VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Preventivní kontrola logu, problémy s Layout klávesnice

https://forum.viry.cz:443/viewtopic.php?t=124698

Stránka 1 z 4

Preventivní kontrola logu, problémy s Layout klávesnice

Napsal: 04 říj 2012 06:55
od Irí
Prosím o kontrolu logu, problémy s Layoutem - záměna písmenek ("a" za "š" např.), nefunkční písmena ("6" num klávesnice, "d").

Logfile of random's system information tool 1.09 (written by random/random)
Run by uzivatel at 2012-10-04 07:49:10
Microsoft® Windows Vista™ Ultimate Service Pack 2
System drive C: has 29 GB (31%) free of 91 GB
Total RAM: 2039 MB (40% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\qd2m0xmo.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://zpravy.ihned.cz/"
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.9, elemhidehelper@adblockplus.org:1.1.1, {0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}:1.0.1, cs@dictionaries.addons.mozilla.org:1.0.2, {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8, {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.3, {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.6, {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03, lcdclock_bloodeye@gmail.com:0.4.2, {35106bca-6c78-48c7-ac28-56df30b51d2a}:1.3.9, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, mintrayr@tn123.ath.cx:0.9.4, {FFA36170-80B1-4535-B0E3-A4569E497DD0}:3.2pre.20110705, {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.2.1rc1, {1ced4832-f06e-413f-aa14-9eb63ad40ace}:1.0.2, {35106bca-6c78-48c7-ac28-56df30b51d2c}:0.6.4, {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3, {dc572301-7619-498c-a57d-39143191b318}:0.3.8.6, {f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}:5.6.9, {aff87fa2-a58e-4edd-b852-0a20203c1e17}:0.8, add-to-searchbox@maltekraus.de:2.0, {5F590AA2-1221-4113-A6F4-A4BB62414FAC}:0.45.6.20100202.1, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, uss-button@uploadscreenshot.com:1.9.1, extensionlistdumper@sogame.cat:1.15.1, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, compatibility@addons.mozilla.org:0.8.5, coralietab@mozdev.org:2.03.20110625, {54BB9F3F-07E5-486c-9B39-C7398B99391C}:4.0.2011021601, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.18"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.278 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npagent.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
TVicHW32.sys
TVICHW32.VXD
TVicHW64.sys
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\qd2m0xmo.default\extensions\
add-to-searchbox@maltekraus.de
coralietab@mozdev.org
cs@dictionaries.addons.mozilla.org
langpack-cs@firefox.mozilla.org
mintrayr@tn123.ath.cx
staged
uss-button@uploadscreenshot(503).com
uss-button@uploadscreenshot.com
{02450954-cdd9-410f-b1da-db804e18c671}
{02450954-cdd9-410f-b1da-db804e18c671}(24)
{1ced4832-f06e-413f-aa14-9eb63ad40ace}
{5F590AA2-1221-4113-A6F4-A4BB62414FAC}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
{EF522540-89F5-46b9-B6FE-1829E2B572C6}(504)
{FFA36170-80B1-4535-B0E3-A4569E497DD0}

C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\qd2m0xmo.default\searchplugins\
43thingscom-search.xml
add-to-search-bar--doplky-aplikace-firefox-.xml
add-to-search-bar--doplky-aplikace-firefox.xml
bing.xml
hidebehind.com.ico
hidebehind.com.xml
wwwslovnik-cizich-slovcz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-04 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-04 157672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - QT TabBar - C:\Windows\system32\mscoree.dll [2009-11-08 297808]
{D2BF470E-ED1C-487F-A666-2BD8835EB6CE} - QT Tab Standard Buttons - C:\Windows\system32\mscoree.dll [2009-11-08 297808]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2011-02-03 2548552]
"StartupDelayer"=C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe [2011-08-16 893440]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240]
"IntelliPoint"=c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2011-08-01 1821576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]

C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\uzivatel\AppData\Roaming\Dropbox\bin\Dropbox.exe
Mozilla Thunderbird.lnk - C:\Program Files\Mozilla Thunderbird\thunderbird.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-02-11 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2007-07-20 233888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoStartMenuPinnedList"=0
"NoStartMenuMFUprogramsList"=0
"NoUserNameInStartMenu"=0
"NoStartMenuSubFolders"=0
"NoCommonGroups"=0
"NoPrinterTabs"=0
"NoDeletePrinter"=0
"NoAddPrinter"=0
"NoPrinters"=0
"NoFavoritesMenu"=0
"NoDrives"=0
"NoRecentDocsNetHood"=0
"NoChangeAnimation"=0
"NoChangeKeyboardNavigationIndicators"=0
"NoInstrumentation"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"BindDirectlyToPropertySetStorage"=0
"NoResolveTrack"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.i420"=iyuv_32.dll
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"vidc.iv41"=Ir41_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.iac2"=C:\Windows\system32\iac25_32.ax
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.IYUV"=iyuv_32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - "C:\Windows\system32\NOTEPAD.EXE" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2012-10-02 10:42:31 ----D---- C:\Program Files\Microsoft Keyboard Layout Creator 1.4
2012-09-27 10:15:13 ----A---- C:\Windows\system32\XAudio2_0.dll
2012-09-27 10:15:13 ----A---- C:\Windows\system32\xactengine3_0.dll
2012-09-27 10:15:13 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2012-09-27 10:15:13 ----A---- C:\Windows\system32\D3DX9_37.dll
2012-09-27 10:15:13 ----A---- C:\Windows\system32\d3dx10_37.dll
2012-09-27 10:15:13 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2012-09-27 10:15:12 ----A---- C:\Windows\system32\xactengine2_9.dll
2012-09-27 10:15:12 ----A---- C:\Windows\system32\xactengine2_10.dll
2012-09-27 10:15:12 ----A---- C:\Windows\system32\d3dx9_36.dll
2012-09-27 10:15:12 ----A---- C:\Windows\system32\d3dx10_36.dll
2012-09-27 10:15:12 ----A---- C:\Windows\system32\d3dx10_35.dll
2012-09-27 10:15:12 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2012-09-27 10:15:12 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2012-09-27 10:15:11 ----A---- C:\Windows\system32\xinput1_3.dll
2012-09-27 10:15:11 ----A---- C:\Windows\system32\xactengine2_8.dll
2012-09-27 10:15:11 ----A---- C:\Windows\system32\xactengine2_7.dll
2012-09-27 10:15:11 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2012-09-27 10:15:11 ----A---- C:\Windows\system32\d3dx9_35.dll
2012-09-27 10:15:11 ----A---- C:\Windows\system32\d3dx9_34.dll
2012-09-27 10:15:11 ----A---- C:\Windows\system32\d3dx10_34.dll
2012-09-27 10:15:11 ----A---- C:\Windows\system32\d3dx10_33.dll
2012-09-27 10:15:11 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2012-09-27 10:15:11 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2012-09-27 10:15:10 ----A---- C:\Windows\system32\xactengine2_6.dll
2012-09-27 10:15:10 ----A---- C:\Windows\system32\d3dx9_33.dll
2012-09-27 10:15:09 ----A---- C:\Windows\system32\xactengine2_5.dll
2012-09-27 10:15:09 ----A---- C:\Windows\system32\d3dx9_32.dll
2012-09-27 10:15:09 ----A---- C:\Windows\system32\d3dx10.dll
2012-09-27 10:15:08 ----A---- C:\Windows\system32\xinput1_2.dll
2012-09-27 10:15:08 ----A---- C:\Windows\system32\xinput1_1.dll
2012-09-27 10:15:08 ----A---- C:\Windows\system32\xactengine2_4.dll
2012-09-27 10:15:08 ----A---- C:\Windows\system32\xactengine2_3.dll
2012-09-27 10:15:08 ----A---- C:\Windows\system32\xactengine2_2.dll
2012-09-27 10:15:08 ----A---- C:\Windows\system32\x3daudio1_1.dll
2012-09-27 10:15:08 ----A---- C:\Windows\system32\d3dx9_31.dll
2012-09-27 10:15:07 ----A---- C:\Windows\system32\xactengine2_1.dll
2012-09-27 10:15:03 ----A---- C:\Windows\system32\xactengine2_0.dll
2012-09-27 10:15:03 ----A---- C:\Windows\system32\x3daudio1_0.dll
2012-09-27 10:15:03 ----A---- C:\Windows\system32\d3dx9_29.dll
2012-09-27 10:15:02 ----A---- C:\Windows\system32\d3dx9_27.dll
2012-09-27 10:15:02 ----A---- C:\Windows\system32\d3dx9_26.dll
2012-09-27 10:15:02 ----A---- C:\Windows\system32\d3dx9_25.dll
2012-09-27 10:15:02 ----A---- C:\Windows\system32\d3dx9_24.dll
2012-09-24 08:01:45 ----A---- C:\Windows\system32\vbscript.dll
2012-09-24 08:01:45 ----A---- C:\Windows\system32\mshtmled.dll
2012-09-24 08:01:44 ----A---- C:\Windows\system32\msfeeds.dll
2012-09-24 08:01:44 ----A---- C:\Windows\system32\jsproxy.dll
2012-09-24 08:01:44 ----A---- C:\Windows\system32\ieUnatt.exe
2012-09-24 08:01:44 ----A---- C:\Windows\system32\ieui.dll
2012-09-24 08:01:43 ----A---- C:\Windows\system32\wininet.dll
2012-09-24 08:01:43 ----A---- C:\Windows\system32\jscript.dll
2012-09-24 08:01:42 ----A---- C:\Windows\system32\url.dll
2012-09-24 08:01:42 ----A---- C:\Windows\system32\jscript9.dll
2012-09-24 08:01:41 ----A---- C:\Windows\system32\urlmon.dll
2012-09-24 08:01:41 ----A---- C:\Windows\system32\iertutil.dll
2012-09-24 08:01:38 ----A---- C:\Windows\system32\mshtml.dll
2012-09-24 08:01:38 ----A---- C:\Windows\system32\ieframe.dll
2012-09-20 12:23:28 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-09-12 15:48:07 ----D---- C:\Program Files\Paint.NET
2012-09-07 15:24:59 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2012-10-04 07:49:16 ----D---- C:\Windows\temp
2012-10-04 07:46:42 ----D---- C:\Windows\pss
2012-10-04 07:43:18 ----D---- C:\Windows\Prefetch
2012-10-04 07:35:29 ----D---- C:\Users\uzivatel\AppData\Roaming\Dropbox
2012-10-04 06:30:06 ----D---- C:\Windows
2012-10-03 12:56:56 ----D---- C:\Program Files\Common Files\LogiShrd
2012-10-03 12:56:36 ----D---- C:\ProgramData\Logishrd
2012-10-03 12:56:35 ----RD---- C:\Program Files
2012-10-03 12:56:12 ----D---- C:\Windows\system32\catroot
2012-10-03 12:56:11 ----D---- C:\Windows\inf
2012-10-03 12:52:34 ----D---- C:\Windows\system32\drivers
2012-10-03 12:00:49 ----A---- C:\Windows\Sandboxie.ini
2012-10-03 10:38:19 ----D---- C:\Users\uzivatel\AppData\Roaming\OpenOffice.org2
2012-10-03 09:43:10 ----SHD---- C:\System Volume Information
2012-10-02 10:48:29 ----D---- C:\Windows\System32
2012-10-02 10:48:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-10-02 10:42:36 ----SHD---- C:\Windows\Installer
2012-10-01 20:42:30 ----D---- C:\Users\uzivatel\AppData\Roaming\vlc
2012-09-27 10:15:07 ----RSD---- C:\Windows\assembly
2012-09-26 12:46:21 ----D---- C:\Windows\Minidump
2012-09-24 15:26:05 ----D---- C:\Windows\system32\migration
2012-09-24 15:26:04 ----D---- C:\Program Files\Internet Explorer
2012-09-24 08:02:30 ----D---- C:\Windows\winsxs
2012-09-24 08:02:13 ----D---- C:\Windows\system32\catroot2
2012-09-20 12:23:39 ----D---- C:\ProgramData\Adobe
2012-09-20 12:23:29 ----D---- C:\Windows\Tasks
2012-09-20 12:23:29 ----D---- C:\Windows\system32\Tasks
2012-09-12 15:10:15 ----D---- C:\ProgramData\Microsoft Help
2012-09-12 15:05:32 ----A---- C:\Windows\system32\mrt.exe
2012-09-12 13:59:44 ----D---- C:\Program Files\Mozilla Thunderbird
2012-09-10 07:15:48 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-09-07 17:52:57 ----D---- C:\Users\uzivatel\AppData\Roaming\DMCache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 fvevol;BitLocker Drive Encryption Filter Driver; C:\Windows\System32\DRIVERS\fvevol.sys [2009-04-11 143848]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2011-02-03 17256]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2011-02-03 236600]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2011-02-03 34744]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Program Files\HWiNFO32\HWiNFO32.SYS [2012-02-07 21752]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2011-02-03 80064]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2010-04-12 59388]
R3 dc3d;MS Hardware Device Detection Driver; C:\Windows\system32\DRIVERS\dc3d.sys [2011-08-01 45288]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-05-30 1780576]
R3 NuidFltr;NUID filter driver; C:\Windows\system32\DRIVERS\NuidFltr.sys [2011-08-01 21784]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point32.sys [2011-08-01 40936]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [2008-01-13 92160]
S3 Andbus;LGE Android Platform Composite USB Device; C:\Windows\system32\DRIVERS\lgandbus.sys [2010-12-23 14336]
S3 AndDiag;LGE Android Platform USB Serial Port; C:\Windows\system32\DRIVERS\lganddiag.sys [2010-12-23 20736]
S3 AndGps;LGE Android Platform USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandgps.sys [2010-12-23 20096]
S3 ANDModem;LGE Android Platform USB Modem; C:\Windows\system32\DRIVERS\lgandmodem.sys [2010-12-23 25088]
S3 AVerAF35;AVerMedia A835 USB DVB-T; C:\Windows\System32\Drivers\AVerAF35.sys [2010-04-02 642560]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.SYS [1999-10-21 20400]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\Windows\system32\DRIVERS\L8042Kbd.sys [2011-09-02 22040]
S3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtport.sys [2009-09-29 12160]
S3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]
S3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2009-12-04 17408]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2008-08-07 47360]
S3 PSSDK42;PSSDK42; \??\C:\Windows\system32\Drivers\pssdk42.sys [2010-12-21 38976]
S3 rspAux;rspAux; C:\Windows\system32\DRIVERS\rspAux32.sys [2011-01-26 19000]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2011-08-31 22216]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 AVerRemote;AVerRemote; C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe [2010-04-28 348160]
R2 AVerScheduleService;AVerScheduleService; C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2011-04-02 403456]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2011-02-03 1803224]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2009-07-24 189728]
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2008-01-13 51200]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-20 250288]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-01-14 85096]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-07 114144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 HP LaserJet Service;HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [2009-10-15 136192]
S4 TeamViewer7;TeamViewer 7; C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840]

-----------------EOF-----------------

Re: Preventivní kontrola logu, problémy s Layout klávesnice

Napsal: 04 říj 2012 19:20
od Márty84
Zdravim :)

:???: Jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze :?:


:???: Co jina klavesnice? Funguje normalne?


:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

Re: Preventivní kontrola logu, problémy s Layout klávesnice

Napsal: 04 říj 2012 22:54
od Irí
Márty84 píše: :???: Jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze :?:
OEM verze

Márty84 píše: :???: Co jina klavesnice? Funguje normalne?
Původní na PS/2 nahrazena novou do PS/2, problém přetrvával. Koupě USB klávesnice, opět problém přetrvává.

Márty84 píše::arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text...
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Splněno, logy přikládám:

OTL logfile created on: 4.10.2012 22:19:51 - Run 1
OTL by OldTimer - Version 3.2.70.2 Folder = C:\Users\uzivatel\Desktop
Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1.99 Gb Total Physical Memory | 0.83 Gb Available Physical Memory | 41.48% Memory free
4.24 Gb Paging File | 2.68 Gb Available in Paging File | 63.17% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 89.07 Gb Total Space | 26.56 Gb Free Space | 29.82% Space Free | Partition Type: NTFS
Drive D: | 209.02 Gb Total Space | 11.91 Gb Free Space | 5.70% Space Free | Partition Type: NTFS

Computer Name: VISTA | User Name: uzivatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.10.04 22:12:08 | 000,601,088 | ---- | M] (OldTimer Tools) -- C:\Users\uzivatel\Desktop\OTL.exe
PRC - [2012.09.20 12:23:28 | 001,807,280 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_4_402_278.exe
PRC - [2012.09.12 13:59:16 | 000,388,576 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe
PRC - [2012.09.07 15:26:19 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.05.24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\uzivatel\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.04.02 06:52:24 | 000,403,456 | ---- | M] () -- C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
PRC - [2011.02.03 15:52:27 | 002,548,552 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2011.02.03 15:52:21 | 001,803,224 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2010.04.28 10:02:50 | 000,348,160 | ---- | M] (AVerMedia) -- C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
PRC - [2009.07.24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.01.13 13:53:38 | 000,051,200 | ---- | M] (tzuk) -- C:\Program Files\Sandboxie\SbieSvc.exe
PRC - [2007.07.10 23:01:08 | 002,916,352 | ---- | M] (Lifsoft,INC) -- C:\Program Files\PCAutopower and Shutdown2_04\AutoPowerOn.exe


========== Modules (No Company Name) ==========

MOD - [2012.09.20 12:23:27 | 009,813,424 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_4_402_278.dll
MOD - [2012.09.12 13:59:34 | 002,061,280 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\mozjs.dll
MOD - [2012.09.12 13:59:32 | 000,157,664 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\nsldap32v60.dll
MOD - [2012.09.12 13:59:32 | 000,021,984 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\nsldappr32v60.dll
MOD - [2012.09.07 15:26:19 | 002,244,064 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.09.04 15:31:08 | 000,008,704 | ---- | M] () -- C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\qd2m0xmo.default\extensions\mintrayr@tn123.ath.cx\lib\tray_x86-msvc.dll
MOD - [2012.06.14 09:16:15 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll
MOD - [2012.06.14 09:15:47 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll
MOD - [2012.05.10 09:56:20 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\1b337cf9a031145849bc48c11b2cfe58\Accessibility.ni.dll
MOD - [2012.05.10 08:42:07 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012.05.10 08:41:57 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2012.03.16 16:23:42 | 000,008,192 | ---- | M] () -- C:\Users\uzivatel\AppData\Roaming\Thunderbird\Profiles\u7u12ff0.default\extensions\mintrayr@tn123.ath.cx\lib\tray_x86-msvc.dll
MOD - [2012.02.02 16:39:51 | 000,011,264 | ---- | M] () -- C:\Users\uzivatel\AppData\Roaming\Thunderbird\Profiles\u7u12ff0.default\extensions\{FFA36170-80B1-4535-B0E3-A4569E497DD0}\modules\binary\mgMouseService_WINNT_x86-msvc.dll
MOD - [2011.07.31 15:12:22 | 000,007,680 | ---- | M] () -- C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\qd2m0xmo.default\extensions\{FFA36170-80B1-4535-B0E3-A4569E497DD0}\modules\binary\mgMouseService_WINNT_x86-msvc.dll
MOD - [2008.01.12 13:25:13 | 008,007,680 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll


========== Services (SafeList) ==========

SRV - [2012.09.20 12:23:28 | 000,250,288 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.07 15:26:19 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.01.19 13:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.04.02 06:52:24 | 000,403,456 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe -- (AVerScheduleService)
SRV - [2011.02.03 15:52:21 | 001,803,224 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2010.04.28 10:02:50 | 000,348,160 | ---- | M] (AVerMedia) [Auto | Running] -- C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe -- (AVerRemote)
SRV - [2009.10.15 12:13:50 | 000,136,192 | ---- | M] (HP) [Disabled | Stopped] -- C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service)
SRV - [2009.07.24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2008.01.19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.14 23:29:52 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2008.01.13 13:53:38 | 000,051,200 | ---- | M] (tzuk) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012.02.07 15:08:58 | 000,021,752 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Program Files\HWiNFO32\HWiNFO32.SYS -- (HWiNFO32)
DRV - [2011.09.02 08:30:58 | 000,022,040 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2011.08.31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.08.01 15:56:42 | 000,045,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d)
DRV - [2011.02.03 15:53:28 | 000,080,064 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect)
DRV - [2011.02.03 15:53:28 | 000,034,744 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2011.02.03 15:53:27 | 000,236,600 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2011.02.03 15:53:27 | 000,017,256 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmderd.sys -- (cmderd)
DRV - [2011.01.26 14:45:22 | 000,019,000 | ---- | M] (Resplendence Software Projects Sp.) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\rspAux32.sys -- (rspAux)
DRV - [2010.12.23 18:35:02 | 000,025,088 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandmodem.sys -- (ANDModem)
DRV - [2010.12.23 18:35:00 | 000,020,736 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lganddiag.sys -- (AndDiag)
DRV - [2010.12.23 18:35:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandgps.sys -- (AndGps)
DRV - [2010.12.23 18:35:00 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandbus.sys -- (Andbus)
DRV - [2010.12.21 08:53:23 | 000,038,976 | ---- | M] (microOLAP Technologies LTD) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pssdk42.sys -- (PSSDK42)
DRV - [2010.04.12 10:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2010.04.02 04:05:36 | 000,642,560 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVerAF35.sys -- (AVerAF35)
DRV - [2009.12.04 01:05:26 | 000,017,408 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mvusbews.sys -- (mvusbews)
DRV - [2009.09.29 09:11:22 | 000,012,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgbtport.sys -- (LgBttPort)
DRV - [2009.09.29 09:11:20 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgvmodem.sys -- (LGVMODEM)
DRV - [2009.09.29 09:11:20 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgbtbus.sys -- (lgbusenum)
DRV - [2008.01.13 13:53:36 | 000,092,160 | ---- | M] (tzuk) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2006.11.02 09:30:56 | 000,044,544 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3261852175-3587454928-1856105747-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3261852175-3587454928-1856105747-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 5C D2 C5 F4 7F 93 CA 01 [binary data]
IE - HKU\S-1-5-21-3261852175-3587454928-1856105747-1000\..\SearchScopes,DefaultScope = {7E219A40-A9C3-42D4-9523-A6E3EA9A8B19}
IE - HKU\S-1-5-21-3261852175-3587454928-1856105747-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-3261852175-3587454928-1856105747-1000\..\SearchScopes\{7E219A40-A9C3-42D4-9523-A6E3EA9A8B19}: "URL" = http://www.google.cz/search?q={searchTe ... {startPage}
IE - HKU\S-1-5-21-3261852175-3587454928-1856105747-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.openintab: true
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://zpravy.ihned.cz/"
FF - prefs.js..extensions.enabledAddons: add-to-searchbox@maltekraus.de:2.0
FF - prefs.js..extensions.enabledAddons: checkplaces@andyhalford.com:2.6.2
FF - prefs.js..extensions.enabledAddons: compatibility@addons.mozilla.org:1.1
FF - prefs.js..extensions.enabledAddons: coralietab@mozdev.org:2.04.20110724
FF - prefs.js..extensions.enabledAddons: cs@dictionaries.addons.mozilla.org:1.0.2
FF - prefs.js..extensions.enabledAddons: extensionlistdumper@sogame.cat:1.15.2
FF - prefs.js..extensions.enabledAddons: uss-button@uploadscreenshot.com:1.9.1
FF - prefs.js..extensions.enabledAddons: {0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}:1.0.2
FF - prefs.js..extensions.enabledAddons: {35106bca-6c78-48c7-ac28-56df30b51d2a}:1.3.9
FF - prefs.js..extensions.enabledAddons: {aff87fa2-a58e-4edd-b852-0a20203c1e17}:0.9
FF - prefs.js..extensions.enabledAddons: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.10
FF - prefs.js..extensions.enabledAddons: {dc572301-7619-498c-a57d-39143191b318}:0.4.0.3
FF - prefs.js..extensions.enabledAddons: {FFA36170-80B1-4535-B0E3-A4569E497DD0}:3.2pre.20110731
FF - prefs.js..extensions.enabledAddons: mintrayr@tn123.ath.cx:1.1.0
FF - prefs.js..extensions.enabledAddons: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:1.3
FF - prefs.js..extensions.enabledAddons: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.5.7rc3
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.9
FF - prefs.js..extensions.enabledItems: elemhidehelper@adblockplus.org:1.1.1
FF - prefs.js..extensions.enabledItems: {0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}:1.0.1
FF - prefs.js..extensions.enabledItems: cs@dictionaries.addons.mozilla.org:1.0.2
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.3
FF - prefs.js..extensions.enabledItems: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.6
FF - prefs.js..extensions.enabledItems: lcdclock_bloodeye@gmail.com:0.4.2
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2a}:1.3.9
FF - prefs.js..extensions.enabledItems: mintrayr@tn123.ath.cx:0.9.4
FF - prefs.js..extensions.enabledItems: {FFA36170-80B1-4535-B0E3-A4569E497DD0}:3.2pre.20110705
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.2.1rc1
FF - prefs.js..extensions.enabledItems: {1ced4832-f06e-413f-aa14-9eb63ad40ace}:1.0.2
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2c}:0.6.4
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.6
FF - prefs.js..extensions.enabledItems: {f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}:5.6.9
FF - prefs.js..extensions.enabledItems: {aff87fa2-a58e-4edd-b852-0a20203c1e17}:0.8
FF - prefs.js..extensions.enabledItems: add-to-searchbox@maltekraus.de:2.0
FF - prefs.js..extensions.enabledItems: {5F590AA2-1221-4113-A6F4-A4BB62414FAC}:0.45.6.20100202.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: uss-button@uploadscreenshot.com:1.9.1
FF - prefs.js..extensions.enabledItems: extensionlistdumper@sogame.cat:1.15.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: compatibility@addons.mozilla.org:0.8.5
FF - prefs.js..extensions.enabledItems: coralietab@mozdev.org:2.03.20110625
FF - prefs.js..extensions.enabledItems: {54BB9F3F-07E5-486c-9B39-C7398B99391C}:4.0.2011021601
FF - prefs.js..network.proxy.socks_version: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Users\uzivatel\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.01.13 12:34:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 15:26:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.09.07 15:26:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.07.09 08:43:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.01.13 12:34:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 15:26:19 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.09.07 15:26:15 | 000,000,000 | ---D | M]

