ
[2012.03.20 14:29:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Guitar Pro 6
[2012.02.02 15:33:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SuperOvladac
[2012.04.06 08:44:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SystemExplorer
[2012.01.16 15:32:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2012.02.27 09:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2012.04.19 09:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Vodafone
[2012.02.27 09:06:26 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2012.02.27 10:00:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\TuneUp Software
[2011.09.26 07:56:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Vodafone

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

< MD5 for: AGP440.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 08:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2008.04.14 08:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
[2008.04.14 08:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 14:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB2509553$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[14 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[7 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.02.28 12:51:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ABBYY
[2012.02.17 14:17:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Adobe
[2012.04.10 12:52:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\calibre
[2012.04.18 08:28:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\CDRoller
[2012.05.10 12:11:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ConMet
[2012.04.04 08:00:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DRPSu
[2011.09.26 08:20:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\FLEXnet
[2012.03.20 14:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Guitar Pro 6
[2012.02.17 13:18:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Help
[2011.09.26 07:45:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Identities
[2011.10.31 07:30:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Administrator\Data aplikací\IFViewer
[2012.01.27 09:11:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\JAM Software
[2012.02.02 15:46:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Leadertech
[2012.02.02 15:39:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Logishrd
[2012.02.02 15:49:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Logitech
[2011.10.27 12:58:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Macromedia
[2012.04.12 13:41:19 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
[2011.09.26 08:26:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla
[2011.11.03 10:37:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\MyPhoneExplorer
[2012.03.28 12:28:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Nero
[2011.11.03 09:40:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\OpenCandy
[2011.09.27 12:29:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\pdfforge
[2011.10.03 13:27:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\PDM
[2011.11.03 10:54:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\PLANStudio Setup
[2011.12.06 13:02:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ProfiCAD
[2011.10.03 13:23:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\PSpad
[2012.02.09 13:42:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\SodaBush
[2012.04.27 13:53:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Stellarium
[2011.11.15 13:03:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sun
[2012.02.27 09:09:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\TuneUp Software
[2012.02.17 15:14:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ulozto File Manager
[2012.02.13 06:53:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\vlc
[2012.01.11 09:38:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Vodafone
[2011.10.03 12:04:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\WinRAR

< %APPDATA%\*.exe /s >
[2012.03.16 15:54:58 | 000,195,256 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\DRPSu\DrvUpdater.exe
[2012.02.02 15:46:40 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2012.02.24 18:15:31 | 000,194,048 | R--- | M] (Dacris Software) -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{716C6FE0-28FC-4DF2-9AF4-732F150E9F8A}\Benchmarks.exe
[2012.02.24 18:15:32 | 000,016,896 | R--- | M] (Microsoft Corporation) -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{716C6FE0-28FC-4DF2-9AF4-732F150E9F8A}\HtmlHelp.exe
[2011.11.02 13:01:48 | 000,005,632 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{7A1B0BD9-175C-4B4C-9F76-6F851FB1AC13}\Icon23091144.exe
[2011.11.03 10:32:21 | 004,587,536 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\MyPhoneExplorer\Sony Ericsson U20i [012342002156653]\Cache\sdcard\aplikace\MyPhoneExplorer_Setup_1.8.2.exe
[2011.01.29 14:35:42 | 152,712,230 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\MyPhoneExplorer\Sony Ericsson U20i [012342002156653]\Cache\sdcard\aplikace\smartmaps_android_free.exe
[2011.11.03 09:40:26 | 000,416,160 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\OpenCandy\OpenCandy_8DECF1DB4A7E4DF3B0BF25D762A9401E\LatestDLMgr.exe
[2011.08.02 00:38:30 | 001,872,896 | ---- | M] (Speedchecker Limited ) -- C:\Documents and Settings\Administrator\Data aplikací\OpenCandy\OpenCandy_8DECF1DB4A7E4DF3B0BF25D762A9401E\pcspeedup.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2011.09.26 09:25:34 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2011.09.26 09:25:34 | 001,093,632 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2011.09.26 09:25:34 | 000,487,424 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.05.10 08:11:39 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Kalendar" = C:\Program Files\Kalendar\kalendar.exe -- [2005.11.09 22:12:44 | 000,580,608 | ---- | M] ()
"SystemExplorerAutoStart" = "C:\Program Files\System Explorer\SystemExplorer.exe" /TRAY -- [2012.03.23 09:36:10 | 002,642,064 | ---- | M] (Mister Group)
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...

< >

< type c:\boot.ini >> test.txt /c >
No captured output from command...