[2011.11.03 10:50:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\uzivatel\AppData\Roaming\mozilla\Extensions
[2010.04.26 10:27:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\uzivatel\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.10.04 06:32:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\uzivatel\AppData\Roaming\mozilla\Firefox\Profiles\qd2m0xmo.default\extensions
[2011.11.03 10:50:25 | 000,000,000 | ---D | M] (Screengrab) -- C:\Users\uzivatel\AppData\Roaming\mozilla\Firefox\Profiles\qd2m0xmo.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2011.11.03 10:50:25 | 000,000,000 | ---D | M] (Screengrab) -- C:\Users\uzivatel\AppData\Roaming\mozilla\Firefox\Profiles\qd2m0xmo.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}(24)
[2011.11.03 10:50:25 | 000,000,000 | ---D | M] (Nuke Anything Enhanced) -- C:\Users\uzivatel\AppData\Roaming\mozilla\Firefox\Profiles\qd2m0xmo.default\extensions\{1ced4832-f06e-413f-aa14-9eb63ad40ace}
[2011.11.03 10:50:25 | 000,000,000 | ---D | M] (SmoothWheel (mozdev.org)) -- C:\Users\uzivatel\AppData\Roaming\mozilla\Firefox\Profiles\qd2m0xmo.default\extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}
[2012.09.17 07:26:13 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\uzivatel\AppData\Roaming\mozilla\Firefox\Profiles\qd2m0xmo.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.09.26 08:02:49 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Users\uzivatel\AppData\Roaming\mozilla\Firefox\Profiles\qd2m0xmo.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
[2011.11.03 10:50:27 | 000,000,000 | ---D | M] (SearchPreview) -- C:\Users\uzivatel\AppData\Roaming\mozilla\Firefox\Profiles\qd2m0xmo.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}(504)
[2011.11.03 10:50:27 | 000,000,000 | ---D | M] (Mouse Gestures Redox) -- C:\Users\uzivatel\AppData\Roaming\mozilla\Firefox\Profiles\qd2m0xmo.default\extensions\{FFA36170-80B1-4535-B0E3-A4569E497DD0}
[2011.11.03 10:50:22 | 000,000,000 | ---D | M] (Add to Search Bar) -- C:\Users\uzivatel\AppData\Roaming\mozilla\Firefox\Profiles\qd2m0xmo.default\extensions\add-to-searchbox@maltekraus.de
[2011.11.03 10:50:23 | 000,000,000 | ---D | M] (IE Tab +) -- C:\Users\uzivatel\AppData\Roaming\mozilla\Firefox\Profiles\qd2m0xmo.default\extensions\coralietab@mozdev.org
[2011.11.03 10:50:24 | 000,000,000 | ---D | M] (České slovníky pro kontrolu pravopisu) -- C:\Users\uzivatel\AppData\Roaming\mozilla\Firefox\Profiles\qd2m0xmo.default\extensions\cs@dictionaries.addons.mozilla.org
[2011.11.03 10:50:24 | 000,000,000 | ---D | M] ("Czech (CZ) Language Pack") -- C:\Users\uzivatel\AppData\Roaming\mozilla\Firefox\Profiles\qd2m0xmo.default\extensions\langpack-cs@firefox.mozilla.org
[2012.09.12 15:03:06 | 000,000,000 | ---D | M] (MinimizeToTray revived (MinTrayR)) -- C:\Users\uzivatel\AppData\Roaming\mozilla\Firefox\Profiles\qd2m0xmo.default\extensions\mintrayr@tn123.ath.cx
[2012.10.04 06:32:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\uzivatel\AppData\Roaming\mozilla\Firefox\Profiles\qd2m0xmo.default\extensions\staged
[2011.11.03 10:50:24 | 000,000,000 | ---D | M] (UploadScreenshot.com Capture) -- C:\Users\uzivatel\AppData\Roaming\mozilla\Firefox\Profiles\qd2m0xmo.default\extensions\uss-button@uploadscreenshot(503).com
[2011.11.03 10:50:24 | 000,000,000 | ---D | M] (UploadScreenshot.com Capture) -- C:\Users\uzivatel\AppData\Roaming\mozilla\Firefox\Profiles\qd2m0xmo.default\extensions\uss-button@uploadscreenshot.com
[2011.11.23 07:47:09 | 000,024,621 | R--- | M] () (No name found) -- C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\qd2m0xmo.default\extensions\bartap@philikon.de.xpi
[2012.04.02 12:27:34 | 000,129,271 | ---- | M] () (No name found) -- C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\qd2m0xmo.default\extensions\checkplaces@andyhalford.com.xpi
[2012.02.27 10:55:31 | 000,164,722 | ---- | M] () (No name found) -- C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\qd2m0xmo.default\extensions\compatibility@addons.mozilla.org.xpi
[2012.07.09 07:39:59 | 000,123,385 | ---- | M] () (No name found) -- C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\qd2m0xmo.default\extensions\elemhidehelper@adblockplus.org.xpi
[2011.08.18 10:03:17 | 000,075,035 | ---- | M] () (No name found) -- C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\qd2m0xmo.default\extensions\extensionlistdumper@sogame.cat.xpi
[2012.06.19 16:25:03 | 000,049,278 | ---- | M] () (No name found) -- C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\qd2m0xmo.default\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}.xpi
[2011.07.13 08:52:03 | 000,068,254 | ---- | M] () (No name found) -- C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\qd2m0xmo.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}.xpi
[2011.07.13 08:54:40 | 000,024,665 | ---- | M] () (No name found) -- C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\qd2m0xmo.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2c}.xpi
[2012.10.04 06:32:04 | 000,529,466 | ---- | M] () (No name found) -- C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\qd2m0xmo.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2011.11.10 15:41:05 | 000,042,737 | ---- | M] () (No name found) -- C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\qd2m0xmo.default\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}.xpi
[2012.08.30 07:40:18 | 000,199,396 | ---- | M] () (No name found) -- C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\qd2m0xmo.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2012.07.30 07:18:35 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\qd2m0xmo.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2011.11.01 07:50:19 | 000,434,392 | ---- | M] () (No name found) -- C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\qd2m0xmo.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
[2012.07.30 07:37:24 | 000,702,524 | ---- | M] () (No name found) -- C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\qd2m0xmo.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
[2012.10.04 06:32:04 | 000,257,937 | ---- | M] () (No name found) -- C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\qd2m0xmo.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2009.10.21 08:39:54 | 000,000,938 | ---- | M] () -- C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\qd2m0xmo.default\searchplugins\43thingscom-search.xml
[2010.03.30 09:36:04 | 000,001,718 | ---- | M] () -- C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\qd2m0xmo.default\searchplugins\add-to-search-bar--doplky-aplikace-firefox-.xml
[2010.03.30 09:35:48 | 000,001,717 | ---- | M] () -- C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\qd2m0xmo.default\searchplugins\add-to-search-bar--doplky-aplikace-firefox.xml
[2009.10.21 08:38:45 | 000,002,172 | ---- | M] () -- C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\qd2m0xmo.default\searchplugins\bing.xml
[2007.06.09 00:34:00 | 000,003,638 | ---- | M] () -- C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\qd2m0xmo.default\searchplugins\hidebehind.com.ico
[2007.10.03 08:16:44 | 000,002,143 | ---- | M] () -- C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\qd2m0xmo.default\searchplugins\hidebehind.com.xml
[2009.10.29 15:12:07 | 000,001,478 | ---- | M] () -- C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\qd2m0xmo.default\searchplugins\wwwslovnik-cizich-slovcz.xml
[2012.09.07 15:26:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.09.07 15:26:19 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2008.01.29 15:22:00 | 000,437,760 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npagent.dll
[2012.07.30 07:10:36 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.07.30 07:10:36 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.07.30 07:10:36 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.07.30 07:10:36 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.07.30 07:10:36 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://aktualne.centrum.cz/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\10.0.648.134\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U23 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\10.0.648.134\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\10.0.648.134\gears.dll
CHR - plugin: Driver Agent Plug-in (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npagent.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Google Update (Enabled) = C:\Users\uzivatel\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Turn Off the Lights = C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.0.0.31_0\
CHR - Extension: Adblock Plus for Google Chrome\u2122 (Beta) = C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.1.4_0\
CHR - Extension: Smooth Gestures = C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfkgmnnajiljnolcgolmmgnecgldgeld\0.15.4.12_0\

O1 HOSTS File: ([2012.02.08 16:01:10 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [StartupDelayer] C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe (r2 Studios)
O4 - Startup: C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\uzivatel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk = C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3261852175-3587454928-1856105747-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3261852175-3587454928-1856105747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3261852175-3587454928-1856105747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetHood = 0
O7 - HKU\S-1-5-21-3261852175-3587454928-1856105747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoManageMyComputerVerb = 0
O7 - HKU\S-1-5-21-3261852175-3587454928-1856105747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O7 - HKU\S-1-5-21-3261852175-3587454928-1856105747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\S-1-5-21-3261852175-3587454928-1856105747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 0
O7 - HKU\S-1-5-21-3261852175-3587454928-1856105747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 0
O7 - HKU\S-1-5-21-3261852175-3587454928-1856105747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O7 - HKU\S-1-5-21-3261852175-3587454928-1856105747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0
O7 - HKU\S-1-5-21-3261852175-3587454928-1856105747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPrinterTabs = 0
O7 - HKU\S-1-5-21-3261852175-3587454928-1856105747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O7 - HKU\S-1-5-21-3261852175-3587454928-1856105747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAddPrinter = 0
O7 - HKU\S-1-5-21-3261852175-3587454928-1856105747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPrinters = 0
O7 - HKU\S-1-5-21-3261852175-3587454928-1856105747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetworkConnections = 0
O7 - HKU\S-1-5-21-3261852175-3587454928-1856105747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O7 - HKU\S-1-5-21-3261852175-3587454928-1856105747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O7 - HKU\S-1-5-21-3261852175-3587454928-1856105747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKU\S-1-5-21-3261852175-3587454928-1856105747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0
O7 - HKU\S-1-5-21-3261852175-3587454928-1856105747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3261852175-3587454928-1856105747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0
O7 - HKU\S-1-5-21-3261852175-3587454928-1856105747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeAnimation = 0
O7 - HKU\S-1-5-21-3261852175-3587454928-1856105747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeKeyboardNavigationIndicators = 0
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Unable to open value key)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Unable to open value key)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{47CC26F4-6107-463B-9924-0AB2E857F84B}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\AutorunsDisabled - No CLSID value found
O18 - Protocol\Handler\AutorunsDisabled\skype4com - No CLSID value found
O20 - AppInit_DLLs: (C:\Windows\System32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\uzivatel\Pictures\Foto\Jája+Verunka+Dasty na posteli2.jpg
O24 - Desktop BackupWallPaper: C:\Users\uzivatel\Pictures\Foto\Jája+Verunka+Dasty na posteli2.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-3261852175-3587454928-1856105747-1000\...com [@ = ComFile] -- Reg Error: Unable to open value key File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\Windows\System32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: VIDC.DIVX - C:\Windows\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.iv41 - C:\Windows\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\Windows\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012.10.04 22:12:05 | 000,601,088 | ---- | C] (OldTimer Tools) -- C:\Users\uzivatel\Desktop\OTL.exe
[2012.10.02 10:43:45 | 000,000,000 | ---D | C] -- C:\Users\uzivatel\AppData\Local\MSKLC
[2012.10.02 10:42:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Keyboard Layout Creator 1.4
[2012.09.27 10:26:30 | 000,000,000 | ---D | C] -- C:\Users\uzivatel\AppData\Local\FlatOut Ultimate Carnage
[2012.09.27 10:15:13 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2012.09.27 10:15:13 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2012.09.27 10:15:13 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2012.09.27 10:15:13 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2012.09.27 10:15:13 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2012.09.27 10:15:13 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2012.09.27 10:15:12 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2012.09.27 10:15:12 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2012.09.27 10:15:12 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2012.09.27 10:15:12 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2012.09.27 10:15:12 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2012.09.27 10:15:12 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2012.09.27 10:15:12 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2012.09.27 10:15:11 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2012.09.27 10:15:11 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2012.09.27 10:15:11 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2012.09.27 10:15:11 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2012.09.27 10:15:11 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2012.09.27 10:15:11 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2012.09.27 10:15:11 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2012.09.27 10:15:11 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2012.09.27 10:15:11 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2012.09.27 10:15:11 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2012.09.27 10:15:10 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2012.09.27 10:15:10 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2012.09.27 10:15:09 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2012.09.27 10:15:09 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2012.09.27 10:15:09 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2012.09.27 10:15:08 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2012.09.27 10:15:08 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2012.09.27 10:15:08 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2012.09.27 10:15:08 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2012.09.27 10:15:08 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2012.09.27 10:15:08 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2012.09.27 10:15:08 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2012.09.27 10:15:07 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2012.09.27 10:15:03 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2012.09.27 10:15:03 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2012.09.27 10:15:03 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2012.09.27 10:15:02 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2012.09.27 10:15:02 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2012.09.27 10:15:02 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2012.09.27 10:15:02 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2012.09.24 08:01:45 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.09.24 08:01:44 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.09.24 08:01:44 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.09.24 08:01:44 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.09.24 08:01:44 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.09.24 08:01:42 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.09.24 08:01:42 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.09.24 08:01:40 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.09.20 12:23:28 | 000,696,240 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.09.20 12:23:28 | 000,073,136 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.09.12 15:48:07 | 000,000,000 | ---D | C] -- C:\Program Files\Paint.NET
[2012.09.12 15:47:37 | 000,000,000 | ---D | C] -- C:\Users\uzivatel\AppData\Local\Paint.NET
[2012.09.07 15:24:59 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2008.02.01 11:29:24 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\uzivatel\AppData\Roaming\pcouffin.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.10.04 22:26:57 | 000,003,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.04 22:26:57 | 000,003,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.04 22:24:33 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.10.04 22:12:08 | 000,601,088 | ---- | M] (OldTimer Tools) -- C:\Users\uzivatel\Desktop\OTL.exe
[2012.10.04 21:57:15 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.04 14:26:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.04 14:26:48 | 2138,497,024 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.03 12:00:49 | 000,002,476 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2012.10.03 08:47:00 | 000,034,304 | ---- | M] () -- C:\Users\uzivatel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.10.02 10:48:29 | 000,610,486 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.10.02 10:48:29 | 000,598,702 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.10.02 10:48:29 | 000,119,102 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.10.02 10:48:29 | 000,104,716 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.09.20 12:23:28 | 000,696,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.09.20 12:23:28 | 000,073,136 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.09.12 15:53:58 | 000,000,832 | ---- | M] () -- C:\Users\uzivatel\Desktop\PaintDotNet.exe – zástupce.lnk
[2012.09.10 13:39:29 | 000,108,355 | ---- | M] () -- C:\Users\uzivatel\Desktop\diagnostika.jpg
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
.
.
.

Re: Preventivní kontrola logu, problémy s Layout klávesnice

Napsal: 04 říj 2012 23:00
od Irí
.
.
.
color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012.10.04 22:24:33 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.10.02 10:42:34 | 000,002,080 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard Layout Creator 1.4.lnk
[2012.09.20 12:23:29 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.09.12 15:53:58 | 000,000,832 | ---- | C] () -- C:\Users\uzivatel\Desktop\PaintDotNet.exe – zástupce.lnk
[2012.09.12 15:49:06 | 000,000,952 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
[2012.09.10 13:39:28 | 000,108,355 | ---- | C] () -- C:\Users\uzivatel\Desktop\diagnostika.jpg
[2012.06.08 12:32:29 | 000,049,152 | ---- | C] () -- C:\Windows\System32\AVerIO.dll
[2012.06.08 12:32:29 | 000,003,456 | ---- | C] () -- C:\Windows\System32\AVerIO.sys
[2012.06.08 12:32:20 | 000,614,400 | ---- | C] () -- C:\Windows\System32\sptlib21.dll
[2012.06.08 12:32:20 | 000,421,888 | ---- | C] () -- C:\Windows\System32\sptlib02.dll
[2012.06.08 12:32:20 | 000,311,296 | ---- | C] () -- C:\Windows\System32\sptlib01.dll
[2012.06.08 12:32:20 | 000,307,200 | ---- | C] () -- C:\Windows\System32\sptlib22.dll
[2012.06.08 12:32:20 | 000,307,200 | ---- | C] () -- C:\Windows\System32\sptlib03.dll
[2012.06.08 12:32:20 | 000,294,912 | ---- | C] () -- C:\Windows\System32\sptlib11.dll
[2012.06.08 12:32:20 | 000,135,168 | ---- | C] () -- C:\Windows\System32\sptlib12.dll
[2012.02.08 15:48:10 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.01.31 21:46:02 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2012.01.31 21:46:02 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2011.10.10 09:53:57 | 000,000,218 | ---- | C] () -- C:\Users\uzivatel\.recently-used.xbel
[2011.02.22 09:35:15 | 001,220,608 | ---- | C] () -- C:\Windows\System32\pdf2bmp.dll
[2011.02.22 09:35:14 | 000,098,304 | ---- | C] () -- C:\Windows\System32\DVM.dll
[2011.02.22 09:35:14 | 000,053,248 | ---- | C] () -- C:\Windows\System32\RegisterExe.exe
[2011.01.13 13:10:18 | 001,167,360 | ---- | C] () -- C:\Windows\System32\HPM1210SM.exe
[2011.01.13 13:10:18 | 000,284,672 | ---- | C] () -- C:\Windows\System32\mvhlewsi.DLL
[2011.01.13 12:54:16 | 000,048,128 | ---- | C] () -- C:\Windows\System32\HPM1210SMs.dll
[2011.01.13 11:26:39 | 000,024,772 | ---- | C] () -- C:\ProgramData\P1210DEF.css
[2011.01.13 11:26:39 | 000,014,876 | ---- | C] () -- C:\ProgramData\P1210OS.HTM
[2011.01.13 11:26:39 | 000,002,944 | ---- | C] () -- C:\ProgramData\P1210SIG.GIF
[2011.01.13 11:24:22 | 000,023,713 | ---- | C] () -- C:\Windows\hpqins15.dat
[2011.01.13 11:15:25 | 000,167,936 | ---- | C] () -- C:\Windows\System32\HPM1210LM.DLL
[2011.01.13 11:12:51 | 000,081,920 | ---- | C] () -- C:\Windows\System32\mvusbews.dll
[2011.01.13 11:12:50 | 000,167,936 | ---- | C] () -- C:\Windows\System32\m1210wia.dll
[2011.01.13 11:12:50 | 000,167,936 | ---- | C] () -- C:\Windows\System32\m1130wia.dll
[2009.11.03 10:55:28 | 000,000,036 | ---- | C] () -- C:\Users\uzivatel\AppData\Local\housecall.guid.cache
[2009.10.26 14:40:38 | 000,004,096 | ---- | C] () -- C:\Users\uzivatel\AppData\Local\keyfile3.drm
[2009.02.09 19:30:37 | 000,000,620 | R-S- | C] () -- C:\ProgramData\ntuser.pol
[2008.10.17 09:51:21 | 000,000,595 | ---- | C] () -- C:\Users\uzivatel\AppData\Roaming\AutoGK.ini
[2008.08.07 12:51:20 | 000,001,356 | ---- | C] () -- C:\Users\uzivatel\AppData\Local\d3d9caps.dat
[2008.08.07 10:30:03 | 000,000,668 | ---- | C] () -- C:\Users\uzivatel\AppData\Roaming\vso_ts_preview.xml
[2008.07.02 11:23:13 | 000,000,008 | R-S- | C] () -- C:\Users\uzivatel\ntuser.pol
[2008.05.22 15:03:15 | 000,004,045 | ---- | C] () -- C:\Users\uzivatel\Jak se to dělá.nri
[2008.02.20 09:33:57 | 000,000,000 | ---- | C] () -- C:\Users\uzivatel\AppData\Local\programfiles.dat
[2008.02.01 11:29:24 | 000,081,920 | ---- | C] () -- C:\Users\uzivatel\AppData\Roaming\ezpinst.exe
[2008.02.01 11:29:24 | 000,007,887 | ---- | C] () -- C:\Users\uzivatel\AppData\Roaming\pcouffin.cat
[2008.02.01 11:29:24 | 000,001,144 | ---- | C] () -- C:\Users\uzivatel\AppData\Roaming\pcouffin.inf
[2008.01.17 20:40:22 | 000,026,340 | ---- | C] () -- C:\Users\uzivatel\AppData\Roaming\UserTile.png
[2008.01.15 21:49:05 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2008.01.13 13:32:25 | 000,034,304 | ---- | C] () -- C:\Users\uzivatel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006.11.02 14:53:06 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2010.12.07 15:15:29 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Acronis
[2008.01.21 15:16:33 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\ESET
[2009.12.17 11:42:23 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Foxit Software
[2008.12.09 09:42:30 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\LangSoft
[2011.01.11 18:09:23 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Thunderbird
[2010.11.24 21:35:21 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\A3D3C2EB-7E80-473F-AB49-8E17E34F1866
[2010.11.24 21:45:20 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Acronis
[2009.10.30 09:06:32 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Ashampoo
[2008.01.17 21:35:08 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Autodesk
[2010.09.09 16:05:43 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\AutoPowerOn
[2012.09.07 17:52:57 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\DMCache
[2012.10.04 22:25:19 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Dropbox
[2009.12.02 11:50:57 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Foxit
[2012.06.08 09:30:31 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Foxit Software
[2010.09.09 16:05:43 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\GO
[2011.10.10 09:53:39 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\gtk-2.0
[2011.10.10 08:44:10 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Inkscape
[2012.09.04 10:52:38 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\IsolatedStorage
[2010.09.09 16:05:43 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\LangSoft
[2011.10.19 19:29:39 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Leadertech
[2012.02.29 12:31:54 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Locate32
[2008.07.15 10:01:31 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Miranda
[2008.10.06 10:41:32 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Opera
[2008.01.23 13:25:02 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\PeerNetworking
[2011.11.04 12:20:23 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\PrimoPDF
[2012.07.04 07:26:36 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\QuickScan
[2011.06.29 11:03:55 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Smart PC Solutions
[2011.02.22 09:35:19 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Softinterface, Inc
[2008.02.26 09:36:10 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\SumatraPDF
[2012.02.14 16:15:13 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\TeamViewer
[2010.04.26 10:27:10 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Thunderbird
[2008.03.17 13:21:41 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Uniblue
[2008.11.06 13:48:44 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Vso
[2011.10.10 09:58:57 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\XnView
[2011.01.20 18:02:45 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\YCanPDF
[2012.08.15 14:28:51 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\YoWindow

========== Purity Check ==========



========== Custom Scans ==========

< >
[2006.11.02 15:00:25 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2006.11.02 15:00:25 | 000,032,536 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.09.20 12:23:29 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: AGP440.SYS >
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\ERDNT\cache\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\ERDNT\cache\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.02.14 04:05:59 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008.02.14 04:05:59 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008.02.14 04:05:58 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.19 09:33:01 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2006.11.02 11:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_dfbd2b4dc4d6121b\autochk.exe

< MD5 for: CDROM.SYS >
[2008.01.19 07:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.19 07:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\ERDNT\cache\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2006.11.02 11:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll
[2008.01.19 09:34:00 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2012.04.23 18:00:53 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=75C6A297E364014840B48ECCD7525E30 -- C:\Windows\System32\cryptsvc.dll
[2012.04.23 18:00:53 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=75C6A297E364014840B48ECCD7525E30 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18618_none_77e34ec697f67015\cryptsvc.dll
[2012.04.23 16:48:06 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=C979AEA8C4D8F875CD25507D08980006 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22840_none_78447b63b1339621\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\ERDNT\cache\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008.01.11 11:15:12 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2008.01.11 11:15:11 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\ERDNT\cache\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 09:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: HAL.DLL >
[2009.04.11 08:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll

< MD5 for: IASTORV.SYS >
[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\drivers\isapnp.sys
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008.01.19 09:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\isapnp.sys
[2008.01.19 09:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008.01.19 09:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2008.01.19 09:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.09.10 16:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009.02.13 09:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2012.06.02 00:37:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=613DEB66A91820F0A41915B40BB8833F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22869_none_a882cf8373379c5f\lsass.exe
[2006.11.02 11:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=6A0E382E74280E4CC0DF17FE2661D003 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_a413c8c65fe02762\lsass.exe
[2011.11.16 16:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\ERDNT\cache\lsass.exe
[2011.11.16 16:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\System32\lsass.exe
[2011.11.16 16:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18541_none_a806cc745a10ffad\lsass.exe
[2011.11.16 16:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18643_none_a808ceee5a0f2f82\lsass.exe
[2009.06.15 14:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009.02.13 06:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009.06.15 15:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009.09.09 13:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009.09.10 16:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008.01.19 09:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008.01.19 09:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2008.01.19 09:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2011.11.16 15:57:04 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=EBFAEB786C46B407930811F94F08877D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22742_none_a8916b6f732db5f5\lsass.exe
[2009.02.13 10:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe

< MD5 for: NDIS.SYS >
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\ERDNT\cache\ndis.sys
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2006.11.02 11:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
[2008.01.19 09:43:31 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

< MD5 for: NETLOGON.DLL >
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\ERDNT\cache\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.19 09:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVRAID.SYS >
[2008.01.19 09:43:01 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008.01.19 09:43:01 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\drivers\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008.01.19 09:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\ERDNT\cache\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: SMSS.EXE >
[2008.01.19 09:33:31 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009.04.11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\System32\smss.exe
[2009.04.11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe
[2006.11.02 11:45:45 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=CAA75757BB3695478C23CB0624342A61 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6000.16386_none_aa03e6011c468ee6\smss.exe