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.05.10 11:18:00 | 000,000,512 | ---- | M] () MD5=ECEAE201EAC0DD5618DE86641E132604 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2011.10.11 06:06:32 | 005,338,927 | ---- | M] () -- \Documents and Settings\Administrator\Dokumenty\Stažené soubory\windows-xp-crack-sp1-sp2-sp3-by-unknown.rar

< *keygen* /s >

< *loader* /s >
[2011.01.18 18:29:56 | 000,301,039 | ---- | M] () -- \Documents and Settings\Administrator\Data aplikací\MyPhoneExplorer\Sony Ericsson U20i [012342002156653]\Cache\phone\system\app\MediaUploader.apk
[2011.01.18 18:30:42 | 000,009,872 | ---- | M] () -- \Documents and Settings\Administrator\Data aplikací\MyPhoneExplorer\Sony Ericsson U20i [012342002156653]\Cache\phone\system\bin\cy8_truetouch_loader
[2011.01.18 18:30:42 | 000,009,740 | ---- | M] () -- \Documents and Settings\Administrator\Data aplikací\MyPhoneExplorer\Sony Ericsson U20i [012342002156653]\Cache\phone\system\bin\tiwlan_loader
[2011.12.29 13:52:07 | 000,904,192 | ---- | M] () -- \Documents and Settings\Administrator\Dokumenty\Stažené soubory\SRDownloader.exe
[2012.03.02 15:07:01 | 000,000,495 | ---- | M] () -- \Documents and Settings\Administrator\Local Settings\Data aplikací\SRDownloader.err
[2012.03.02 15:23:51 | 000,001,024 | ---- | M] () -- \Documents and Settings\Administrator\Local Settings\Data aplikací\SRDownloader.nast
[2012.03.02 15:02:51 | 000,904,192 | ---- | M] () -- \Documents and Settings\Administrator\Plocha\SRDownloader.exe
[2012.04.05 20:51:10 | 000,044,032 | R--- | M] () -- \Program Files\Calibre2\DLLs\PyISAPI_loader.dll
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2010.07.22 16:12:36 | 000,000,454 | ---- | M] () -- \Program Files\Dacris Benchmarks 8.1\Loader.ini
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2011.07.12 13:02:20 | 000,200,704 | R--- | M] () -- \Program Files\Vodafone\Vodafone Mobile Broadband\Bin\loader.dll
[2011.07.12 13:02:20 | 000,196,608 | R--- | M] () -- \Program Files\Vodafone\Vodafone Mobile Broadband\Bin\nwtcdmaloader.dll
[2011.10.12 06:21:36 | 000,082,784 | ---- | M] () -- \WINDOWS\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2008.04.14 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2011.11.22 15:12:58 | 000,012,532 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2008.04.14 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
[2011.11.22 17:50:26 | 000,009,622 | ---- | M] () -- \WINDOWS\system32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2011.03.10 01:43:26 | 000,413,696 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.0.60310.0\System.Runtime.Serialization.dll
[2011.11.03 09:44:08 | 001,186,816 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.0.60310.0\System.Runtime.Serialization.ni.dll
[2010.04.07 23:48:30 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011.07.12 13:02:20 | 000,143,360 | R--- | M] () -- \Program Files\Vodafone\Vodafone Mobile Broadband\Bin\rim_serial.dll
[2011.07.12 13:02:20 | 000,167,936 | R--- | M] () -- \Program Files\Vodafone\Vodafone Mobile Broadband\Bin\rim_serialV2.dll
[2012.04.11 08:59:49 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011.10.25 07:25:52 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.02.16 11:09:29 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1335dd98ce5ce22ad1f51cc274ca5a1d\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.02.16 11:01:56 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f2532204217dc10f152afd077b09927c\System.Runtime.Serialization.ni.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.04.07 23:48:30 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2008.04.14 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2008.04.14 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 14:00:00 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 6144 bytes -> C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT
@Alternate Data Stream - 305 bytes -> C:\Program Files\Dacris Benchmarks 8.1:results.txt
@Alternate Data Stream - 184 bytes -> C:\Program Files\Dacris Benchmarks 8.1:local.txt
@Alternate Data Stream - 128 bytes -> C:\Program Files\Dacris Benchmarks 8.1:prime.txt
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:1AAB2E68

< End of report >

Díky moc, přeji pěkný den!

#13 Příspěvek od **Márty84** » 10 kvě 2012 12:47

Mate ten windows legalni?

petouf · #14 Příspěvek od **petouf** » 10 kvě 2012 13:32

Mám... konečně po letech

#15 Příspěvek od **Márty84** » 10 kvě 2012 13:41

A ten crack tam mate jako zapomenutou vanocni ozdobu?

VIRY.CZ

prosím o preventivní kontrolu

prosím o preventivní kontrolu

Re: prosím o preventivní kontrolu

Re: prosím o preventivní kontrolu

Re: prosím o preventivní kontrolu

Re: prosím o preventivní kontrolu

Re: prosím o preventivní kontrolu

Re: prosím o preventivní kontrolu

Re: prosím o preventivní kontrolu

Re: prosím o preventivní kontrolu

Re: prosím o preventivní kontrolu

Re: prosím o preventivní kontrolu

Re: prosím o preventivní kontrolu

Re: prosím o preventivní kontrolu

Re: prosím o preventivní kontrolu

Re: prosím o preventivní kontrolu