< MD5 for: SVCHOST.EXE >
[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008.01.19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\ERDNT\cache\svchost.exe
[2008.01.19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.26 10:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2008.01.11 11:11:53 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=028061C7F6D2D03068C72E2A27E4228A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16567_none_5f6577ce925d75a7\tcpip.sys
[2009.04.11 08:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2011.09.20 23:02:55 | 000,913,280 | ---- | M] (Microsoft Corporation) MD5=16731B631F28F63CD9F4CB60940E7DDD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_b58c64c97caa1c43\tcpip.sys
[2009.12.08 22:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009.08.15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2011.06.17 22:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[2012.03.30 14:39:11 | 000,905,600 | ---- | M] (Microsoft Corporation) MD5=27D470DABC77BC60D0A3B0E4DEB6CB91 -- C:\Windows\System32\drivers\tcpip.sys
[2012.03.30 14:39:11 | 000,905,600 | ---- | M] (Microsoft Corporation) MD5=27D470DABC77BC60D0A3B0E4DEB6CB91 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18604_none_b50896786388e1d5\tcpip.sys
[2010.02.18 13:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2008.01.11 11:11:53 | 000,804,352 | ---- | M] (Microsoft Corporation) MD5=43EAE40B50FE3E60D194DD9C97EBB1FD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20689_none_5fdb7555ab898001\tcpip.sys
[2009.12.08 22:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2008.02.14 04:05:16 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
[2009.12.08 22:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2008.02.14 04:05:17 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
[2010.06.16 17:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009.08.14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2011.06.17 22:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[2010.06.16 18:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2010.06.16 17:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2011.09.20 23:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\ERDNT\cache\tcpip.sys
[2011.09.20 23:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_b502c618638c7f52\tcpip.sys
[2008.04.26 10:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009.12.08 19:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009.08.14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010.02.18 19:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010.06.16 18:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2009.12.08 19:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2006.11.02 10:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
[2010.02.18 16:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009.12.08 22:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2012.03.30 14:39:11 | 000,914,304 | ---- | M] (Microsoft Corporation) MD5=EE7E10BED85C312C1D5D30C435BDDA9F -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22828_none_b58096797cb31c04\tcpip.sys
[2008.01.19 09:43:39 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009.08.14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\ERDNT\cache\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 09:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.01.19 09:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\ERDNT\cache\ws2_32.dll
[2006.11.02 11:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll
[2008.01.19 09:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll
[2008.01.19 09:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[17 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[7 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[2 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp files -> C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp -> ]
[3 C:\Windows\temp\*.tmp files -> C:\Windows\temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.11.24 21:35:21 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\A3D3C2EB-7E80-473F-AB49-8E17E34F1866
[2010.11.24 21:45:20 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Acronis
[2011.03.16 22:06:07 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Adobe
[2008.01.17 23:10:18 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Ahead
[2012.07.09 11:21:23 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Apple Computer
[2009.10.30 09:06:32 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Ashampoo
[2008.01.17 21:35:08 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Autodesk
[2010.09.09 16:05:43 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\AutoPowerOn
[2011.10.11 08:41:31 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Corel
[2012.09.07 17:52:57 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\DMCache
[2012.10.04 22:41:39 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Dropbox
[2011.06.29 17:09:15 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\dvdcss
[2009.12.02 11:50:57 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Foxit
[2012.06.08 09:30:31 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Foxit Software
[2010.09.09 16:05:43 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\GO
[2011.10.10 09:53:39 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\gtk-2.0
[2011.01.13 12:06:52 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\HP
[2008.01.11 00:45:45 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Identities
[2011.10.10 08:44:10 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Inkscape
[2008.01.11 01:05:58 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\InstallShield
[2012.09.04 10:52:38 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\IsolatedStorage
[2010.09.09 16:05:43 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\LangSoft
[2011.10.19 19:29:39 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Leadertech
[2012.02.29 12:31:54 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Locate32
[2011.10.19 19:25:42 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Logishrd
[2011.10.19 19:29:46 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Logitech
[2008.01.12 01:04:17 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Macromedia
[2009.07.21 10:25:20 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Malwarebytes
[2006.11.02 14:35:50 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Media Center Programs
[2012.07.09 11:42:33 | 000,000,000 | --SD | M] -- C:\Users\uzivatel\AppData\Roaming\Microsoft
[2008.07.15 10:01:31 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Miranda
[2011.11.03 10:50:28 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Mozilla
[2012.10.03 10:38:19 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\OpenOffice.org2
[2008.10.06 10:41:32 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Opera
[2008.01.23 13:25:02 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\PeerNetworking
[2011.11.04 12:20:23 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\PrimoPDF
[2012.07.04 07:26:36 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\QuickScan
[2012.07.10 09:26:33 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Real
[2012.07.10 09:13:48 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\RealNetworks
[2008.08.07 13:50:15 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\skypePM
[2011.06.29 11:03:55 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Smart PC Solutions
[2011.02.22 09:35:19 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Softinterface, Inc
[2008.02.26 09:36:10 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\SumatraPDF
[2008.01.11 22:14:29 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Talkback
[2012.02.14 16:15:13 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\TeamViewer
[2010.04.26 10:27:10 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Thunderbird
[2008.03.17 13:21:41 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Uniblue
[2012.10.01 20:42:30 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\vlc
[2008.11.06 13:48:44 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Vso
[2011.10.10 09:58:57 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\XnView
[2011.01.20 18:02:45 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\YCanPDF
[2012.08.15 14:28:51 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\YoWindow

< %APPDATA%\*.exe /s >
[2008.02.01 11:29:25 | 000,081,920 | ---- | M] () -- C:\Users\uzivatel\AppData\Roaming\ezpinst.exe
[2010.11.24 21:35:19 | 000,894,784 | ---- | M] (Acronis) -- C:\Users\uzivatel\AppData\Roaming\A3D3C2EB-7E80-473F-AB49-8E17E34F1866\setupapp.exe
[2012.05.24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\uzivatel\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2012.02.17 02:23:04 | 000,871,664 | ---- | M] (Dropbox, Inc.) -- C:\Users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxPhotoUpdate.exe
[2012.03.15 00:02:14 | 000,871,544 | ---- | M] (Dropbox, Inc.) -- C:\Users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2012.05.24 20:39:56 | 000,177,280 | ---- | M] (Dropbox, Inc.) -- C:\Users\uzivatel\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2011.10.19 19:29:39 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2010.12.03 10:43:49 | 000,000,894 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{647C11EA-3255-42F0-BBA6-64D1A0A52D90}\_6FEFF9B68218417F98F549.exe
[2010.12.03 10:43:49 | 000,003,638 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{647C11EA-3255-42F0-BBA6-64D1A0A52D90}\_E24C0069158B292598B245.exe
[2012.08.20 21:08:11 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{99EDB889-3E8B-403F-87EA-ADFAC7988867}\_59F3B1B2564E05AD7854CC.exe
[2012.03.15 17:30:53 | 000,086,358 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{BF307EDA-A176-4D83-9775-D337810CF7A7}\_EA3E2819DD980FBD00EEEC.exe
[2012.06.26 11:32:53 | 000,003,262 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{FB647435-FB6F-4926-A9BA-49C3306AE1AF}\_FEA233B63DC303A25E17B9.exe
[2011.07.31 15:12:22 | 000,005,632 | ---- | M] () -- C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\qd2m0xmo.default\extensions\{FFA36170-80B1-4535-B0E3-A4569E497DD0}\modules\binary\mozgestMouseHook.exe
[2012.02.02 16:39:51 | 000,005,632 | ---- | M] () -- C:\Users\uzivatel\AppData\Roaming\Thunderbird\Profiles\u7u12ff0.default\extensions\{FFA36170-80B1-4535-B0E3-A4569E497DD0}\modules\binary\mozgestMouseHook.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008.01.19 09:34:21 | 000,403,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\FirewallAPI.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2008.01.19 09:34:21 | 000,403,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\FirewallAPI.dll

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.10.04 22:26:57 | 000,003,648 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.04 22:26:57 | 000,003,648 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.02 10:48:29 | 000,119,102 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2012.10.02 10:48:29 | 000,104,716 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2012.10.02 10:48:29 | 000,610,486 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2012.10.02 10:48:29 | 000,598,702 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2012.10.02 10:48:29 | 001,426,782 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.04.11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.10.04 22:24:33 | 000,000,512 | ---- | M] () MD5=37C1640E8EA2737723D49EAC45ECD241 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2007.05.23 18:21:38 | 000,114,533 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\numpy\f2py\crackfortran.py


< *keygen* /s >
[2012.09.24 08:46:24 | 000,000,782 | ---- | M] () -- \Users\uzivatel\AppData\Roaming\Microsoft\Windows\Recent\Marias.v2.7.build.1886.Incl.Keygen.CZECH-rG.lnk
[2005.01.16 15:34:38 | 000,018,871 | ---- | M] () -- \Users\uzivatel\Downloads\rgmarias\keygen.rar

< *loader* /s >
[2008.07.30 10:06:58 | 000,072,192 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader80.dll
[2008.07.29 03:43:16 | 000,004,096 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader80.tlb
[2009.10.22 06:29:58 | 000,030,776 | ---- | M] () -- \Program Files\HP\digital imaging\smart web printing\RsrcLoaderLib.dll
[2009.10.22 06:29:58 | 000,002,713 | ---- | M] () -- \Program Files\HP\digital imaging\smart web printing\MozillaAddOn3\xre\components\uriloader.xpt
[2008.01.29 19:24:40 | 000,000,042 | ---- | M] () -- \Program Files\Inkscape\etc\gtk-2.0\gdk-pixbuf.loaders
[2007.06.14 06:50:38 | 000,015,649 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2007.06.14 06:50:38 | 000,017,051 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2007.06.14 06:50:38 | 000,026,928 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2007.06.14 06:50:38 | 000,015,848 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2007.06.14 06:50:38 | 000,018,074 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2007.06.14 06:50:38 | 000,012,620 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2007.06.14 06:50:38 | 000,019,930 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2007.06.14 06:50:38 | 000,014,240 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2007.06.14 06:50:38 | 000,010,009 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2007.06.14 06:50:38 | 000,015,109 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2007.06.14 06:50:38 | 000,016,267 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2007.06.14 06:50:38 | 000,008,976 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2007.06.14 06:50:38 | 000,012,760 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2007.06.14 06:50:38 | 000,027,660 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2007.10.23 17:25:04 | 000,018,909 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2007.10.23 17:25:04 | 000,002,026 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll.a
[2007.10.23 17:25:04 | 000,001,104 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\svg_loader.la
[2007.09.11 01:28:40 | 000,021,504 | ---- | M] () -- \Program Files\OpenOffice.org 2.3\program\javaloader.uno.dll
[2007.09.11 18:06:22 | 000,005,226 | ---- | M] () -- \Program Files\OpenOffice.org 2.3\program\pythonloader.py
[2007.09.11 06:36:04 | 000,015,360 | ---- | M] () -- \Program Files\OpenOffice.org 2.3\program\pythonloader.uno.dll
[2007.09.11 18:51:36 | 000,000,145 | ---- | M] () -- \Program Files\OpenOffice.org 2.3\program\pythonloader.uno.ini
[2007.09.11 01:28:40 | 000,016,384 | ---- | M] () -- \Program Files\OpenOffice.org 2.3\program\shlibloader.uno.dll
[2007.09.11 06:18:20 | 000,004,063 | ---- | M] () -- \Program Files\OpenOffice.org 2.3\program\classes\unoloader.jar
[2012.02.24 14:54:07 | 000,000,060 | ---- | M] () -- \Users\Guest\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\LHFHTTHB\miniclip.com\games\reel-gold\en\reelgold.swf\MiniclipLoaderAd.sol
[2010.09.24 21:23:16 | 000,000,042 | ---- | M] () -- \Users\uzivatel\Desktop\Údržba\testdisk-6.11.3\win\ProgramFiles\GIMPPortable\App\gimp\etc\gtk-2.0\gdk-pixbuf.loaders
[2011.07.21 23:39:14 | 000,003,208 | ---- | M] () -- \Users\uzivatel\Documents\Moje dokumenty\Osobní dokumenty\KARTA -původní\openfeint\webui\images\loader.gif
[2011.07.21 23:39:14 | 000,003,208 | ---- | M] () -- \Users\uzivatel\Documents\Moje dokumenty\Osobní dokumenty\Karta-TDK\openfeint\webui\images\loader.gif
[2008.01.19 09:34:04 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2008.04.21 10:18:08 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2008.04.21 10:18:08 | 000,027,648 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winload.exe.mui_3bc5b827
[2008.04.21 10:18:08 | 000,019,968 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winresume.exe.mui_ff8b5358
[2009.09.09 09:51:06 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2009.09.09 09:51:06 | 000,986,600 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winload.exe_75835076
[2009.09.09 09:51:07 | 000,926,184 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winresume.exe_85cd1215
[2008.04.21 10:16:22 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2008.04.21 10:16:22 | 000,021,048 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2_spldr.sys_98bd87a0
[2008.02.29 09:26:23 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_de-de_cb9c6772f81a418b.manifest
[2008.02.29 09:19:08 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50.manifest
[2008.02.29 12:05:29 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_es-es_74589a4fe71f3ef5.manifest
[2008.02.29 12:07:01 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_fr-fr_1710104ed9f15557.manifest
[2008.02.29 12:05:17 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_it-it_01380695b1233ad5.manifest
[2008.02.29 10:14:00 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_ja-jp_a35d85a2a43e4cb0.manifest
[2008.02.29 12:02:51 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_nl-nl_2d992eca70004957.manifest
[2008.02.29 09:19:24 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_de-de_cbf6c366115bebbd.manifest
[2008.02.29 09:21:05 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_en-us_74e7995f0039f782.manifest
[2008.02.29 11:56:53 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_es-es_74b2f6430060e927.manifest
[2008.02.29 12:12:24 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_fr-fr_176a6c41f332ff89.manifest
[2008.02.29 12:01:15 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_it-it_01926288ca64e507.manifest
[2008.02.29 09:46:06 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_ja-jp_a3b7e195bd7ff6e2.manifest
[2008.02.29 11:17:45 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_nl-nl_2df38abd8941f389.manifest
[2008.01.19 04:14:52 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2008.02.29 09:17:27 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.16646_none_591b3d986f9b5725.manifest
[2008.02.29 09:13:09 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.20782_none_5975998b88dd0157.manifest
[2008.01.19 00:00:00 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18000_none_5b26ba326ca6e048.manifest
[2008.02.29 10:08:07 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b.manifest
[2008.02.29 09:37:27 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.22125_none_5b9fb89785d036a7.manifest
[2009.04.11 00:12:44 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2006.11.02 12:13:06 | 000,003,970 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6000.16386_none_68fc663d5430d3de.manifest
[2008.01.19 00:05:22 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2006.11.02 14:32:26 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6000.16386_none_43bd59f592b7be86\dmloader.dll
[2008.01.19 09:34:04 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmloader.dll
[2008.01.19 09:34:04 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmloader.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2011.11.17 00:06:50 | 000,060,928 | ---- | M] () -- \Program Files\LG Electronics\LG PC Suite IV\libSerialPort.dll
[2012.04.11 01:15:28 | 000,434,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.dll
[2012.07.09 09:09:18 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.ni.dll
[2006.01.27 00:44:04 | 000,000,612 | ---- | M] () -- \Program Files\Microsoft Visual Studio 9.0\VB\Snippets\1033\other\connectivity\EnumerateSerialPorts.snippet
[2006.01.27 00:44:04 | 000,001,198 | ---- | M] () -- \Program Files\Microsoft Visual Studio 9.0\VB\Snippets\1033\other\connectivity\ReadDatafromaSerialPort.snippet
[2006.01.27 00:44:04 | 000,001,512 | ---- | M] () -- \Program Files\Microsoft Visual Studio 9.0\VB\Snippets\1033\other\connectivity\UseaSerialPorttoDialaPhoneNumber.snippet
[2007.09.11 04:23:42 | 000,188,993 | ---- | M] () -- \Program Files\OpenOffice.org 2.3\program\classes\serializer.jar
[2011.08.16 04:27:46 | 000,192,512 | ---- | M] () -- \Program Files\r2 Studios\Startup Delayer\Startup Delayer.XmlSerializers.dll
[2011.08.16 04:27:46 | 000,172,032 | ---- | M] () -- \Program Files\r2 Studios\Startup Delayer\Startup Launcher.XmlSerializers.dll
[2010.04.12 14:21:01 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2008.06.14 01:32:10 | 000,285,032 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\en\System.Runtime.Serialization.xml
[[2009.03.31 20:04:50 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.03.30 06:42:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2010.04.12 14:21:01 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.05.10 13:28:51 | 000,321,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\Startup Delayer.Xml#\167b40af8f0215670d96eadcf0cbf75c\Startup Delayer.XmlSerializers.ni.dll
[2012.06.14 09:24:40 | 000,321,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\Startup Delayer.Xml#\20eb3e27fa60037053cd4f40d87d1a25\Startup Delayer.XmlSerializers.ni.dll
[2012.05.10 13:28:56 | 000,290,816 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\Startup Launcher.Xm#\cca5aa1b6c30cd6ad4a5c9e3c310347a\Startup Launcher.XmlSerializers.ni.dll
[2012.06.14 09:24:46 | 000,290,816 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\Startup Launcher.Xm#\db53e71887462db1d5836e5719ba3245\Startup Launcher.XmlSerializers.ni.dll
[2012.05.10 14:09:11 | 002,346,496 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1619144e1a9eaca847e53b952b21820b\System.Runtime.Serialization.ni.dll
[2012.05.10 13:01:36 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1ee6b56dc9985fbbdeb373b611ac4fb3\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.05.10 14:18:38 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\5a4d233916a69d48fa12a9f7f103d893\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.05.10 14:18:31 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8a9fac9cb825b5d2db0bdb867fff940e\System.Runtime.Serialization.ni.dll
[2012.05.10 14:21:41 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\4b540b784465ca3f0742990e5af444e3\System.Xml.Serialization.ni.dll
[2011.06.28 06:24:03 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.06.14 08:11:06 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011.06.28 06:24:03 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2012.06.14 08:11:05 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.06.14 08:11:09 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.03.30 06:42:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll

Re: Preventivní kontrola logu, problémy s Layout klávesnice

Napsal: 04 říj 2012 23:01
od Irí
[2009.03.31 20:04:50 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.06.02 08:01:28 | 000,009,272 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\en\System.Runtime.Serialization.Formatters.Soap.xml
[2010.04.12 14:21:15 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 02:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2008.01.19 09:36:21 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2007.01.08 23:09:08 | 000,005,632 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2008.01.19 07:49:35 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2007.01.08 23:09:16 | 000,004,096 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\grserial.sys.mui
[2007.01.08 23:09:16 | 000,010,240 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2008.01.19 07:49:35 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\hiddigi.inf_33048ac2\serial.sys
[2006.11.02 10:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\hiddigi.inf_9d4661e2\serial.sys
[2006.11.02 09:41:49 | 001,010,560 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_91bbdacd\smserial.sys
[2008.01.19 07:49:35 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_44880ea7\serial.sys
[2006.11.02 10:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_ac874de4\serial.sys
[2006.11.02 10:51:28 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_a24cc104\grserial.sys
[2008.01.19 07:49:33 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_bec36faa\grserial.sys
[2009.09.09 09:51:17 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61.manifest
[2009.09.09 09:51:17 | 000,017,384 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61_kdcom.dll_db5e7744
[2008.04.21 10:16:29 | 000,005,632 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_4e6ae191e3aac47c_serialui.dll.mui_7d29d2a3
[2009.09.09 09:52:08 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6002.18005_none_f6ed1a9a1bcc8805_serialui.dll_bea29328
[2006.11.02 14:31:33 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16386_none_d24e4473b7df83f3.manifest
[2008.06.23 04:05:53 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16708_none_d2461403b7e6edc1.manifest
[2008.06.23 04:02:26 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.20864_none_bb7eca1fd1887f4d.manifest
[2008.01.19 00:05:26 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18000_none_d222c62fb8372cbf.manifest
[2008.06.23 04:40:19 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18096_none_d22b4019b82faa94.manifest
[2008.06.23 03:58:46 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.22208_none_bb54690bd1df5a1e.manifest
[2009.04.11 00:16:00 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18005_none_d1fe4b6bb888c0d3.manifest
[2010.04.12 20:29:50 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18239_none_d200f0e1b88673fe.manifest
[2010.04.12 21:40:05 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22380_none_bb39189bd2286c0e.manifest
[2007.01.08 23:04:30 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_cs-cz_5ff98b2cc72ba40d.manifest
[2006.11.02 14:38:17 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_en-us_bb16054302d6ef1f.manifest
[2008.06.23 04:30:17 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16708_en-us_bb0dd4d302de58ed.manifest
[2008.08.14 07:39:56 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16730_cs-cz_5ff511dac72f8cd8.manifest
[2008.06.23 04:23:53 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20864_en-us_a4468aef1c7fea79.manifest
[2008.08.14 07:23:06 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20895_cs-cz_492cfaeee0d2050d.manifest
[2008.01.19 04:14:26 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18000_cs-cz_5fce0ce8c7834cd9.manifest
[2008.06.23 04:32:13 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18096_en-us_baf300e9032715c0.manifest
[2008.08.14 10:36:16 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18121_cs-cz_5fcff690c7819979.manifest
[2008.06.23 04:09:44 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22208_en-us_a41c29db1cd6c54a.manifest
[2008.08.14 09:03:05 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22243_cs-cz_490422d4e1275f6f.manifest
[2009.04.11 11:04:50 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18005_cs-cz_5fa99224c7d4e0ed.manifest
[2010.04.13 00:15:50 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_cs-cz_5fac379ac7d29418.manifest
[2010.04.12 19:44:55 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_en-us_bac8b1b1037ddf2a.manifest
[2010.04.13 00:51:48 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_cs-cz_48e45f54e1748c28.manifest
[2010.04.12 20:41:31 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_en-us_a400d96b1d1fd73a.manifest
[2006.11.02 14:31:33 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16386_none_02917a0ddf868526.manifest
[2008.06.23 04:05:31 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16708_none_0289499ddf8deef4.manifest
[2008.06.23 04:02:01 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.20864_none_ebc1ffb9f92f8080.manifest
[2008.01.19 00:04:20 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18000_none_0265fbc9dfde2df2.manifest
[2008.06.23 04:39:55 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18096_none_026e75b3dfd6abc7.manifest
[2008.06.23 03:58:14 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.22208_none_eb979ea5f9865b51.manifest
[2009.04.11 00:15:32 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18005_none_02418105e02fc206.manifest
[2010.04.12 20:29:29 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18239_none_0244267be02d7531.manifest
[2010.04.12 21:39:45 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22380_none_eb7c4e35f9cf6d41.manifest
[2006.11.02 12:18:20 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6000.16386_none_0f7ecb22afbfde41.manifest
[2008.01.19 00:01:04 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6001.18000_none_11b58d1eacaaef15.manifest
[2009.04.11 00:13:32 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61.manifest
[2006.11.02 12:02:09 | 000,001,406 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.0.6000.16386_none_2a8610ec098ae6c4.manifest
[2006.11.02 14:31:32 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16386_none_076c25db205d1f68.manifest
[2008.06.23 04:08:38 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16708_none_0763f56b20648936.manifest
[2008.06.23 04:05:46 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.20864_none_f09cab873a061ac2.manifest
[2008.01.19 00:13:44 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18000_none_0740a79720b4c834.manifest
[2008.06.23 04:43:41 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18096_none_0749218120ad4609.manifest
[2008.06.23 04:02:24 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.22208_none_f0724a733a5cf593.manifest
[2009.04.11 00:18:56 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18005_none_071c2cd321065c48.manifest
[2010.04.12 20:32:33 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18239_none_071ed24921040f73.manifest
[2010.04.12 21:42:39 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22380_none_f056fa033aa60783.manifest
[2006.10.20 03:14:53 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6000.16386_none_483e6ea12378b3a8\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.27 20:00:27 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6000.16720_none_4838f505237d831c\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.27 19:55:55 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6000.20883_none_31710ba93d1fc80f\System.Runtime.Serialization.Formatters.Soap.dll
[2008.01.05 13:26:58 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6001.18000_none_4812f05d23d05c74\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.27 20:03:15 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6001.18111_none_4813d9bb23cf8fbd\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.27 19:58:35 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6001.22230_none_31484a573d7508d0\System.Runtime.Serialization.Formatters.Soap.dll
[2009.03.30 06:42:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6002.18005_none_47ee75992421f088\System.Runtime.Serialization.Formatters.Soap.dll
[2007.01.08 23:07:01 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6000.16386_cs-cz_0167850d1d10bca1\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.13 00:57:47 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6000.16754_cs-cz_0164b12f1d133e9e\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.13 00:56:42 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6000.20921_cs-cz_ea944dc536bd060d\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.01.05 13:27:19 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6001.18000_cs-cz_013c06c91d68656d\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.16 00:24:37 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6001.18145_cs-cz_013f95e51d654b3f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.16 00:25:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6001.22269_cs-cz_ea739499370b4477\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.03.31 20:04:50 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6002.18005_cs-cz_01178c051db9f981\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2006.11.02 14:33:44 | 000,888,832 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16386_none_d24e4473b7df83f3\System.Runtime.Serialization.dll
[2008.06.20 03:17:50 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16708_none_d2461403b7e6edc1\System.Runtime.Serialization.dll
[2008.06.20 03:12:45 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.20864_none_bb7eca1fd1887f4d\System.Runtime.Serialization.dll
[2008.01.05 13:21:39 | 000,929,792 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18000_none_d222c62fb8372cbf\System.Runtime.Serialization.dll
[2008.06.20 03:14:31 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18096_none_d22b4019b82faa94\System.Runtime.Serialization.dll
[2008.06.20 03:13:19 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.22208_none_bb54690bd1df5a1e\System.Runtime.Serialization.dll
[2009.02.18 20:38:43 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18005_none_d1fe4b6bb888c0d3\System.Runtime.Serialization.dll
[2010.04.12 14:21:15 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18239_none_d200f0e1b88673fe\System.Runtime.Serialization.dll
[2010.04.12 14:22:49 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22380_none_bb39189bd2286c0e\System.Runtime.Serialization.dll
[2007.01.08 23:09:54 | 000,081,920 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_cs-cz_5ff98b2cc72ba40d\System.RunTime.Serialization.Resources.dll
[2008.08.13 00:12:07 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16730_cs-cz_5ff511dac72f8cd8\System.RunTime.Serialization.Resources.dll
[2008.08.13 00:12:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20895_cs-cz_492cfaeee0d2050d\System.RunTime.Serialization.Resources.dll
[2008.01.05 13:27:23 | 000,086,016 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18000_cs-cz_5fce0ce8c7834cd9\System.RunTime.Serialization.Resources.dll
[2008.08.13 00:15:53 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18121_cs-cz_5fcff690c7819979\System.RunTime.Serialization.Resources.dll
[2008.08.13 00:16:19 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22243_cs-cz_490422d4e1275f6f\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18005_cs-cz_5fa99224c7d4e0ed\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_cs-cz_5fac379ac7d29418\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_cs-cz_48e45f54e1748c28\System.RunTime.Serialization.Resources.dll
[2006.11.02 14:33:44 | 000,888,832 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16386_none_02917a0ddf868526\System.Runtime.Serialization.dll
[2008.06.20 03:17:48 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16708_none_0289499ddf8deef4\System.Runtime.Serialization.dll
[2008.06.20 03:12:43 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.20864_none_ebc1ffb9f92f8080\System.Runtime.Serialization.dll
[2008.01.05 13:21:38 | 000,929,792 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18000_none_0265fbc9dfde2df2\System.Runtime.Serialization.dll
[2008.06.20 03:14:29 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18096_none_026e75b3dfd6abc7\System.Runtime.Serialization.dll
[2008.06.20 03:13:17 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.22208_none_eb979ea5f9865b51\System.Runtime.Serialization.dll
[2009.02.18 20:38:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18005_none_02418105e02fc206\System.Runtime.Serialization.dll
[2010.04.12 14:21:01 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18239_none_0244267be02d7531\System.Runtime.Serialization.dll
[2010.04.12 14:22:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22380_none_eb7c4e35f9cf6d41\System.Runtime.Serialization.dll
[2007.01.08 23:09:16 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_hiddigi.inf.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_f15fa7f9f28d5343\serial.sys.mui
[2008.01.19 07:49:35 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_hiddigi.inf_31bf3856ad364e35_6.0.6001.18000_none_955c449145dbf667\serial.sys
[2007.01.08 23:08:31 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_bdf5a8f7ae6b024a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.13 00:57:47 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6000.16754_cs-cz_be141fbfae547065\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.13 00:56:42 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6000.20921_cs-cz_bebb2d56c75c6d7e\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.01.05 13:27:19 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_c02c6af3ab56131e\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.16 00:24:37 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6001.18145_cs-cz_c0062e9bab71febc\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.16 00:25:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6001.22269_cs-cz_c07e2cb6c49c3bc4\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.03.31 20:04:50 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6002.18005_cs-cz_c217e3ffa877de6a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2007.01.08 23:09:08 | 000,005,632 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_4c341f95e6bfb3a8\serialui.dll.mui
[2007.01.08 23:09:08 | 000,005,632 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_4e6ae191e3aac47c\serialui.dll.mui
[2006.11.02 11:46:12 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6000.16386_none_f2cadf9221bfabe5\serialui.dll
[2008.01.19 09:36:21 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6001.18000_none_f501a18e1eaabcb9\serialui.dll
[2008.01.19 09:36:21 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6002.18005_none_f6ed1a9a1bcc8805\serialui.dll
[2007.01.08 23:09:51 | 000,081,920 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_5b3d50955593c887\System.RunTime.Serialization.Resources.dll
[2008.08.13 00:12:07 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6000.16730_cs-cz_5b6d660d55709964\System.RunTime.Serialization.Resources.dll
[2008.08.13 00:12:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6000.20895_cs-cz_5bbb24c26eba5f87\System.RunTime.Serialization.Resources.dll
[2008.01.05 13:27:23 | 000,086,016 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_5d741291527ed95b\System.RunTime.Serialization.Resources.dll
[2008.08.13 00:15:53 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6001.18121_cs-cz_5d5f74e9528e27bb\System.RunTime.Serialization.Resources.dll
[2008.08.13 00:16:19 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6001.22243_cs-cz_5dd572706bba3215\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6002.18005_cs-cz_5f5f8b9d4fa0a4a7\System.RunTime.Serialization.Resources.dll
[2007.01.08 23:07:21 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_c27f608a4f515351\serial.sys.mui
[2008.01.19 07:49:35 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.0.6001.18000_none_f897b0b1b85e4433\serial.sys
[2007.01.08 23:09:16 | 000,004,096 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_b4070b50f198e261\grserial.sys.mui
[2008.01.19 07:49:33 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.0.6001.18000_none_72a9e15f343dcd03\grserial.sys
[2006.11.02 14:33:43 | 000,888,832 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16386_none_076c25db205d1f68\System.Runtime.Serialization.dll
[2008.06.20 03:17:48 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16708_none_0763f56b20648936\System.Runtime.Serialization.dll
[2008.06.20 03:12:43 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.20864_none_f09cab873a061ac2\System.Runtime.Serialization.dll
[2008.01.05 13:21:38 | 000,929,792 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18000_none_0740a79720b4c834\System.Runtime.Serialization.dll
[2008.06.20 03:14:29 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18096_none_0749218120ad4609\System.Runtime.Serialization.dll
[2008.06.20 03:13:17 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.22208_none_f0724a733a5cf593\System.Runtime.Serialization.dll
[2009.02.18 20:38:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18005_none_071c2cd321065c48\System.Runtime.Serialization.dll
[2010.04.12 14:21:01 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18239_none_071ed24921040f73\System.Runtime.Serialization.dll
[2010.04.12 14:22:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22380_none_f056fa033aa60783\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 5384 bytes -> C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6002.18005_none_b5c807ab2d93d829\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 5384 bytes -> C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6001.18000_none_b3dc8e9f30720cdd\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 5384 bytes -> C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6000.16386_none_b1a5cca33386fc09\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 5384 bytes -> C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:CC2DDA0D
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:3678108F
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >

Re: Preventivní kontrola logu, problémy s Layout klávesnice

Napsal: 04 říj 2012 23:09
od Irí
OTL Extras logfile created on: 4.10.2012 22:19:51 - Run 1
OTL by OldTimer - Version 3.2.70.2 Folder = C:\Users\uzivatel\Desktop
Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1.99 Gb Total Physical Memory | 0.83 Gb Available Physical Memory | 41.48% Memory free
4.24 Gb Paging File | 2.68 Gb Available in Paging File | 63.17% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 89.07 Gb Total Space | 26.56 Gb Free Space | 29.82% Space Free | Partition Type: NTFS
Drive D: | 209.02 Gb Total Space | 11.91 Gb Free Space | 5.70% Space Free | Partition Type: NTFS

Computer Name: VISTA | User Name: uzivatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-21-3261852175-3587454928-1856105747-1000\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Unable to open value key File not found
.cmd [@ = cmdfile] -- Reg Error: Unable to open value key File not found
.com [@ = ComFile] -- Reg Error: Unable to open value key File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.pif [@ = piffile] -- Reg Error: Unable to open value key File not found
.vbs [@ = VBSFile] -- Reg Error: Unable to open value key File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Unable to open value key
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Unable to open value key
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Unable to open value key
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [locate] -- C:\Program Files\Locate\Locate32.exe /p "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Prozkoumat v XnView] -- "C:\Program Files\XnView\xnview.exe" "%1" (XnView, http://www.xnview.com)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3261852175-3587454928-1856105747-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3261852175-3587454928-1856105747-501]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D2F6B6C-255D-47B0-8C81-10FEA9292857}" = lport=138 | protocol=17 | dir=in | app=system |
"{11CA7366-E4BA-4937-B75E-613DE8447075}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{39821103-98BE-48F4-85C5-537AEFC8EC3A}" = lport=445 | protocol=6 | dir=in | app=system |
"{59B40E6D-BE54-41C3-B82C-9529937C0E7E}" = rport=138 | protocol=17 | dir=out | app=system |
"{C40D7293-BA9D-4A25-B952-EB00A734D4BA}" = lport=139 | protocol=6 | dir=in | app=system |
"{C8BA804C-AD92-4A69-8A1A-87A1936071EB}" = lport=137 | protocol=17 | dir=in | app=system |
"{DBD1E598-A83B-4478-81DD-FCE36F674993}" = rport=445 | protocol=6 | dir=out | app=system |
"{E723CCBE-C5AE-4E09-876F-E2D4A7F98D24}" = rport=139 | protocol=6 | dir=out | app=system |
"{EC8033C4-C3DB-409A-A2EE-13752DF73481}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{EE6DAFB5-C64E-47C6-8C0A-DEE876708FEC}" = rport=137 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{390F1908-BAD7-4461-99F7-ED43704DA7F6}" = protocol=6 | dir=in | app=c:\users\uzivatel\appdata\roaming\dropbox\bin\dropbox.exe |
"{57A02817-450E-4493-8690-1984EEE09FBA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{645EC679-B0A6-484A-9A63-6ECA4A22E478}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{97639FA1-7AA9-4257-B0BF-DE3D39B8802E}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{9CD44749-6491-4C5A-9EF1-CEF05724B6A8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A5411B40-AF68-44B1-B094-20A8FEB965E6}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{B10106BD-3574-4FBF-866D-CE43DF1E400A}" = protocol=17 | dir=in | app=c:\users\uzivatel\appdata\roaming\dropbox\bin\dropbox.exe |
"{B80C53F9-1A79-4F84-BBCC-B80359027270}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{C280E09C-444A-4034-AF23-AD0A1DE6DBD1}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{CE48EE07-3EFA-4F37-9807-8E6F507FEAC8}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{FB488C4C-1118-4FC8-9EA2-B8F38A9A3B4C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"TCP Query User{10665886-5D46-4EDA-AC4C-247B7401E401}C:\users\uzivatel\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\uzivatel\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{19B58351-D3A5-415B-9EF2-CFC8A17F5422}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{4B8417BC-94E5-4436-923E-BD9F95D4C4D5}D:\program files\valve\hl.exe" = protocol=6 | dir=in | app=d:\program files\valve\hl.exe |
"TCP Query User{CC2184CA-0BB5-4AAF-9DCD-F6E947A35424}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"UDP Query User{09D5D423-3A5E-4F0F-9B8A-717181F92564}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{231A30C7-79D3-44ED-84A3-B5FAA28E632A}D:\program files\valve\hl.exe" = protocol=17 | dir=in | app=d:\program files\valve\hl.exe |
"UDP Query User{67EE8064-621A-40E5-A1AB-74EEE9715F16}C:\users\uzivatel\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\uzivatel\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{8A49233D-1A0F-45A3-96EF-BD9E4A36B758}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{65094424-9351-40B8-939B-3676D67E48E0}" = Corel Graphics - Windows Shell Extension
"_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW(R) Graphics Suite X5
"{05D18A0F-ED9D-4FBD-9BF5-AF632EB09CB3}" = CGS15_IPM_T2
"{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}" = hppM1130M1210SeriesLaserJetService
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18026153-83A4-40E0-96B6-41E441607518}" = Eraser 6.0.9.2343
"{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data
"{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA
"{26945917-E053-45F6-AF98-309730CFC318}" = Visual Basic for Applications (R) Core
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 23
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2EEEC858-21F8-419B-8FE2-820621BFFCD7}" = GetDataBack for FAT
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters
"{356658C7-8C60-4A43-AF50-75CA8E642934}" = CorelDRAW Graphics Suite X5 - CZ
"{37955B24-82BC-4160-A867-285B87E62519}_is1" = CDR Viewer
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5016185F-05AF-455F-AA70-6B6E5D6D4E70}" = AVerTV 3D
"{519556CC-4382-4B35-80F5-DD8E9460EEAC}" = OpenOffice.org 2.3
"{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10
"{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA
"{5783F2D7-6001-0405-0002-0060B0CE6BBA}" = AutoCAD 2008 - Český
"{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist
"{5FC9FFC0-14E0-4D27-8CE2-A80AF3F950A3}}_is1" = RBR Replays Shell Extension 1.0
"{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw
"{647C11EA-3255-42F0-BBA6-64D1A0A52D90}" = GPRO Organiser
"{65094424-9351-40B8-939B-3676D67E48E0}" = Corel Graphics - Windows Shell Extension
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.1.3.40
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7902E313-FF0F-4493-ACB1-A8147B78DCD0}" = HPSSupply
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-008A-0409-0000-0000000FF1CE}" = Microsoft Office 2007 Recent Documents Gadget
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B0-0405-0000-0000000FF1CE}" = Doplněk Microsoft Save as PDF pro aplikace sady Microsoft Office 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT
"{92C7D009-A464-4948-A980-7A3E28CB2F49}" = Richard Burns Rally
"{942E5031-2BD6-4C1B-918C-C8A1CBAE7B8C}" = Microsoft IntelliPoint 8.2
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav
"{99E66BC9-E4B6-485F-ABFC-31EFCE36DFDF}" = Microsoft Keyboard Layout Creator 1.4
"{99EDB889-3E8B-403F-87EA-ADFAC7988867}" = RBRvysledky
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7
"{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT
"{A306FD29-7D3A-4287-91AC-9A0180931395}_is1" = Roadkil's Unstoppable Copier Version 5.2
"{A92A4DB0-CD37-42D1-BE1D-603D53C24328}" = Intel(R) Processor ID Utility
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Czech
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}" = LG Bluetooth Drivers
"{B399C91E-96F2-4265-9884-1C9A10E9FCF4}" = CorelDRAW Graphics Suite X5
"{B9B28AD2-32A5-4D74-8857-8C96AA45BBAD}" = RP 2009 Shakedown
"{BF307EDA-A176-4D83-9775-D337810CF7A7}" = Cookienator
"{C2944BE7-9BFF-4EF0-A362-CB3281B7C50D}" = LG United Mobile Drivers
"{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files
"{D371F551-0DB9-4CEC-844B-4C90CE91EA0B}" = hppLaserJetService
"{D596EEA2-C6C8-45D3-89DF-FA2DBE99F829}" = Visual Basic for Applications (R) Core - English
"{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin
"{DA6CC3A5-1F5B-4068-8BFF-C597BB6B8158}" = hppusgM1130M1210Series
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E1A88DE8-BD36-4DEA-8DD8-E35EF475ADC7}" = Opera 9.52
"{E8A34AC8-0137-4515-A94B-0A0946DDC251}" = Scan To
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FB647435-FB6F-4926-A9BA-49C3306AE1AF}" = Mariáš 3.0
"{FD8E178D-8B4E-42DA-B434-EFF270329B1C}" = COMODO Internet Security
"{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Ashampoo Burning Studio 2009_is1" = Ashampoo Burning Studio 2009
"AutoCAD 2008 - Český" = AutoCAD 2008 - Český
"AutoCAD 2008 - Český SP1" = AutoCAD 2008 - Český SP1
"AVerMedia A835 USB TV Tuner" = AVerMedia A835 USB TV Tuner 8.0.0.57
"AviSynth" = AviSynth 2.5
"CCleaner" = CCleaner
"Color7 Video Converter_is1" = Color7 Video Converter Trial Version (English) 8.0.4.2
"DeskPins" = DeskPins (remove only)
"DirSizeI" = FolderAnalyzer 1.11
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Fliqlo" = Fliqlo Screen Saver
"Foxit Reader_is1" = Foxit Reader 5.1
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP LaserJet Professional M1130-M1210 MFP Series" = HP LaserJet Professional M1130-M1210 MFP Series
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HWiNFO32_is1" = HWiNFO32 Version 3.95
"InstallShield_{5016185F-05AF-455F-AA70-6B6E5D6D4E70}" = AVerTV 3D
"KLiteCodecPack_is1" = K-Lite Codec Pack 3.5.3 Full
"LatencyMon_is1" = LatencyMon 2.03
"LG PC Suite IV" = LG PC Suite IV
"Locate" = Locate32
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verze 1.51.2.1300
"Mariáš" = Mariáš
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 15.0 (x86 cs)" = Mozilla Firefox 15.0 (x86 cs)
"Mozilla Thunderbird 15.0.1 (x86 cs)" = Mozilla Thunderbird 15.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PC Zeitschaltuhr_is1" = PC Zeitschaltuhr 2.04
"PDFZilla_is1" = PDFZilla V1.2.9
"PeerGuardian_is1" = PeerGuardian 2.0
"PhotoFiltre" = PhotoFiltre
"PowerISO" = PowerISO
"PrimoPDF" = PrimoPDF -- by Nitro PDF Software
"RBRTM" = RBR Tournament plugin (remove only)
"Recuva" = Recuva
"RP 2009 Shakedown" = RBR Stage RP 2009 Shakedown
"Sandboxie" = Sandboxie 3.22
"Sisulizer 3" = Sisulizer 3
"Speccy" = Speccy
"Startup Delayer" = Startup Delayer v3.0 (build 315)
"TeamViewer 7" = TeamViewer 7
"Total Uninstall 5_is1" = Total Uninstall 5.4.2
"UltSounds" = Zvuková schémata systému Windows
"UltSounds2" = Ultimate Extras sounds from Microsoft® Tinker™
"VLC media player" = VLC media player 1.1.11
"VobSub" = VobSub v2.23 (Remove Only)
"XnView_is1" = XnView 1.98.2
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3261852175-3587454928-1856105747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Inkscape" = Inkscape 0.46
"Mozilla Firefox 15.0.1 (x86 cs)" = Mozilla Firefox 15.0.1 (x86 cs)

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 4.10.2012 0:31:20 | Computer Name = VISTA | Source = Windows Search Service | ID = 3013
Description =

Error - 4.10.2012 0:31:30 | Computer Name = VISTA | Source = Windows Search Service | ID = 3013
Description =

Error - 4.10.2012 4:46:06 | Computer Name = VISTA | Source = Windows Search Service | ID = 3013
Description =

Error - 4.10.2012 15:50:24 | Computer Name = VISTA | Source = Perflib | ID = 1010
Description =

Error - 4.10.2012 15:50:26 | Computer Name = VISTA | Source = Perflib | ID = 1008
Description =

Error - 4.10.2012 15:51:12 | Computer Name = VISTA | Source = Perflib | ID = 1008
Description =

Error - 4.10.2012 15:51:12 | Computer Name = VISTA | Source = Perflib | ID = 1008
Description =

Error - 4.10.2012 15:51:12 | Computer Name = VISTA | Source = Perflib | ID = 1008
Description =

Error - 4.10.2012 15:51:12 | Computer Name = VISTA | Source = Perflib | ID = 1008
Description =

Error - 4.10.2012 15:51:14 | Computer Name = VISTA | Source = Perflib | ID = 1008
Description =

[ System Events ]
Error - 4.10.2012 0:29:37 | Computer Name = VISTA | Source = Service Control Manager | ID = 7026
Description =

Error - 4.10.2012 5:34:47 | Computer Name = VISTA | Source = BROWSER | ID = 8032
Description =

Error - 4.10.2012 6:05:51 | Computer Name = VISTA | Source = DCOM | ID = 10005
Description =

Error - 4.10.2012 6:05:52 | Computer Name = VISTA | Source = Service Control Manager | ID = 7009
Description =

Error - 4.10.2012 6:05:52 | Computer Name = VISTA | Source = Service Control Manager | ID = 7000
Description =

Error - 4.10.2012 8:26:24 | Computer Name = VISTA | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description =

Error - 4.10.2012 8:28:15 | Computer Name = VISTA | Source = Service Control Manager | ID = 7026
Description =

Error - 4.10.2012 9:31:00 | Computer Name = VISTA | Source = DCOM | ID = 10005
Description =

Error - 4.10.2012 9:31:01 | Computer Name = VISTA | Source = Service Control Manager | ID = 7009
Description =

Error - 4.10.2012 9:31:01 | Computer Name = VISTA | Source = Service Control Manager | ID = 7000
Description =


< End of report >

Re: Preventivní kontrola logu, problémy s Layout klávesnice

Napsal: 05 říj 2012 09:18
od Márty84
:arrow: Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]

:services
AdobeARMservice
AdobeFlashPlayerUpdateSvc

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\Adobe Flash Player Updater.job

:otl
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-3261852175-3587454928-1856105747-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
[2009.10.21 08:38:45 | 000,002,172 | ---- | M] () -- C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\qd2m0xmo.default\searchplugins\bing.xml
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[17 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[7 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[2 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp files -> C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp -> ]
[3 C:\Windows\temp\*.tmp files -> C:\Windows\temp\*.tmp -> ]
@Alternate Data Stream - 5384 bytes -> C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6002.18005_none_b5c807ab2d93d829\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 5384 bytes -> C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6001.18000_none_b3dc8e9f30720cdd\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 5384 bytes -> C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6000.16386_none_b1a5cca33386fc09\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 5384 bytes -> C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:CC2DDA0D
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:3678108F
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:DFC5A2B2

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{d2bf470e-ed1c-487f-a333-2bd8835eb6ce}"=-
"{D2BF470E-ED1C-487F-A666-2BD8835EB6CE}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=-
Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.



:arrow: Udelejte !!!uplnou!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Re: Preventivní kontrola logu, problémy s Layout klávesnice

Napsal: 05 říj 2012 18:40
od Irí
Někde se stala chyba.
Vše jsem zkopíroval do okna a udělal dle vašich instrukcí - spustil jsem OTL v cca 10 hodin dopoledne, když to ještě ve 12 běželo, nechal jsem to bez dozoru a odešel. Po návratu k PC v 19:00 OTL pořád běžel (chroustal HDD jak o život a bylo jen aktivní jeho okno). :shock:

Nakonec jsem musel odhlásit uživatele kl. zkratkou a standardním způsobem restartovat. Systém naběhl v pořádku.
Problém je u mě, nebo ve skriptu?
Jen dodám pro info, že po spuštění OTL s vašim skriptem se ukončily všechny programy, včetně explorer.exe - jediné co zůstalo aktivní byla postranní lišta.

PS: předem omluva za moji další opožděnou odpověď, povinnosti volají a musím opět od PC :(

Re: Preventivní kontrola logu, problémy s Layout klávesnice

Napsal: 05 říj 2012 19:31
od Márty84
To, ze bylo aktivni jen jeho okno, je v poradku, tak to ma vypadat. Ten cas uz normalni neni. Ve skriptu chybu nevidim, takze problem bude nekde v pc. Neco ho nejspis blokovalo.


:arrow: Zkuste to jeste jednou, ale tentokrat v nouzovem rezimu (restartujte pc, mackejte klavesu F8 - pripadne jinou, zalezi na typu stroje, a zvolte moznost nouzovy rezim, nebo tady jiny postup http://forum.viry.cz/viewtopic.php?f=46&t=7554 )

:arrow: Kdyz to nepujde, OTL nechte zatim stranou a pokracujte s MBAM


:!: Neni se za co omlouvat, kazdy mame sve povinnosti, ja tu taky nemuzu byt porad. :wink:

Re: Preventivní kontrola logu, problémy s Layout klávesnice

Napsal: 08 říj 2012 09:40
od Irí
Dobrý den, takže jsem si s OTL hrál, zkoušel všemožné nouzové režimy, povypínal procesy i ručně a přesto se mi nepodařilo dokončit skript korektně.
Zkoušel jsem to 3x, pokaždé jsem to nechal běžet 2-3 hodiny, což jsem bral za jako dostačující čas.

Přešel jsem tedy na MBAM a přikládám požadovaný výpis:

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.65.0.1400
www.malwarebytes.org

Verze databáze: v2012.10.08.02

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
uzivatel :: VISTA [administrátor]

Ochrana: Zakázána

8.10.2012 9:08:03
mbam-log-2012-10-08 (10-33-38).txt

Typ: Úplná kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 421112
Uplynulý čas: 1 hodin, 19 minut, 51 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 2
c:\program files\comodo\comodo internet security\quarantine\00c573c2-0ef2-422f-ae50-6a1341d5b1cb.data (Dont.Steal.Our.Software) -> Žádná instrukce nebyla provedena.
c:\program files\comodo\comodo internet security\quarantine\ed1a6b6b-a0c1-4245-b225-7e9d05371226.data (Trojan.Agent) -> Žádná instrukce nebyla provedena.

(konec)

Re: Preventivní kontrola logu, problémy s Layout klávesnice

Napsal: 08 říj 2012 09:53
od Márty84
:arrow: MBAM muzete odinstalovat. Nasel jen havet v karantene Comoda, tam je neskodna.

:arrow: Dobra, zkusime tedy jeho mensiho bratricka, tedy OTM


:arrow: Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe a ulozte nejlepe na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]

:services
AdobeARMservice
AdobeFlashPlayerUpdateSvc

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\Adobe Flash Player Updater.job
@C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6002.18005_none_b5c807ab2d93d829\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6001.18000_none_b3dc8e9f30720cdd\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6000.16386_none_b1a5cca33386fc09\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@C:\ProgramData\TEMP:CC2DDA0D
@C:\ProgramData\TEMP:3678108F
@C:\ProgramData\TEMP:DFC5A2B2

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{d2bf470e-ed1c-487f-a333-2bd8835eb6ce}"=-
"{D2BF470E-ED1C-487F-A666-2BD8835EB6CE}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=-
Kliknete na MoveIt a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)

Re: Preventivní kontrola logu, problémy s Layout klávesnice

Napsal: 08 říj 2012 11:08
od Irí
Tentokrát vše proběhlo v pořádku, připojuji log:


All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: sssugi
->Temp folder emptied: 0 bytes

User: uzivatel
->Temp folder emptied: 950628 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 155771254 bytes
->Google Chrome cache emptied: 9956704 bytes
->Opera cache emptied: 28952177 bytes
->Flash cache emptied: 19996 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 141353 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 31097426 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 49219 bytes
RecycleBin emptied: 5684401128 bytes

Total Files Cleaned = 5 638.00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Guest
->Flash cache emptied: 0 bytes

User: Public

User: sssugi

User: uzivatel
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
ADS C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6002.18005_none_b5c807ab2d93d829\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh deleted successfully.
Unable to delete ADS C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6001.18000_none_b3dc8e9f30720cdd\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh .
Unable to delete ADS C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6000.16386_none_b1a5cca33386fc09\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh .
Unable to delete ADS C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh .
ADS C:\ProgramData\TEMP:CC2DDA0D deleted successfully.
ADS C:\ProgramData\TEMP:3678108F deleted successfully.
ADS C:\ProgramData\TEMP:DFC5A2B2 deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{d2bf470e-ed1c-487f-a333-2bd8835eb6ce} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2bf470e-ed1c-487f-a333-2bd8835eb6ce}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{D2BF470E-ED1C-487F-A666-2BD8835EB6CE} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D2BF470E-ED1C-487F-A666-2BD8835EB6CE}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.

OTM by OldTimer - Version 3.1.21.0 log created on 10082012_115828

Files moved on Reboot...
File C:\Users\uzivatel\AppData\Local\Temp\etilqs_DWXI5u6RheoQwpM not found!

Registry entries deleted on Reboot...


Mezi tím zkouším layaut klávesnice a problém přetrvává - momentálně mi nefunguje číslice 6 na num. klávesnici

Re: Preventivní kontrola logu, problémy s Layout klávesnice

Napsal: 08 říj 2012 11:11
od Márty84
:arrow: Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne delsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

Re: Preventivní kontrola logu, problémy s Layout klávesnice

Napsal: 08 říj 2012 11:24
od Irí
RogueKiller V8.1.1 [10/03/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Operační systém: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Spuštěno v : Normální režim
Uživatel : uzivatel [Práva správce]
Mód : Kontrola -- Datum : 10/08/2012 12:23:38

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> NALEZENO
[HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> NALEZENO
[HJ DESK] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD3200AAKS-75VYA0 ATA Device +++++
--- User ---
[MBR] 37c1640e8ea2737723d49eac45ecd241
[BSP] a83cce7d2bccbdcd470a7f61974bdede : MBR Code unknown
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 91204 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 186787760 | Size: 214037 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1].txt >>
RKreport[1].txt ; RKreport[1].txt

Re: Preventivní kontrola logu, problémy s Layout klávesnice

Napsal: 08 říj 2012 11:29
od Márty84
:arrow: Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.
Všechny časy jsou v UTC+01:00
Stránka 1 z 4

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz