Kontrola Logu

Zpráva

Dominator95 · #1 Příspěvek od **Dominator95** » 20 říj 2012 14:54

Dobrý den, přidávám svůj LOG a prosím o kontrolu!

Dík

Logfile of random's system information tool 1.09 (written by random/random)
Run by Dominik at 2012-10-20 15:51:23
Microsoft Windows 7 Professional
System drive C: has 2 GB (12%) free of 19 GB
Total RAM: 1023 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:52:19, on 20.10.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\Mixer.exe
D:\Avast\AvastUI.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\WindowsMobile\wmdcBase.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Dominik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dominik\AppData\Local\Google\Chrome\Application\chrome.exe
D:\Skype\Phone\Skype.exe
C:\Users\Dominik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dominik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dominik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dominik\Downloads\RSIT.exe
C:\Program Files\trend micro\Dominik.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredibar.com/mb174?a=6R8BmSYpQN&i=26
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Avast\aswWebRepIE.dll
O3 - Toolbar: Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [avast] "D:\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Windows Mobile-based device management] %WINDIR%\WindowsMobile\wmdcBase.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Dominik\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [EPSON SX100 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE /FU "C:\Windows\TEMP\E_SA1FC.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: avast! Antivirus - AVAST Software - D:\Avast\AvastSvc.exe
O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systemes SolidWorks Corp. - D:\SolidWorks 2012 SP02\SolidWorks\swScheduler\DTSCoordinatorService.exe
O23 - Service: DraftSight API Service - Dassault Systemes - C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe

--
End of file - 6687 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-225031741-2692859406-3082480967-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-225031741-2692859406-3082480967-1001UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\clato6kz.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://mystart.incredibar.com/mb174/?lo ... 26&search="

"{336D0C35-8A85-403a-B9D2-65C292C39087}"=C:\Program Files\Web Assistant\Firefox
"wrc@avast.com"=D:\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.0]
"Description"=
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npEModelPlugin.dll
NPOFF12.DLL
nppdf32.dll
nsEModelPlugin.xpt
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}]
Incredibar.com Helper Object - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll [2012-01-22 261632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - D:\Avast\aswWebRepIE.dll [2012-08-21 1227224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{F9639E4A-801B-4843-AEE3-03D9DA199E77} - Incredibar Toolbar - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll [2012-01-22 270336]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - D:\Avast\aswWebRepIE.dll [2012-08-21 1227224]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"C-Media Mixer"=Mixer.exe /startup []
"avast"=D:\Avast\avastUI.exe [2012-08-21 4282728]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-09 153136]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdcBase.exe [2007-05-31 648072]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Dominik\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-27 116648]
"DAEMON Tools Lite"=D:\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]
"EPSON SX100 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE [2008-02-05 188928]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2012-10-19 13:50:35 ----D---- C:\Program Files\trend micro
2012-10-19 13:50:33 ----D---- C:\rsit
2012-10-16 14:06:37 ----D---- C:\Program Files\Mozilla Firefox
2012-10-15 15:09:26 ----D---- C:\Windows\rescache
2012-10-13 09:02:11 ----A---- C:\Windows\mixerdef.ini
2012-10-12 16:44:03 ----D---- C:\Program Files\Common Files\Macrovision Shared
2012-10-10 15:46:58 ----A---- C:\Windows\system32\wintrust.dll
2012-10-10 15:46:51 ----A---- C:\Windows\system32\tzres.dll
2012-10-10 15:46:29 ----A---- C:\Windows\system32\kernel32.dll
2012-10-10 15:46:27 ----A---- C:\Windows\system32\winsrv.dll
2012-10-10 15:46:27 ----A---- C:\Windows\system32\KernelBase.dll
2012-10-10 15:46:26 ----A---- C:\Windows\system32\conhost.exe
2012-10-10 15:46:24 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-10 15:46:22 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-10-10 15:46:21 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-10 15:46:21 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-10-10 15:46:21 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-10-10 15:46:21 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-10 15:46:21 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-10-10 15:46:21 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-10 15:46:20 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-10 15:46:20 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-10-10 15:46:19 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-10-10 15:46:19 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-10 15:46:19 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-10 15:46:19 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-10-10 15:46:19 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-10 15:46:18 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-10-10 15:46:18 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-10-10 15:46:18 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-10-10 15:46:18 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-10 15:46:17 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-10-10 15:46:17 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-10-10 15:46:17 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-10-10 15:46:15 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-10-10 15:46:15 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-10 15:46:15 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-10-10 15:46:15 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-10 15:46:13 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-10-10 15:46:13 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-10-10 15:45:54 ----A---- C:\Windows\system32\crypt32.dll
2012-10-10 15:45:53 ----A---- C:\Windows\system32\cryptsvc.dll
2012-10-10 15:45:52 ----A---- C:\Windows\system32\cryptnet.dll
2012-10-10 15:45:10 ----A---- C:\Windows\system32\drivers\ntfs.sys
2012-10-10 15:45:07 ----A---- C:\Windows\system32\kerberos.dll
2012-10-10 15:44:59 ----A---- C:\Windows\system32\ntkrnlpa.exe
2012-10-10 15:44:58 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-09-29 21:15:00 ----A---- C:\Windows\system32\MRT.exe
2012-09-23 16:36:31 ----D---- C:\Users\Dominik\AppData\Roaming\BlackBean
2012-09-22 15:08:55 ----A---- C:\Windows\system32\vbscript.dll
2012-09-22 15:08:55 ----A---- C:\Windows\system32\mshtmled.dll
2012-09-22 15:08:53 ----A---- C:\Windows\system32\jsproxy.dll
2012-09-22 15:08:52 ----A---- C:\Windows\system32\msfeeds.dll
2012-09-22 15:08:52 ----A---- C:\Windows\system32\ieUnatt.exe
2012-09-22 15:08:52 ----A---- C:\Windows\system32\ieui.dll
2012-09-22 15:08:50 ----A---- C:\Windows\system32\wininet.dll
2012-09-22 15:08:49 ----A---- C:\Windows\system32\jscript.dll
2012-09-22 15:08:47 ----A---- C:\Windows\system32\url.dll
2012-09-22 15:08:47 ----A---- C:\Windows\system32\jscript9.dll
2012-09-22 15:08:45 ----A---- C:\Windows\system32\iertutil.dll
2012-09-22 15:08:42 ----A---- C:\Windows\system32\urlmon.dll
2012-09-22 15:08:37 ----A---- C:\Windows\system32\ieframe.dll
2012-09-22 15:08:36 ----A---- C:\Windows\system32\mshtml.dll
2012-09-19 06:22:54 ----ASH---- C:\pagefile.sys
2012-09-17 19:46:58 ----AH---- C:\Windows\system32\hamachi.sys
2012-09-16 18:18:28 ----HD---- C:\Program Files\InstallShield Installation Information
2012-09-16 16:41:02 ----D---- C:\ProgramData\Trymedia
2012-09-15 12:56:58 ----D---- C:\Users\Dominik\AppData\Roaming\SolidWorks 2012
2012-09-14 16:08:40 ----D---- C:\Users\Dominik\AppData\Roaming\EDrawings
2012-09-13 20:54:42 ----D---- C:\Users\Dominik\AppData\Roaming\DraftSight
2012-09-13 20:54:27 ----D---- C:\ProgramData\Dassault Systemes
2012-09-13 20:53:58 ----D---- C:\Program Files\Dassault Systemes
2012-09-13 20:41:33 ----A---- C:\Windows\eDrawingOfficeAutomator.INI
2012-09-13 20:36:48 ----D---- C:\Users\Dominik\AppData\Roaming\DassaultSystemes
2012-09-13 20:36:48 ----D---- C:\ProgramData\DassaultSystemes
2012-09-13 20:24:24 ----D---- C:\Program Files\NVIDIA Corporation
2012-09-13 20:24:22 ----D---- C:\ProgramData\SolidWorks
2012-09-13 20:19:41 ----D---- C:\Program Files\MSECache
2012-09-13 20:17:53 ----D---- C:\ProgramData\FLEXnet
2012-09-13 20:17:50 ----D---- C:\Program Files\Common Files\SolidWorks Shared
2012-09-13 20:14:38 ----D---- C:\Program Files\Common Files\Manažer instalací SolidWorks
2012-09-13 20:12:35 ----D---- C:\Windows\SolidWorks
2012-09-13 20:12:28 ----D---- C:\Users\Dominik\AppData\Roaming\SolidWorks
2012-09-12 17:33:32 ----A---- C:\Windows\system32\d3d10level9.dll
2012-09-08 18:13:40 ----D---- C:\Windows\Minidump
2012-09-03 12:10:23 ----D---- C:\Windows\system32\AGEIA
2012-09-03 12:10:21 ----D---- C:\Program Files\AGEIA Technologies
2012-09-03 12:10:04 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2012-09-03 11:30:49 ----D---- C:\Program Files\Microsoft Silverlight
2012-09-02 19:58:04 ----A---- C:\Windows\system32\physxloader.dll
2012-09-02 19:52:10 ----A---- C:\Windows\system32\XAudio2_7.dll
2012-09-02 19:52:10 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2012-09-02 19:52:10 ----A---- C:\Windows\system32\xactengine3_7.dll
2012-09-02 19:52:09 ----A---- C:\Windows\system32\d3dcsx_43.dll
2012-09-02 19:52:09 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2012-09-02 19:52:08 ----A---- C:\Windows\system32\d3dx11_43.dll
2012-09-02 19:52:08 ----A---- C:\Windows\system32\d3dx10_43.dll
2012-09-02 19:52:07 ----A---- C:\Windows\system32\D3DX9_43.dll
2012-09-02 19:52:06 ----A---- C:\Windows\system32\XAudio2_6.dll
2012-09-02 19:52:06 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2012-09-02 19:52:05 ----A---- C:\Windows\system32\xactengine3_6.dll
2012-09-02 19:52:05 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2012-09-02 19:52:04 ----A---- C:\Windows\system32\XAudio2_5.dll
2012-09-02 19:52:04 ----A---- C:\Windows\system32\xactengine3_5.dll
2012-09-02 19:52:03 ----A---- C:\Windows\system32\d3dcsx_42.dll
2012-09-02 19:52:03 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2012-09-02 19:52:02 ----A---- C:\Windows\system32\D3DX9_42.dll
2012-09-02 19:52:02 ----A---- C:\Windows\system32\d3dx11_42.dll
2012-09-02 19:52:02 ----A---- C:\Windows\system32\d3dx10_42.dll
2012-09-02 19:52:01 ----A---- C:\Windows\system32\d3dx10_41.dll
2012-09-02 19:52:01 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2012-09-02 19:52:00 ----A---- C:\Windows\system32\D3DX9_41.dll
2012-09-02 19:51:59 ----A---- C:\Windows\system32\XAudio2_4.dll
2012-09-02 19:51:59 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2012-09-02 19:51:58 ----A---- C:\Windows\system32\xactengine3_4.dll
2012-09-02 19:51:58 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2012-09-02 19:51:58 ----A---- C:\Windows\system32\d3dx10_40.dll
2012-09-02 19:51:58 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2012-09-02 19:51:57 ----A---- C:\Windows\system32\D3DX9_40.dll
2012-09-02 19:51:56 ----A---- C:\Windows\system32\XAudio2_3.dll
2012-09-02 19:51:56 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2012-09-02 19:51:55 ----A---- C:\Windows\system32\xactengine3_3.dll
2012-09-02 19:51:55 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2012-09-02 19:51:54 ----A---- C:\Windows\system32\XAudio2_2.dll
2012-09-02 19:51:54 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2012-09-02 19:51:52 ----A---- C:\Windows\system32\xactengine3_2.dll
2012-09-02 19:51:51 ----A---- C:\Windows\system32\d3dx10_39.dll
2012-09-02 19:51:51 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2012-09-02 19:51:50 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2012-09-02 19:51:50 ----A---- C:\Windows\system32\D3DX9_39.dll
2012-09-02 19:51:49 ----A---- C:\Windows\system32\XAudio2_1.dll
2012-09-02 19:51:49 ----A---- C:\Windows\system32\xactengine3_1.dll
2012-09-02 19:51:48 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2012-09-02 19:51:48 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2012-09-02 19:51:47 ----A---- C:\Windows\system32\d3dx10_38.dll
2012-09-02 19:51:46 ----A---- C:\Windows\system32\XAudio2_0.dll
2012-09-02 19:51:46 ----A---- C:\Windows\system32\D3DX9_38.dll
2012-09-02 19:51:45 ----A---- C:\Windows\system32\xactengine3_0.dll
2012-09-02 19:51:44 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2012-09-02 19:51:44 ----A---- C:\Windows\system32\d3dx10_37.dll
2012-09-02 19:51:44 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2012-09-02 19:51:43 ----A---- C:\Windows\system32\D3DX9_37.dll
2012-09-02 19:51:42 ----A---- C:\Windows\system32\xactengine2_10.dll
2012-09-02 19:51:40 ----A---- C:\Windows\system32\d3dx10_36.dll
2012-09-02 19:51:40 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2012-09-02 19:51:39 ----A---- C:\Windows\system32\d3dx9_36.dll
2012-09-02 19:51:38 ----A---- C:\Windows\system32\xactengine2_9.dll
2012-09-02 19:51:36 ----A---- C:\Windows\system32\d3dx10_35.dll
2012-09-02 19:51:36 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2012-09-02 19:51:35 ----A---- C:\Windows\system32\d3dx9_35.dll
2012-09-02 19:51:34 ----A---- C:\Windows\system32\xactengine2_8.dll
2012-09-02 19:51:34 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2012-09-02 19:51:33 ----A---- C:\Windows\system32\d3dx10_34.dll
2012-09-02 19:51:33 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2012-09-02 19:51:32 ----A---- C:\Windows\system32\xinput1_3.dll
2012-09-02 19:51:32 ----A---- C:\Windows\system32\d3dx9_34.dll
2012-09-02 19:51:30 ----A---- C:\Windows\system32\xactengine2_7.dll
2012-09-02 19:51:30 ----A---- C:\Windows\system32\d3dx10_33.dll
2012-09-02 19:51:30 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2012-09-02 19:51:29 ----A---- C:\Windows\system32\d3dx9_33.dll
2012-09-02 19:51:28 ----A---- C:\Windows\system32\xactengine2_6.dll
2012-09-02 19:51:28 ----A---- C:\Windows\system32\xactengine2_5.dll
2012-09-02 19:51:27 ----A---- C:\Windows\system32\d3dx9_32.dll
2012-09-02 19:51:27 ----A---- C:\Windows\system32\d3dx10.dll
2012-09-02 19:51:26 ----A---- C:\Windows\system32\xactengine2_4.dll
2012-09-02 19:51:26 ----A---- C:\Windows\system32\x3daudio1_1.dll
2012-09-02 19:51:25 ----A---- C:\Windows\system32\d3dx9_31.dll
2012-09-02 19:51:24 ----A---- C:\Windows\system32\xinput1_2.dll
2012-09-02 19:51:24 ----A---- C:\Windows\system32\xinput1_1.dll
2012-09-02 19:51:24 ----A---- C:\Windows\system32\xactengine2_3.dll
2012-09-02 19:51:24 ----A---- C:\Windows\system32\xactengine2_2.dll
2012-09-02 19:51:23 ----A---- C:\Windows\system32\xactengine2_1.dll
2012-09-02 19:51:11 ----A---- C:\Windows\system32\xactengine2_0.dll
2012-09-02 19:51:11 ----A---- C:\Windows\system32\x3daudio1_0.dll
2012-09-02 19:51:11 ----A---- C:\Windows\system32\d3dx9_29.dll
2012-09-02 19:51:08 ----A---- C:\Windows\system32\d3dx9_27.dll
2012-09-02 19:51:07 ----A---- C:\Windows\system32\d3dx9_26.dll
2012-09-02 19:51:06 ----A---- C:\Windows\system32\d3dx9_25.dll
2012-09-02 19:51:05 ----A---- C:\Windows\system32\d3dx9_24.dll
2012-09-02 19:46:21 ----D---- C:\Program Files\TSearch
2012-09-01 20:41:56 ----D---- C:\Program Files\smartdl
2012-08-31 14:26:54 ----D---- C:\Users\Dominik\AppData\Roaming\uTorrent
2012-08-22 22:22:00 ----A---- C:\torrent.exe
2012-08-18 19:20:30 ----D---- C:\ProgramData\Sun
2012-08-18 19:19:11 ----A---- C:\Windows\system32\npDeployJava1.dll
2012-08-18 19:19:11 ----A---- C:\Windows\system32\deployJava1.dll
2012-08-16 10:01:22 ----A---- C:\Windows\system32\srcore.dll
2012-08-16 10:01:20 ----A---- C:\Windows\system32\win32k.sys
2012-08-16 10:01:15 ----A---- C:\Windows\system32\win32spl.dll
2012-08-16 10:01:14 ----A---- C:\Windows\system32\spoolsv.exe
2012-08-16 10:01:10 ----A---- C:\Windows\system32\netapi32.dll
2012-08-16 10:01:10 ----A---- C:\Windows\system32\browcli.dll
2012-08-16 10:01:09 ----A---- C:\Windows\system32\browser.dll
2012-08-16 10:01:07 ----A---- C:\Windows\system32\localspl.dll
2012-08-15 14:47:07 ----D---- C:\Windows\WindowsMobile
2012-08-08 14:00:24 ----RASH---- C:\MSDOS.SYS
2012-08-08 14:00:24 ----RASH---- C:\IO.SYS
2012-08-08 13:56:22 ----D---- C:\Program Files\Common Files\Steam
2012-08-07 17:26:28 ----D---- C:\Program Files\Perion
2012-08-07 17:26:22 ----A---- C:\user.js
2012-08-07 17:26:18 ----D---- C:\Program Files\Incredibar.com
2012-08-06 17:40:28 ----D---- C:\ProgramData\Zoner
2012-08-02 10:36:43 ----A---- C:\Windows\system32\FntCache.dll
2012-07-31 15:10:47 ----D---- C:\Program Files\Common Files\Skype
2012-07-31 15:09:33 ----D---- C:\ProgramData\Skype
2012-07-30 13:42:41 ----D---- C:\Program Files\CCleaner
2012-07-30 12:02:27 ----D---- C:\Users\Dominik\AppData\Roaming\Skype
2012-07-30 11:57:35 ----D---- C:\ProgramData\McAfee
2012-07-29 14:25:24 ----D---- C:\Program Files\Common Files\InstallShield
2012-07-29 10:30:34 ----A---- C:\Windows\system32\drivers\usbport.sys
2012-07-29 10:30:34 ----A---- C:\Windows\system32\drivers\usbehci.sys
2012-07-29 10:30:33 ----A---- C:\Windows\system32\drivers\usbhub.sys
2012-07-29 10:30:33 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2012-07-29 10:30:32 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2012-07-29 10:30:32 ----A---- C:\Windows\system32\drivers\usbohci.sys
2012-07-29 10:30:32 ----A---- C:\Windows\system32\drivers\usbd.sys
2012-07-29 10:30:15 ----A---- C:\Windows\system32\drivers\nvstor.sys
2012-07-29 10:30:13 ----A---- C:\Windows\system32\drivers\nvraid.sys
2012-07-29 10:30:11 ----A---- C:\Windows\system32\esent.dll
2012-07-29 10:30:10 ----A---- C:\Windows\system32\drivers\amdsata.sys
2012-07-29 10:30:09 ----A---- C:\Windows\system32\drivers\storport.sys
2012-07-29 10:30:08 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2012-07-29 10:30:08 ----A---- C:\Windows\system32\drivers\amdxata.sys
2012-07-29 10:30:07 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2012-07-29 10:30:06 ----A---- C:\Windows\system32\fsutil.exe
2012-07-29 09:58:21 ----D---- C:\Windows\system32\Wat
2012-07-28 21:01:38 ----A---- C:\Windows\system32\msv1_0.dll
2012-07-28 20:52:33 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2012-07-28 20:52:33 ----A---- C:\Windows\system32\PresentationHost.exe
2012-07-28 20:52:32 ----A---- C:\Windows\system32\netfxperf.dll
2012-07-28 20:52:32 ----A---- C:\Windows\system32\mscoree.dll
2012-07-28 20:52:32 ----A---- C:\Windows\system32\dfshim.dll
2012-07-28 20:18:28 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2012-07-28 20:18:27 ----A---- C:\Windows\system32\wmi.dll
2012-07-28 20:18:26 ----A---- C:\Windows\system32\imagehlp.dll
2012-07-28 20:16:23 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2012-07-28 20:16:23 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2012-07-28 20:16:23 ----A---- C:\Windows\system32\msrating.dll
2012-07-28 20:16:23 ----A---- C:\Windows\system32\msls31.dll
2012-07-28 20:16:23 ----A---- C:\Windows\system32\mshtmler.dll
2012-07-28 20:16:23 ----A---- C:\Windows\system32\msfeedssync.exe
2012-07-28 20:16:23 ----A---- C:\Windows\system32\msfeedsbs.dll
2012-07-28 20:16:23 ----A---- C:\Windows\system32\iesysprep.dll
2012-07-28 20:16:23 ----A---- C:\Windows\system32\ieakeng.dll
2012-07-28 20:16:23 ----A---- C:\Windows\system32\IEAdvpack.dll
2012-07-28 20:16:22 ----A---- C:\Windows\system32\wextract.exe
2012-07-28 20:16:22 ----A---- C:\Windows\system32\webcheck.dll
2012-07-28 20:16:22 ----A---- C:\Windows\system32\pngfilt.dll
2012-07-28 20:16:22 ----A---- C:\Windows\system32\occache.dll
2012-07-28 20:16:22 ----A---- C:\Windows\system32\mshta.exe
2012-07-28 20:16:22 ----A---- C:\Windows\system32\licmgr10.dll
2012-07-28 20:16:22 ----A---- C:\Windows\system32\inseng.dll
2012-07-28 20:16:22 ----A---- C:\Windows\system32\imgutil.dll
2012-07-28 20:16:22 ----A---- C:\Windows\system32\iexpress.exe
2012-07-28 20:16:22 ----A---- C:\Windows\system32\iesetup.dll
2012-07-28 20:16:22 ----A---- C:\Windows\system32\iernonce.dll
2012-07-28 20:16:22 ----A---- C:\Windows\system32\iepeers.dll
2012-07-28 20:16:22 ----A---- C:\Windows\system32\iedkcs32.dll
2012-07-28 20:16:22 ----A---- C:\Windows\system32\ieapfltr.dll
2012-07-28 20:16:22 ----A---- C:\Windows\system32\ieapfltr.dat
2012-07-28 20:16:22 ----A---- C:\Windows\system32\ieakui.dll
2012-07-28 20:16:22 ----A---- C:\Windows\system32\ieaksie.dll
2012-07-28 20:16:22 ----A---- C:\Windows\system32\ie4uinit.exe
2012-07-28 20:16:22 ----A---- C:\Windows\system32\icardie.dll
2012-07-28 20:16:22 ----A---- C:\Windows\system32\dxtrans.dll
2012-07-28 20:16:22 ----A---- C:\Windows\system32\dxtmsft.dll
2012-07-28 20:16:22 ----A---- C:\Windows\system32\admparse.dll
2012-07-28 20:14:01 ----A---- C:\Windows\system32\browserchoice.exe
2012-07-28 20:08:15 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2012-07-28 20:08:15 ----A---- C:\Windows\system32\drivers\ks.sys
2012-07-28 20:06:44 ----D---- C:\Program Files\MSXML 4.0
2012-07-28 20:06:07 ----A---- C:\Windows\system32\wcncsvc.dll
2012-07-28 12:57:15 ----D---- C:\ProgramData\TreeCardGames
2012-07-28 12:21:43 ----D---- C:\Program Files\Microsoft Visual Studio
2012-07-28 12:21:41 ----D---- C:\Program Files\Common Files\DESIGNER
2012-07-28 11:01:14 ----D---- C:\Program Files\Microsoft Works
2012-07-28 10:59:22 ----D---- C:\Windows\PCHEALTH
2012-07-28 10:59:21 ----D---- C:\Program Files\Microsoft.NET
2012-07-28 10:57:52 ----D---- C:\Program Files\Microsoft Office
2012-07-28 10:51:35 ----RHD---- C:\MSOCache
2012-07-28 10:42:48 ----D---- C:\Users\Dominik\AppData\Roaming\TreeCardGames
2012-07-28 10:22:39 ----D---- C:\Program Files\Microsoft Visual Studio 8
2012-07-28 10:20:06 ----D---- C:\ProgramData\Microsoft Help
2012-07-28 07:59:48 ----A---- C:\Windows\system32\ole32.dll
2012-07-28 07:59:46 ----A---- C:\Windows\system32\drivers\fvevol.sys
2012-07-28 07:59:39 ----A---- C:\Windows\system32\drivers\srv2.sys
2012-07-28 07:59:39 ----A---- C:\Windows\system32\drivers\srv.sys
2012-07-28 07:59:38 ----A---- C:\Windows\system32\drivers\srvnet.sys
2012-07-28 07:59:32 ----A---- C:\Windows\system32\drivers\afd.sys
2012-07-28 07:59:25 ----A---- C:\Windows\system32\ntdll.dll
2012-07-28 07:59:03 ----A---- C:\Windows\system32\xmllite.dll
2012-07-28 07:58:58 ----A---- C:\Windows\system32\prevhost.exe
2012-07-28 07:58:56 ----A---- C:\Windows\system32\dnsrslvr.dll
2012-07-28 07:58:56 ----A---- C:\Windows\system32\dnsapi.dll
2012-07-28 07:58:55 ----A---- C:\Windows\system32\dnscacheugc.exe
2012-07-28 07:58:52 ----A---- C:\Windows\system32\atmfd.dll
2012-07-28 07:58:51 ----A---- C:\Windows\system32\atmlib.dll
2012-07-28 07:58:38 ----A---- C:\Windows\system32\ir32_32.dll
2012-07-28 07:58:38 ----A---- C:\Windows\system32\iccvid.dll
2012-07-28 07:58:35 ----A---- C:\Windows\system32\winlogon.exe
2012-07-28 07:58:33 ----A---- C:\Windows\system32\t2embed.dll
2012-07-28 07:58:09 ----A---- C:\Windows\system32\msdri.dll
2012-07-28 07:58:00 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-07-28 07:57:51 ----A---- C:\Windows\system32\psisdecd.dll
2012-07-28 07:57:22 ----A---- C:\Windows\system32\umpnpmgr.dll
2012-07-28 07:57:19 ----A---- C:\Windows\system32\schedsvc.dll
2012-07-28 07:57:18 ----A---- C:\Windows\system32\wmicmiplugin.dll
2012-07-28 07:57:18 ----A---- C:\Windows\system32\taskschd.dll
2012-07-28 07:57:17 ----A---- C:\Windows\system32\taskeng.exe
2012-07-28 07:57:17 ----A---- C:\Windows\system32\taskcomp.dll
2012-07-28 07:57:17 ----A---- C:\Windows\system32\schtasks.exe
2012-07-28 07:57:14 ----A---- C:\Windows\system32\msasn1.dll
2012-07-28 07:57:05 ----A---- C:\Windows\system32\rtutils.dll
2012-07-28 07:56:59 ----A---- C:\Windows\system32\schannel.dll
2012-07-28 07:56:58 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-07-28 07:56:58 ----A---- C:\Windows\system32\drivers\cng.sys
2012-07-28 07:56:57 ----A---- C:\Windows\system32\ncrypt.dll
2012-07-28 07:56:57 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-07-28 07:56:53 ----A---- C:\Windows\system32\msxml6.dll
2012-07-28 07:56:51 ----A---- C:\Windows\system32\msxml3.dll
2012-07-28 07:56:41 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2012-07-28 07:56:40 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2012-07-28 07:56:40 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2012-07-28 07:56:36 ----A---- C:\Windows\system32\oleaut32.dll
2012-07-28 07:56:35 ----A---- C:\Windows\system32\oleacc.dll
2012-07-28 07:56:31 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-07-28 07:56:26 ----A---- C:\Windows\system32\odbc32.dll
2012-07-28 07:56:03 ----A---- C:\Windows\system32\drivers\dfsc.sys
2012-07-28 07:55:13 ----A---- C:\Windows\system32\inetcomm.dll
2012-07-28 07:55:04 ----A---- C:\Windows\system32\CertEnroll.dll
2012-07-28 07:55:02 ----A---- C:\Windows\system32\winresume.exe
2012-07-28 07:55:02 ----A---- C:\Windows\system32\winload.exe
2012-07-28 07:54:37 ----A---- C:\Windows\system32\asycfilt.dll
2012-07-28 07:54:35 ----A---- C:\Windows\system32\comctl32.dll
2012-07-28 07:54:30 ----A---- C:\Windows\system32\mfc40.dll
2012-07-28 07:54:29 ----A---- C:\Windows\system32\mfc40u.dll
2012-07-28 07:54:21 ----A---- C:\Windows\system32\wmp.dll
2012-07-28 07:54:18 ----A---- C:\Windows\system32\wmploc.DLL
2012-07-28 07:54:15 ----A---- C:\Windows\system32\packager.dll
2012-07-28 07:54:09 ----A---- C:\Windows\system32\tquery.dll
2012-07-28 07:54:09 ----A---- C:\Windows\system32\mssrch.dll
2012-07-28 07:54:07 ----A---- C:\Windows\system32\SearchIndexer.exe
2012-07-28 07:54:07 ----A---- C:\Windows\system32\mssvp.dll
2012-07-28 07:54:06 ----A---- C:\Windows\system32\mssph.dll
2012-07-28 07:54:05 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2012-07-28 07:54:05 ----A---- C:\Windows\system32\SearchFilterHost.exe
2012-07-28 07:54:05 ----A---- C:\Windows\system32\mssphtb.dll
2012-07-28 07:54:04 ----A---- C:\Windows\system32\msscntrs.dll
2012-07-28 07:53:24 ----A---- C:\Windows\system32\FXSCOVER.exe
2012-07-28 07:53:22 ----A---- C:\Windows\system32\fontsub.dll
2012-07-28 07:53:19 ----A---- C:\Windows\system32\EncDec.dll
2012-07-28 07:53:16 ----A---- C:\Windows\system32\XpsPrint.dll
2012-07-28 07:53:03 ----A---- C:\Windows\system32\apphelp.dll
2012-07-28 07:52:58 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2012-07-28 07:52:57 ----A---- C:\Windows\system32\csrsrv.dll
2012-07-28 07:52:54 ----A---- C:\Windows\system32\tsbyuv.dll
2012-07-28 07:52:54 ----A---- C:\Windows\system32\msyuv.dll
2012-07-28 07:52:54 ----A---- C:\Windows\system32\msvidc32.dll
2012-07-28 07:52:54 ----A---- C:\Windows\system32\msrle32.dll
2012-07-28 07:52:54 ----A---- C:\Windows\system32\mciavi32.dll
2012-07-28 07:52:54 ----A---- C:\Windows\system32\iyuv_32.dll
2012-07-28 07:52:54 ----A---- C:\Windows\system32\avifil32.dll
2012-07-28 07:52:50 ----A---- C:\Windows\system32\CPFilters.dll
2012-07-28 07:52:49 ----A---- C:\Windows\system32\sbe.dll
2012-07-28 07:52:43 ----A---- C:\Windows\system32\quartz.dll
2012-07-28 07:52:41 ----A---- C:\Windows\system32\qdvd.dll
2012-07-28 07:52:32 ----A---- C:\Windows\explorer.exe
2012-07-28 07:52:28 ----A---- C:\Windows\system32\msi.dll
2012-07-28 07:52:08 ----A---- C:\Windows\system32\mstscax.dll
2012-07-28 07:52:07 ----A---- C:\Windows\system32\mstsc.exe
2012-07-28 07:51:55 ----A---- C:\Windows\system32\webio.dll
2012-07-28 07:51:55 ----A---- C:\Windows\system32\lsasrv.dll
2012-07-28 07:51:52 ----A---- C:\Windows\system32\sspisrv.dll
2012-07-28 07:51:52 ----A---- C:\Windows\system32\sspicli.dll
2012-07-28 07:51:52 ----A---- C:\Windows\system32\secur32.dll
2012-07-28 07:51:52 ----A---- C:\Windows\system32\lsass.exe
2012-07-28 07:51:48 ----A---- C:\Windows\system32\odbcjt32.dll
2012-07-28 07:51:47 ----A---- C:\Windows\system32\odbccu32.dll
2012-07-28 07:51:47 ----A---- C:\Windows\system32\odbccr32.dll
2012-07-28 07:51:47 ----A---- C:\Windows\system32\odbccp32.dll
2012-07-28 07:51:46 ----A---- C:\Windows\system32\odbctrac.dll
2012-07-28 07:51:40 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-07-28 07:51:39 ----A---- C:\Windows\system32\rdpwsx.dll
2012-07-28 07:51:39 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-07-28 07:51:36 ----A---- C:\Windows\system32\msvcrt.dll
2012-07-28 07:51:34 ----A---- C:\Windows\system32\drivers\partmgr.sys
2012-07-28 07:51:32 ----A---- C:\Windows\system32\profsvc.dll
2012-07-28 07:51:16 ----A---- C:\Windows\system32\srvsvc.dll
2012-07-28 07:50:58 ----A---- C:\Windows\system32\mf.dll
2012-07-28 07:50:55 ----A---- C:\Windows\system32\WMVDECOD.DLL
2012-07-28 07:50:53 ----A---- C:\Windows\system32\mfreadwrite.dll
2012-07-28 07:50:53 ----A---- C:\Windows\system32\ExplorerFrame.dll
2012-07-28 07:50:51 ----A---- C:\Windows\system32\XpsRasterService.dll
2012-07-28 07:50:39 ----A---- C:\Windows\system32\upnp.dll
2012-07-28 07:50:36 ----A---- C:\Windows\system32\winhttp.dll
2012-07-28 07:50:36 ----A---- C:\Windows\system32\WebClnt.dll
2012-07-28 07:50:36 ----A---- C:\Windows\system32\davclnt.dll
2012-07-28 07:50:35 ----A---- C:\Windows\system32\wscsvc.dll
2012-07-28 07:50:35 ----A---- C:\Windows\system32\wscapi.dll
2012-07-28 07:50:35 ----A---- C:\Windows\system32\slwga.dll
2012-07-28 07:49:52 ----A---- C:\Windows\system32\wmpmde.dll
2012-07-28 07:49:50 ----A---- C:\Windows\system32\consent.exe
2012-07-28 07:49:37 ----A---- C:\Windows\system32\ntshrui.dll
2012-07-28 07:49:32 ----A---- C:\Windows\system32\secproc_isv.dll
2012-07-28 07:49:31 ----A---- C:\Windows\system32\secproc.dll
2012-07-28 07:49:31 ----A---- C:\Windows\system32\RMActivate_isv.exe
2012-07-28 07:49:31 ----A---- C:\Windows\system32\RMActivate.exe
2012-07-28 07:49:30 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2012-07-28 07:49:30 ----A---- C:\Windows\system32\secproc_ssp.dll
2012-07-28 07:49:30 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2012-07-28 07:49:30 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2012-07-28 07:49:27 ----A---- C:\Windows\system32\d3d10warp.dll
2012-07-28 07:49:26 ----A---- C:\Windows\system32\d2d1.dll
2012-07-28 07:49:24 ----A---- C:\Windows\system32\DWrite.dll
2012-07-28 07:49:23 ----A---- C:\Windows\system32\d3d10_1core.dll
2012-07-28 07:49:22 ----A---- C:\Windows\system32\d3d10_1.dll
2012-07-28 07:48:56 ----A---- C:\Windows\system32\mfc42.dll
2012-07-28 07:48:54 ----A---- C:\Windows\system32\mfc42u.dll
2012-07-28 07:48:47 ----A---- C:\Windows\system32\drivers\bowser.sys
2012-07-28 07:48:44 ----A---- C:\Windows\system32\StructuredQuery.dll
2012-07-28 07:48:36 ----A---- C:\Windows\system32\shell32.dll
2012-07-28 07:48:28 ----A---- C:\Windows\system32\poqexec.exe
2012-07-28 07:48:26 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2012-07-28 07:20:43 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2012-07-28 07:20:41 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2012-07-28 07:20:41 ----A---- C:\Windows\system32\cdd.dll
2012-07-27 21:51:53 ----D---- C:\Program Files\ABBYY FineReader 6.0 Sprint
2012-07-27 21:48:08 ----A---- C:\Windows\system32\E_DCINST.DLL
2012-07-27 21:48:03 ----A---- C:\Windows\system32\E_FLBEDE.DLL
2012-07-27 21:48:01 ----A---- C:\Windows\system32\E_FD4BEDE.DLL
2012-07-27 21:47:26 ----D---- C:\ProgramData\EPSON
2012-07-27 21:46:19 ----A---- C:\Windows\system32\escwiad.dll
2012-07-27 21:46:12 ----D---- C:\Program Files\epson
2012-07-27 21:16:32 ----D---- C:\Users\Dominik\AppData\Roaming\Ahead
2012-07-27 21:14:13 ----D---- C:\ProgramData\Nero
2012-07-27 21:14:13 ----D---- C:\Program Files\Nero
2012-07-27 21:14:13 ----D---- C:\Program Files\Common Files\Ahead
2012-07-27 21:08:19 ----A---- C:\Windows\system32\d3dx9_30.dll
2012-07-27 21:08:18 ----A---- C:\Windows\system32\d3dx9_28.dll
2012-07-27 18:08:26 ----D---- C:\Windows\system32\appmgmt
2012-07-27 17:29:40 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2012-07-27 17:29:39 ----A---- C:\Windows\system32\drivers\aswSP.sys
2012-07-27 17:29:35 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2012-07-27 17:29:34 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2012-07-27 17:29:32 ----D---- C:\Users\Dominik\AppData\Roaming\DAEMON Tools Lite
2012-07-27 17:29:32 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2012-07-27 17:29:30 ----D---- C:\ProgramData\DAEMON Tools Lite
2012-07-27 17:29:26 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2012-07-27 17:28:36 ----A---- C:\Windows\system32\aswBoot.exe
2012-07-27 17:28:36 ----A---- C:\Windows\avastSS.scr
2012-07-27 17:28:15 ----D---- C:\ProgramData\AVAST Software
2012-07-27 17:13:28 ----A---- C:\Windows\W2KSetup.exe
2012-07-27 17:13:28 ----A---- C:\Windows\Mixer.exe
2012-07-27 17:13:28 ----A---- C:\Windows\Mixer.dat
2012-07-27 17:13:27 ----D---- C:\Program Files\C-Media
2012-07-27 17:13:27 ----A---- C:\Windows\system32\drivers\cmaudio.sys
2012-07-27 17:13:27 ----A---- C:\Windows\system32\cmnprop.dll
2012-07-27 17:13:27 ----A---- C:\Windows\system32\Audio3D.dll
2012-07-27 17:13:27 ----A---- C:\Windows\system32\a3d.dll
2012-07-27 17:13:27 ----A---- C:\Windows\cmuninst.exe
2012-07-27 17:13:27 ----A---- C:\Windows\cmuninst.dat
2012-07-27 17:13:23 ----A---- C:\Windows\CMCDPLAY.INI
2012-07-27 17:00:54 ----D---- C:\Users\Dominik\AppData\Roaming\Mozilla
2012-07-27 17:00:45 ----D---- C:\ProgramData\Mozilla
2012-07-27 17:00:45 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-07-27 16:58:16 ----D---- C:\Users\Dominik\AppData\Roaming\Macromedia
2012-07-27 16:58:16 ----D---- C:\Users\Dominik\AppData\Roaming\Adobe
2012-07-27 16:54:54 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-07-27 16:54:53 ----D---- C:\Windows\system32\Macromed
2012-07-27 16:53:59 ----D---- C:\Program Files\Common Files\Adobe
2012-07-27 16:53:59 ----D---- C:\Program Files\Adobe
2012-07-27 16:53:44 ----D---- C:\Windows\Panther
2012-07-27 16:53:32 ----RASH---- C:\BOOTSECT.BAK
2012-07-27 16:53:29 ----SHD---- C:\Boot
2012-07-27 16:53:05 ----D---- C:\ProgramData\Adobe
2012-07-27 16:30:42 ----D---- C:\Users\Dominik\AppData\Roaming\Apple Computer
2012-07-27 16:29:53 ----N---- C:\Windows\system32\MpSigStub.exe
2012-07-27 16:27:35 ----D---- C:\ProgramData\Apple Computer
2012-07-27 16:26:30 ----D---- C:\ProgramData\Apple
2012-07-27 16:25:39 ----D---- C:\Users\Dominik\AppData\Roaming\WinRAR
2012-07-27 16:25:38 ----SHD---- C:\Windows\Installer
2012-07-27 16:23:34 ----D---- C:\Users\Dominik\AppData\Roaming\GHISLER
2012-07-27 16:19:57 ----A---- C:\Windows\system32\cabview.dll
2012-07-27 16:19:55 ----A---- C:\Windows\system32\rdpcore.dll
2012-07-27 16:19:55 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2012-07-27 16:17:02 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-07-27 16:16:09 ----A---- C:\Windows\system32\wups2.dll
2012-07-27 16:16:09 ----A---- C:\Windows\system32\wuauclt.exe
2012-07-27 16:16:07 ----A---- C:\Windows\system32\wucltux.dll
2012-07-27 16:16:07 ----A---- C:\Windows\system32\wuaueng.dll
2012-07-27 16:15:58 ----A---- C:\Windows\system32\wups.dll
2012-07-27 16:15:58 ----A---- C:\Windows\system32\wudriver.dll
2012-07-27 16:15:58 ----A---- C:\Windows\system32\wuapi.dll
2012-07-27 16:15:50 ----A---- C:\Windows\system32\wuwebv.dll
2012-07-27 16:15:50 ----A---- C:\Windows\system32\wuapp.exe
2012-07-27 16:12:06 ----D---- C:\Users\Dominik\AppData\Roaming\Identities
2012-07-27 16:11:35 ----SD---- C:\Users\Dominik\AppData\Roaming\Microsoft
2012-07-27 16:11:35 ----D---- C:\Users\Dominik\AppData\Roaming\Media Center Programs
2012-07-27 16:08:08 ----SHD---- C:\Recovery
2012-07-27 16:08:08 ----SHD---- C:\ProgramData\Šablony
2012-07-27 16:08:08 ----SHD---- C:\ProgramData\Plocha
2012-07-27 16:08:08 ----SHD---- C:\ProgramData\Oblíbené položky
2012-07-27 16:08:08 ----SHD---- C:\ProgramData\Nabídka Start
2012-07-27 16:08:08 ----SHD---- C:\ProgramData\Dokumenty
2012-07-27 16:08:08 ----SHD---- C:\ProgramData\Data aplikací
2012-07-27 15:59:07 ----D---- C:\Windows\SoftwareDistribution
2012-07-27 15:55:50 ----D---- C:\Windows\Prefetch
2012-07-27 15:55:38 ----ASH---- C:\hiberfil.sys
2012-07-27 15:55:35 ----SHD---- C:\System Volume Information

======List of files/folders modified in the last 3 months======

2012-10-20 15:52:14 ----D---- C:\Windows\Temp
2012-10-20 13:24:43 ----D---- C:\Windows\system32\config
2012-10-20 12:19:54 ----D---- C:\Windows
2012-10-20 11:21:16 ----D---- C:\Windows\System32
2012-10-20 11:21:13 ----D---- C:\Windows\system32\drivers
2012-10-20 11:21:01 ----D---- C:\Windows\inf
2012-10-20 11:20:58 ----D---- C:\Windows\system32\DriverStore
2012-10-19 13:50:35 ----RD---- C:\Program Files
2012-10-19 12:53:18 ----D---- C:\Windows\system32\catroot
2012-10-12 18:33:06 ----D---- C:\Windows\Logs
2012-10-12 18:33:06 ----D---- C:\Windows\debug
2012-10-12 16:54:51 ----D---- C:\Windows\Microsoft.NET
2012-10-12 16:45:44 ----HD---- C:\ProgramData
2012-10-12 16:44:03 ----D---- C:\Program Files\Common Files
2012-10-11 17:40:25 ----SHD---- C:\$Recycle.Bin
2012-10-11 17:09:40 ----D---- C:\Windows\winsxs
2012-10-11 17:06:32 ----D---- C:\Windows\system32\cs-CZ
2012-10-10 15:44:51 ----D---- C:\Windows\system32\catroot2
2012-09-22 17:04:58 ----D---- C:\Windows\system32\migration
2012-09-22 17:04:58 ----D---- C:\Program Files\Internet Explorer
2012-09-16 13:59:34 ----RSD---- C:\Windows\assembly
2012-09-13 20:28:38 ----RSD---- C:\Windows\Fonts
2012-09-13 20:22:01 ----SD---- C:\ProgramData\Microsoft
2012-09-13 20:21:16 ----D---- C:\Program Files\Common Files\microsoft shared
2012-09-02 20:02:51 ----D---- C:\Windows\system32\Tasks
2012-09-02 20:02:48 ----D---- C:\Windows\Tasks
2012-08-15 14:50:32 ----D---- C:\Windows\system32\LogFiles
2012-08-15 14:48:47 ----D---- C:\Windows\system32\drivers\UMDF
2012-08-14 11:08:40 ----D---- C:\Windows\system32\wdi
2012-07-30 12:42:10 ----A---- C:\Windows\win.ini
2012-07-30 12:42:05 ----D---- C:\Program Files\Common Files\System
2012-07-29 16:45:07 ----D---- C:\Windows\system32\wfp
2012-07-29 16:45:06 ----D---- C:\Windows\system32\CodeIntegrity
2012-07-29 16:45:05 ----D---- C:\Windows\system32\wbem
2012-07-29 16:45:04 ----D---- C:\Windows\registration
2012-07-29 10:20:44 ----D---- C:\Windows\system32\en-US
2012-07-29 09:59:51 ----D---- C:\Windows\AppPatch
2012-07-29 09:59:47 ----D---- C:\Program Files\Windows Mail
2012-07-29 09:59:46 ----D---- C:\Windows\ehome
2012-07-29 09:59:38 ----D---- C:\Program Files\Windows Journal
2012-07-29 09:59:35 ----D---- C:\Windows\system32\Boot
2012-07-29 09:59:28 ----D---- C:\Program Files\Windows Media Player
2012-07-29 09:59:09 ----D---- C:\Windows\PolicyDefinitions
2012-07-28 12:23:05 ----D---- C:\Program Files\MSBuild
2012-07-28 12:16:00 ----D---- C:\Windows\ShellNew
2012-07-27 21:46:12 ----D---- C:\Windows\twain_32
2012-07-27 17:14:11 ----D---- C:\Windows\system
2012-07-27 16:53:13 ----D---- C:\Windows\Setup
2012-07-27 16:11:35 ----RD---- C:\Users
2012-07-27 16:08:26 ----D---- C:\Windows\system32\restore
2012-07-27 16:08:08 ----D---- C:\Program Files\Windows NT
2012-07-27 16:00:12 ----D---- C:\Windows\system32\sysprep
2012-07-27 15:56:54 ----D---- C:\Windows\CSC

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-08-21 44784]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-08-21 729752]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-08-21 355632]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-08-21 54232]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-27 242240]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-08-21 21256]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-08-21 58680]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
R3 cmpci;C-Media PCI Audio Driver (WDM); C:\Windows\system32\drivers\cmaudio.sys [2009-08-21 280782]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
R2 avast! Antivirus;avast! Antivirus; D:\Avast\AvastSvc.exe [2012-08-21 44808]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DraftSight API Service;DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [2012-07-07 78336]
R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE [2007-12-17 143872]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [2007-01-11 113664]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-08-13 3064000]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service; D:\SolidWorks 2012 SP02\SolidWorks\swScheduler\DTSCoordinatorService.exe [2012-01-20 89160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-10-12 1044816]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-16 115168]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2012-10-12 79360]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-07-28 1343400]
S4 msvsmon80;Visual Studio 2005 Remote Debugger; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2005-09-23 2799808]

-----------------EOF------------------

#2 Příspěvek od **vyosek** » 20 říj 2012 15:05

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Search
Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

Dominator95 · #3 Příspěvek od **Dominator95** » 20 říj 2012 15:11

# AdwCleaner v2.005 - Logfile created 10/20/2012 at 16:09:13
# Updated 14/10/2012 by Xplode
# Operating system : Windows 7 Professional (32 bits)
# User : Dominik - DOMINIK-PC
# Boot Mode : Normal
# Running from : C:\Users\Dominik\Downloads\adwcleaner.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

File Found : C:\user.js
Folder Found : C:\Program Files\incredibar.com
Folder Found : C:\Program Files\Smartdl
Folder Found : C:\Program Files\TSearch
Folder Found : C:\ProgramData\Trymedia

***** [Registry] *****

Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Found : HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Key Found : HKLM\SOFTWARE\Classes\I
Key Found : HKLM\SOFTWARE\Classes\Incredibar.dskBnd
Key Found : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1
Key Found : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr
Key Found : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1
Key Found : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Key Found : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Found : HKLM\Software\incredibar.com
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
Key Found : HKLM\Software\Web Assistant
Key Found : HKU\S-1-5-21-225031741-2692859406-3082480967-1001\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F9639E4A-801B-4843-AEE3-03D9DA199E77}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://mystart.incredibar.com/mb174?a=6R8BmSYpQN&i=26

-\\ Mozilla Firefox v16.0.1 (cs)

Profile name : default
File : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\clato6kz.default\prefs.js

Found : user_pref("browser.newtab.url", "hxxp://mystart.incredibar.com/mb174?a=6R8BmSYpQN&loc=FF_NT");
Found : user_pref("browser.search.defaultenginename", "MyStart Search");
Found : user_pref("browser.search.selectedEngine", "MyStart Search");
Found : user_pref("extensions.incredibar.admin", false);
Found : user_pref("extensions.incredibar.aflt", "orgnl");
Found : user_pref("extensions.incredibar.cntry", "CZ");
Found : user_pref("extensions.incredibar.dfltLng", "");
Found : user_pref("extensions.incredibar.dfltSrch", false);
Found : user_pref("extensions.incredibar.did", "10671");
Found : user_pref("extensions.incredibar.envrmnt", "production");
Found : user_pref("extensions.incredibar.excTlbr", false);
Found : user_pref("extensions.incredibar.hdrMd5", "56B95DE1EDE995C4384A7AF67E0AF2A8");
Found : user_pref("extensions.incredibar.hmpg", false);
Found : user_pref("extensions.incredibar.id", "60e01cb90000000000000015f276e129");
Found : user_pref("extensions.incredibar.installerproductid", "26");
Found : user_pref("extensions.incredibar.instlDay", "15559");
Found : user_pref("extensions.incredibar.instlRef", "");
Found : user_pref("extensions.incredibar.isDcmntCmplt", true);
Found : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1417:26:22");
Found : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
Found : user_pref("extensions.incredibar.newTab", false);
Found : user_pref("extensions.incredibar.noFFXTlbr", false);
Found : user_pref("extensions.incredibar.ppd", "77777106");
Found : user_pref("extensions.incredibar.prdct", "incredibar");
Found : user_pref("extensions.incredibar.productid", "26");
Found : user_pref("extensions.incredibar.prtnrId", "Incredibar");
Found : user_pref("extensions.incredibar.sg", "none");
Found : user_pref("extensions.incredibar.smplGrp", "none");
Found : user_pref("extensions.incredibar.tlbrId", "base");
Found : user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8BmSYpQN&loc=IB_T[...]
Found : user_pref("extensions.incredibar.upn2", "6R8BmSYpQN");
Found : user_pref("extensions.incredibar.upn2n", "92824840366390573");
Found : user_pref("extensions.incredibar.vrsn", "1.5.11.14");
Found : user_pref("extensions.incredibar.vrsnTs", "1.5.11.1417:26:22");
Found : user_pref("extensions.incredibar.vrsni", "1.5.11.14");
Found : user_pref("extensions.incredibar_i.aflt", "orgnl");
Found : user_pref("extensions.incredibar_i.dfltLng", "");
Found : user_pref("extensions.incredibar_i.did", "10671");
Found : user_pref("extensions.incredibar_i.excTlbr", false);
Found : user_pref("extensions.incredibar_i.id", "60e01cb90000000000000015f276e129");
Found : user_pref("extensions.incredibar_i.installerproductid", "26");
Found : user_pref("extensions.incredibar_i.instlDay", "15559");
Found : user_pref("extensions.incredibar_i.instlRef", "");
Found : user_pref("extensions.incredibar_i.ms_url_id", "");
Found : user_pref("extensions.incredibar_i.newTab", false);
Found : user_pref("extensions.incredibar_i.ppd", "77777106");
Found : user_pref("extensions.incredibar_i.prdct", "incredibar");
Found : user_pref("extensions.incredibar_i.productid", "26");
Found : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Found : user_pref("extensions.incredibar_i.smplGrp", "none");
Found : user_pref("extensions.incredibar_i.tlbrId", "base");
Found : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8BmSYpQN&loc=IB[...]
Found : user_pref("extensions.incredibar_i.upn2", "6R8BmSYpQN");
Found : user_pref("extensions.incredibar_i.upn2n", "92824840366390573");
Found : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Found : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1417:26:22");
Found : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Found : user_pref("keyword.URL", "hxxp://mystart.incredibar.com/mb174/?loc=IB_DS&a=6R8BmSYpQN&&i=26&search="[...]
Found : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]

-\\ Google Chrome v22.0.1229.94

File : C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.62] : icon_url = "hxxp://mystart.incredibar.com/mb174/favicon.ico",
Found [l.65] : keyword = "mystart.incredibar.com/mb174",
Found [l.68] : search_url = "hxxp://mystart.incredibar.com/mb174/?loc=IB_DS&search={searchTerms}&a=6R8BmSYpQN&i=26",

*************************

AdwCleaner[R1].txt - [10180 octets] - [20/10/2012 16:09:13]

########## EOF - C:\AdwCleaner[R1].txt - [10241 octets] ##########

#4 Příspěvek od **vyosek** » 20 říj 2012 15:30

Spustte znovu AdwCleaner

Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
Kliknete na Delete
PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

Dominator95 · #5 Příspěvek od **Dominator95** » 20 říj 2012 16:00

# AdwCleaner v2.005 - Logfile created 10/20/2012 at 16:56:29
# Updated 14/10/2012 by Xplode
# Operating system : Windows 7 Professional (32 bits)
# User : Dominik - DOMINIK-PC
# Boot Mode : Normal
# Running from : C:\Users\Dominik\Downloads\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

***** [Registry] *****

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.1 (cs)

Profile name : default
File : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\clato6kz.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v22.0.1229.94

File : C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.61] : icon_url = "hxxp://mystart.incredibar.com/mb174/favicon.ico",
Deleted [l.64] : keyword = "mystart.incredibar.com/mb174",
Deleted [l.67] : search_url = "hxxp://mystart.incredibar.com/mb174/?loc=IB_DS&search={searchTerms}&a=6R8BmSYpQN&i=26",

*************************

AdwCleaner[R1].txt - [10311 octets] - [20/10/2012 16:09:13]
AdwCleaner[S1].txt - [10615 octets] - [20/10/2012 16:48:48]
AdwCleaner[S2].txt - [1191 octets] - [20/10/2012 16:56:29]

########## EOF - C:\AdwCleaner[S2].txt - [1251 octets] ##########

#6 Příspěvek od **vyosek** » 20 říj 2012 16:30

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

Dominator95 · #7 Příspěvek od **Dominator95** » 20 říj 2012 17:38

OTL logfile created on: 20.10.2012 17:44:51 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dominik\Downloads
Professional (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,30 Mb Total Physical Memory | 501,53 Mb Available Physical Memory | 49,01% Memory free
2,00 Gb Paging File | 1,19 Gb Available in Paging File | 59,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 18,63 Gb Total Space | 2,23 Gb Free Space | 11,95% Space Free | Partition Type: NTFS
Drive D: | 18,63 Gb Total Space | 10,32 Gb Free Space | 55,38% Space Free | Partition Type: NTFS

Computer Name: DOMINIK-PC | User Name: Dominik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.10.20 17:41:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dominik\Downloads\OTL.exe
PRC - [2012.08.21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- D:\Avast\AvastUI.exe
PRC - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- D:\Avast\AvastSvc.exe
PRC - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.07 07:00:56 | 000,078,336 | ---- | M] (Dassault Systèmes) -- C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
PRC - [2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.08.21 20:31:56 | 001,216,512 | ---- | M] (C-Media Electronic Inc. (http://www.cmedia.com.tw)) -- C:\Windows\Mixer.exe
PRC - [2009.08.18 02:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009.08.18 02:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2007.12.17 15:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
PRC - [2007.05.31 16:21:28 | 000,648,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdcBase.exe
PRC - [2007.03.12 13:49:46 | 001,209,904 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007.03.12 13:49:26 | 000,153,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2007.01.11 15:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE

========== Modules (No Company Name) ==========

MOD - [2012.10.10 12:06:15 | 000,460,312 | ---- | M] () -- C:\Users\Dominik\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppgooglenaclpluginchrome.dll
MOD - [2012.10.10 12:06:13 | 012,435,992 | ---- | M] () -- C:\Users\Dominik\AppData\Local\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll
MOD - [2012.10.10 12:06:12 | 004,005,912 | ---- | M] () -- C:\Users\Dominik\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
MOD - [2012.10.10 12:04:57 | 000,578,072 | ---- | M] () -- C:\Users\Dominik\AppData\Local\Google\Chrome\Application\22.0.1229.94\libglesv2.dll
MOD - [2012.10.10 12:04:55 | 000,123,928 | ---- | M] () -- C:\Users\Dominik\AppData\Local\Google\Chrome\Application\22.0.1229.94\libegl.dll
MOD - [2012.10.10 12:04:44 | 000,156,712 | ---- | M] () -- C:\Users\Dominik\AppData\Local\Google\Chrome\Application\22.0.1229.94\avutil-51.dll
MOD - [2012.10.10 12:04:43 | 000,275,496 | ---- | M] () -- C:\Users\Dominik\AppData\Local\Google\Chrome\Application\22.0.1229.94\avformat-54.dll
MOD - [2012.10.10 12:04:42 | 002,168,360 | ---- | M] () -- C:\Users\Dominik\AppData\Local\Google\Chrome\Application\22.0.1229.94\avcodec-54.dll
MOD - [2007.09.20 18:34:58 | 000,129,024 | ---- | M] () -- D:\WinRAR\RarExt.dll
MOD - [2007.06.02 01:14:02 | 000,314,368 | ---- | M] () -- D:\WinRAR\rarlng.dll

========== Services (SafeList) ==========

SRV - [2012.10.16 14:07:26 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.12 16:44:04 | 000,079,360 | ---- | M] (SolidWorks) [On_Demand | Stopped] -- C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service)
SRV - [2012.10.12 16:44:03 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012.10.09 20:23:26 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- D:\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.28 20:08:03 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.07 07:00:56 | 000,078,336 | ---- | M] (Dassault Systèmes) [Auto | Running] -- C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe -- (DraftSight API Service)
SRV - [2012.01.20 04:00:10 | 000,089,160 | ---- | M] (Dassault Systèmes SolidWorks Corp.) [On_Demand | Stopped] -- D:\SolidWorks 2012 SP02\SolidWorks\swScheduler\DTSCoordinatorService.exe -- (CoordinatorServiceHost)
SRV - [2009.08.18 02:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.12.17 15:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE -- (EPSON_EB_RPCV4_01)
SRV - [2007.05.31 16:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 16:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007.01.11 15:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE -- (EPSON_PM_RPCV4_01)
SRV - [2005.09.23 07:01:16 | 002,799,808 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon80)

========== Driver Services (SafeList) ==========

DRV - [2012.08.21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.08.21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.08.21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.08.21 11:13:14 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.08.21 11:13:14 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012.08.21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.07.27 17:29:38 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.08.17 09:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009.09.28 09:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009.08.21 20:35:14 | 000,280,782 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cmaudio.sys -- (cmpci)
DRV - [2009.08.18 03:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.07.14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009.07.14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009.07.14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009.03.18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2004.08.13 09:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-225031741-2692859406-3082480967-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-225031741-2692859406-3082480967-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-225031741-2692859406-3082480967-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Dominik\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Dominik\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: D:\Avast\WebRep\FF [2012.08.31 14:50:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.16 14:07:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.16 14:06:57 | 000,000,000 | ---D | M]

[2012.07.27 17:01:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominik\AppData\Roaming\Mozilla\Extensions
[2012.08.26 10:43:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\clato6kz.default\extensions
[2012.10.16 14:06:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.10.16 14:06:44 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.10.16 14:07:29 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.01.11 04:55:48 | 000,258,560 | ---- | M] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\mozilla firefox\plugins\npEModelPlugin.dll
[2012.09.06 06:25:45 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.09.06 06:25:45 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.09.06 06:25:45 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.09.06 06:25:45 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.09.06 06:25:45 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - homepage: http://www.seznam.cz/
CHR - default_search_provider: MyStart Search (Enabled)
CHR - default_search_provider: search_url = http://mystart.incredibar.com/mb174/?lo ... SYpQN&i=26
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Dominik\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Dominik\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Dominik\AppData\Local\Google\Chrome\Application\22.0.1229.94\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Dominik\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: YouTube = C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: YouTube = C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] D:\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [C-Media Mixer] C:\Windows\Mixer.exe (C-Media Electronic Inc. (http://www.cmedia.com.tw))
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-225031741-2692859406-3082480967-1001..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-225031741-2692859406-3082480967-1001..\Run: [DAEMON Tools Lite] D:\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-225031741-2692859406-3082480967-1001..\Run: [EPSON SX100 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.3 217.197.152.132 217.197.144.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2452409F-5A8C-4B29-A561-7F539F21A1E3}: DhcpNameServer = 192.168.1.3 217.197.152.132 217.197.144.22
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.10.19 13:50:35 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.10.19 13:50:33 | 000,000,000 | ---D | C] -- C:\rsit
[2012.10.16 14:06:37 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.10.15 15:09:26 | 000,000,000 | ---D | C] -- C:\Windows\rescache

========== Files - Modified Within 7 Days ==========

[2012.10.20 17:48:44 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.10.20 17:20:02 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.20 17:10:01 | 000,000,970 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-225031741-2692859406-3082480967-1001UA.job
[2012.10.20 17:07:14 | 000,014,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.20 17:07:14 | 000,014,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.20 16:58:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.20 16:58:46 | 804,757,504 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.19 20:10:00 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-225031741-2692859406-3082480967-1001Core.job
[2012.10.19 12:57:05 | 000,631,054 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.10.19 12:57:05 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.10.19 12:57:05 | 000,121,708 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.10.19 12:57:05 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat

========== Files Created - No Company Name ==========

[2012.10.20 17:48:44 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.10.13 09:02:11 | 000,000,025 | ---- | C] () -- C:\Windows\mixerdef.ini
[2012.09.14 16:04:08 | 000,000,000 | ---- | C] () -- C:\Users\Dominik\AppData\Local\Temptable.xml
[2012.09.13 20:41:33 | 000,000,000 | ---- | C] () -- C:\Windows\eDrawingOfficeAutomator.INI
[2012.09.01 11:49:35 | 000,010,313 | ---- | C] () -- C:\Users\Dominik\AppData\Roaming\uTorrent.torrent
[2012.07.30 20:35:01 | 000,007,605 | ---- | C] () -- C:\Users\Dominik\AppData\Local\Resmon.ResmonCfg
[2012.07.27 17:13:28 | 000,184,320 | ---- | C] () -- C:\Windows\W2KSetup.exe
[2012.07.27 17:13:27 | 000,122,880 | ---- | C] () -- C:\Windows\cmuninst.exe
[2012.07.27 17:13:27 | 000,122,880 | ---- | C] () -- C:\Windows\cmuninst.dat
[2012.07.27 17:13:23 | 000,000,026 | ---- | C] () -- C:\Windows\CMCDPLAY.INI
[2012.07.27 15:59:16 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

========== ZeroAccess Check ==========

[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012.10.07 10:53:21 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\BlackBean
[2012.10.18 16:17:53 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\DAEMON Tools Lite
[2012.09.13 20:36:48 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\DassaultSystemes
[2012.09.13 20:55:52 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\DraftSight
[2012.09.14 16:08:40 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\EDrawings
[2012.07.29 16:45:06 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\GHISLER
[2012.07.28 10:42:48 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\TreeCardGames
[2012.10.12 18:34:42 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\uTorrent

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 06:53:46 | 000,032,538 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2012.07.27 16:54:56 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.07.27 16:55:23 | 000,000,918 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-225031741-2692859406-3082480967-1001Core.job
[2012.07.27 16:55:24 | 000,000,970 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-225031741-2692859406-3082480967-1001UA.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\System32\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SoftwareDistribution\Download\4a7f49b3f65af6828820068e5dd598c8\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\SoftwareDistribution\Download\4a7f49b3f65af6828820068e5dd598c8\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\4a7f49b3f65af6828820068e5dd598c8\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\SoftwareDistribution\Download\4a7f49b3f65af6828820068e5dd598c8\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\System32\hal.dll
[2009.07.14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SoftwareDistribution\Download\4a7f49b3f65af6828820068e5dd598c8\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.04.25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010.11.20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\SoftwareDistribution\Download\4a7f49b3f65af6828820068e5dd598c8\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2012.03.30 12:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\System32\drivers\tcpip.sys
[2012.03.30 12:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011.04.25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2012.03.30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011.04.25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012.03.30 11:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2012.03.30 12:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\4a7f49b3f65af6828820068e5dd598c8\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\SoftwareDistribution\Download\4a7f49b3f65af6828820068e5dd598c8\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< >

< %systemroot%*.* /U /s >
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\System32\spool\drivers\w32x86\{12AFD9D9-3AD9-47D2-B114-1A84DD1CD535}\*.tmp files -> C:\Windows\System32\spool\drivers\w32x86\{12AFD9D9-3AD9-47D2-B114-1A84DD1CD535}\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2012.08.22 22:22:00 | 000,209,269 | ---- | M] () -- C:\torrent.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.09.11 20:54:19 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Adobe
[2012.08.02 21:39:24 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Ahead
[2012.07.27 16:30:54 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Apple Computer
[2012.10.07 10:53:21 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\BlackBean
[2012.10.18 16:17:53 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\DAEMON Tools Lite
[2012.09.13 20:36:48 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\DassaultSystemes
[2012.09.13 20:55:52 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\DraftSight
[2012.09.14 16:08:40 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\EDrawings
[2012.07.29 16:45:06 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\GHISLER
[2012.07.27 16:12:06 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Identities
[2012.07.27 16:58:16 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Macromedia
[2009.07.14 11:20:15 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Media Center Programs
[2012.10.14 20:18:54 | 000,000,000 | --SD | M] -- C:\Users\Dominik\AppData\Roaming\Microsoft
[2012.07.27 17:01:04 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Mozilla
[2012.10.20 15:59:06 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Skype
[2012.10.19 15:12:33 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\SolidWorks
[2012.09.15 12:56:58 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\SolidWorks 2012
[2012.07.28 10:42:48 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\TreeCardGames
[2012.10.12 18:34:42 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\uTorrent
[2012.07.27 16:25:39 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2012.10.20 18:20:31 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.10.19 20:10:00 | 000,000,918 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-225031741-2692859406-3082480967-1001Core.job
[2012.10.20 18:10:09 | 000,000,970 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-225031741-2692859406-3082480967-1001UA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.10.20 17:07:14 | 000,014,256 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.20 17:07:14 | 000,014,256 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.19 12:57:05 | 000,121,708 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2012.10.19 12:57:05 | 000,106,190 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2012.10.19 12:57:05 | 000,631,054 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2012.10.19 12:57:05 | 000,615,810 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2012.10.19 12:57:05 | 001,470,062 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >
[2012.08.22 22:22:00 | 000,209,269 | ---- | M] () -- C:\torrent.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Google Update" = "C:\Users\Dominik\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2012.07.27 16:55:22 | 000,116,648 | ---- | M] (Google Inc.)
"DAEMON Tools Lite" = "D:\DAEMON Tools Lite\DTLite.exe" -autorun -- [2012.02.13 10:06:56 | 003,481,408 | ---- | M] (DT Soft Ltd)
"EPSON SX100 Series" = C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE /FU "C:\Windows\TEMP\E_SA1FC.tmp" /EF "HKCU" -- [2008.02.05 17:00:00 | 000,188,928 | ---- | M] (SEIKO EPSON CORPORATION)
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" -- [2007.03.12 13:49:26 | 000,153,136 | ---- | M] (Nero AG)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.10.16 14:07:28 | 000,917,984 | ---- | M] (Mozilla Corporation) MD5=BC03475EC281AA1E685388896ACADE8D -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012.08.24 09:34:41 | 000,748,680 | ---- | M] (Microsoft Corporation) MD5=22CC6CDBA678790046693654C3B212E4 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.10.20 17:48:44 | 000,000,512 | ---- | M] () MD5=38B381E126BDF7137CE9AC5E644B77CA -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2012.09.16 16:01:04 | 000,022,556 | ---- | M] () -- \Users\Dominik\AppData\Roaming\uTorrent\Crashday pc and crack works 100% perfect.torrent

< *keygen* /s >

< *loader* /s >
[2007.03.12 13:48:46 | 000,177,712 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2012.01.20 07:42:20 | 001,723,976 | ---- | M] () -- \Program Files\Common Files\Manažer instalací SolidWorks\20.0\sldimdownloader.exe
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2005.09.23 04:24:22 | 000,061,440 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader80.dll
[2005.09.22 23:23:44 | 000,004,608 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader80.tlb
[2009.05.31 03:21:00 | 000,071,008 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2012.06.18 12:39:40 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.06.18 12:39:40 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.06.18 12:39:40 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.06.18 12:39:40 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.09.13 20:14:38 | 000,001,100 | ---- | M] () -- \Users\Dominik\AppData\Roaming\SolidWorks\Installation Logs\2012 SP2.0\Other Logs\IMDownloaderVersion.xml
[2012.09.13 20:14:43 | 000,001,614 | ---- | M] () -- \Users\Dominik\AppData\Roaming\SolidWorks\Installation Logs\Misc Logs\sldIMDownloaderLog_00001.txt
[2009.04.03 12:39:20 | 000,070,936 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\6A1554C134743904194E4177DC560534\9.9.203\PhysXLoader.dll.EFBABE66_E43C_474F_A6F1_F0312317E9E1
[2010.07.01 20:09:54 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2010.11.20 07:28:20 | 000,002,838 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a7f49b3f65af6828820068e5dd598c8\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_fi-fi_178685823786d34d.manifest
[2010.11.20 07:38:52 | 000,002,838 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a7f49b3f65af6828820068e5dd598c8\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_d8268e5f2967c990.manifest
[2012.08.18 13:09:17 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.09.02 19:58:05 | 000,071,008 | ---- | M] () -- \Windows\System32\physxloader.dll
[2009.07.14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.07.14 10:43:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 10:43:57 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.07.14 10:43:57 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2012.07.28 20:34:26 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2012.07.28 20:34:26 | 000,507,568 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed_winload.exe_75835076
[2012.07.28 20:34:26 | 000,442,920 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed_winresume.exe_85cd1215
[2009.07.14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.14 10:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 03:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 09:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 09:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 05:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 13:09:17 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:32:13 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

Dominator95 · #8 Příspěvek od **Dominator95** » 20 říj 2012 17:39

OTL Extras logfile created on: 20.10.2012 17:44:51 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dominik\Downloads
Professional (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,30 Mb Total Physical Memory | 501,53 Mb Available Physical Memory | 49,01% Memory free
2,00 Gb Paging File | 1,19 Gb Available in Paging File | 59,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 18,63 Gb Total Space | 2,23 Gb Free Space | 11,95% Space Free | Partition Type: NTFS
Drive D: | 18,63 Gb Total Space | 10,32 Gb Free Space | 55,38% Space Free | Partition Type: NTFS

Computer Name: DOMINIK-PC | User Name: Dominik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10D7EA00-BEFB-4ADF-B809-CA249E4EF3C6}" = rport=445 | protocol=6 | dir=out | app=system |
"{16712576-9883-4F2B-B916-5E3766182A32}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{35290C79-FDF0-4909-B383-6F8FBD4E3DE5}" = lport=445 | protocol=6 | dir=in | app=system |
"{381A26CC-68EE-415E-9635-C017E9491325}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{3D7C4CD9-6B2C-4028-A8C7-9585AD0FBEFC}" = lport=138 | protocol=17 | dir=in | app=system |
"{44388424-206A-4DF4-B658-D3E00A3D8625}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{48D3EC83-2BAD-4DCD-A5F7-A037A3CEA7A3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4E4AE861-60DA-490A-9AD7-4F05F549FE37}" = lport=2869 | protocol=6 | dir=in | app=system |
"{617238A3-BD6A-4CF6-98D9-3F9F5FA517F4}" = lport=10243 | protocol=6 | dir=in | app=system |
"{6D2820AE-856E-4CC4-B6F8-E0D1BB0BE10B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{73084443-7735-4A26-8870-3392677BA449}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7E5C234A-4476-4899-A0AA-5DF778FD98CE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{864B57A4-92AA-422B-A37F-7010242364A5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{8A80117E-DCC6-4CA5-892B-173DD3E0CD2D}" = rport=138 | protocol=17 | dir=out | app=system |
"{B04385BC-55E0-4270-9884-4B6D1DF0316B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B0FDB70C-7253-4334-BFF5-22F0D12D6E3F}" = rport=139 | protocol=6 | dir=out | app=system |
"{BB0040F0-F61F-47C0-805B-8D89F7592F6E}" = lport=137 | protocol=17 | dir=in | app=system |
"{E2BA5F2F-3E48-4D50-800B-177976326431}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E3F182B1-799B-4C39-B69F-5534CE35F942}" = rport=137 | protocol=17 | dir=out | app=system |
"{E902BED2-7CC5-4851-A774-6CE35EBE32C0}" = lport=139 | protocol=6 | dir=in | app=system |
"{F324FB48-19E9-412F-AE65-99745261DCB1}" = rport=10243 | protocol=6 | dir=out | app=system |
"{F5B3F644-DBFB-4AA2-B23A-1DB4801857A4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{FE571E8B-AA75-487A-A9D0-76523A7E98D3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FFC0C40C-EFB9-4FC4-9253-03BF26BFCC2A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0790FD2B-375D-485B-9CA8-EEB15EB6C027}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0BB6B52A-5CE8-4B9E-BE8D-E9E30AF1F856}" = protocol=17 | dir=in | app=d:\μtorrent\utorrent.exe |
"{11A3F6B8-0B58-4153-B32A-5957C810EB2E}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe |
"{2D9214F0-A351-4A74-A713-3C09B5957230}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{3D7AF6E0-68D3-474D-A927-E8D5522DD9D0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4598F243-778A-4E0F-96A3-B54635D3F663}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4A619F04-904F-41A6-A9DF-F6D9170EFBEE}" = protocol=6 | dir=out | app=system |
"{4DDD371E-CD1B-4FDA-ADC0-6A99C5A68E39}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{4F0473F4-DCC1-4D7D-A42C-95E09AD3828B}" = protocol=6 | dir=in | app=d:\hry\landwirtschafts simulator 2011\game.exe |
"{5109B9B7-584C-4B7B-B449-8ED51C2AE98D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5F9BED37-C37B-453E-8FBD-35E700F80793}" = protocol=17 | dir=in | app=d:\hry\landwirtschafts simulator 2011\game.exe |
"{69B0FA55-E431-499D-9D8B-38B378925E72}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{6A00F57A-559F-404B-83CA-923754BD7445}" = protocol=17 | dir=in | app=d:\solidworks 2012 sp02\solidworks\swscheduler\dtscoordinatorservice.exe |
"{78AC4D76-FB6A-43C4-9FE4-31A25C764CB8}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{920223B6-AE5F-4F0F-A17C-E5F0E7DE9FCC}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{93C1C552-3185-4DE8-88FC-D24ECC0FD4C4}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{94970BC7-A02A-4D3A-8EA7-65B97B002345}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{985FF435-138B-485E-AFE3-3A545E9F1015}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9FB0B40D-E4B4-4CB8-ACA9-57F18A44C052}" = protocol=6 | dir=in | app=d:\μtorrent\utorrent.exe |
"{ABBFC605-E977-4E9F-AE50-5E1FF3E1AB8B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{ADEC46FC-328B-44B6-932D-5FBF37E84EB1}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B120631A-353F-4B98-AC10-6CB5503D2B10}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B85ABCAD-4C06-4953-9D2C-B685D849D7BA}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{C34E1E63-8892-4E95-B76B-5BAC396DBD0B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C6B946D0-A285-4AFF-8E4E-B4B545852348}" = protocol=6 | dir=in | app=d:\hry\landwirtschafts simulator 2011\farmingsimulator2011.exe |
"{CFA4E595-CE27-4476-83F4-B71E6018AFA7}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe |
"{D8CF155A-6157-41BA-B19F-83A2463ED856}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DB667FC8-8FA4-47FC-8966-CACE45464FE4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E2E0F0E6-ED83-4F6B-9344-CE6BA41EA755}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E369010E-4B56-4A30-886B-F7AECBF8F535}" = protocol=6 | dir=in | app=d:\solidworks 2012 sp02\solidworks\swscheduler\dtscoordinatorservice.exe |
"{F7F1B07C-E353-404D-9995-763FBB1491A7}" = protocol=17 | dir=in | app=d:\hry\landwirtschafts simulator 2011\farmingsimulator2011.exe |
"{F85C68C8-966B-4E7F-96AD-8165042A9A04}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{FBAF513E-AD83-4AF3-86DF-15333EE475EC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{FBDBF78B-BDF6-4BC1-8B64-AE1307AB3E8F}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{FEBFA7F1-B997-4927-B14B-35DE0CE73B4D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{17736E30-BBE1-4B8E-9DD5-DE60A3E9336C}D:\total commander\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=d:\total commander\totalcmd\totalcmd.exe |
"TCP Query User{36AD7B79-8BD9-4D33-B111-464168CDB288}D:\hry\traktor 2\game.exe" = protocol=6 | dir=in | app=d:\hry\traktor 2\game.exe |
"TCP Query User{3C9939F6-B93F-4704-B73F-3527A9380A58}D:\hry\valve\hltv.exe" = protocol=6 | dir=in | app=d:\hry\valve\hltv.exe |
"TCP Query User{3CAFEDAF-8FA7-4598-92BD-B501E4888279}D:\µtorrent\utorrent.exe" = protocol=6 | dir=in | app=d:\μtorrent\utorrent.exe |
"TCP Query User{41B32A8C-B16F-4E80-BCE1-4E5BF4F03B09}D:\hry\valve\hlds.exe" = protocol=6 | dir=in | app=d:\hry\valve\hlds.exe |
"TCP Query User{4B03FDDB-B9D7-40BF-BD1B-BD37E37A7E03}D:\total commander\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=d:\total commander\totalcmd\totalcmd.exe |
"TCP Query User{5B93A931-532F-4BE5-B068-E6A1BC2CEE08}D:\µtorrent\µtorrent.exe" = protocol=6 | dir=in | app=d:\μtorrent\μtorrent.exe |
"TCP Query User{6A6A5D45-306D-44E1-808D-9C70CAA2FB5D}D:\hry\valve\hltv.exe" = protocol=6 | dir=in | app=d:\hry\valve\hltv.exe |
"TCP Query User{6EC7CFB6-B714-441C-8EE5-6D68D392854C}D:\hry\valve\hlds.exe" = protocol=6 | dir=in | app=d:\hry\valve\hlds.exe |
"TCP Query User{71C69A03-83BE-4908-9ED3-EEE579C46694}D:\hry\valve\hl.exe" = protocol=6 | dir=in | app=d:\hry\valve\hl.exe |
"TCP Query User{774A01D0-A567-4A32-8CA2-BF45C2E0A395}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{8F98FE7A-92E5-4096-82CD-216DFB5888A4}D:\skype\phone\skype.exe" = protocol=6 | dir=in | app=d:\skype\phone\skype.exe |
"TCP Query User{A32BFB3E-59D0-4ECA-B7D4-BB765A777854}C:\users\dominik\downloads\skypeportable\app\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\users\dominik\downloads\skypeportable\app\skype\phone\skype.exe |
"TCP Query User{BBB0BD78-4641-43E4-8FB1-A255F9B609CF}D:\skype\phone\skype.exe" = protocol=6 | dir=in | app=d:\skype\phone\skype.exe |
"TCP Query User{C38568B9-E1E0-4AB7-9E6C-F5D0C22188D8}C:\users\dominik\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\dominik\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{DE26FA76-DFEE-4AB6-9621-E04DE289AB03}D:\µtorrent\utorrent.exe" = protocol=6 | dir=in | app=d:\μtorrent\utorrent.exe |
"TCP Query User{E3068B95-347B-43A4-AF49-9743BA7D9B41}D:\hry\valve\hl.exe" = protocol=6 | dir=in | app=d:\hry\valve\hl.exe |
"TCP Query User{E9B4F224-C282-4C0F-A46A-326EC3D9DA13}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{111E4BE2-72E8-4AC9-A8AE-128919C57D58}C:\users\dominik\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\dominik\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{36A1E5D9-81F5-4B37-8882-A9155FD2ECBC}D:\hry\valve\hl.exe" = protocol=17 | dir=in | app=d:\hry\valve\hl.exe |
"UDP Query User{48DFAF6A-6F2D-4C1B-BBAB-B99A597A51BD}D:\hry\valve\hl.exe" = protocol=17 | dir=in | app=d:\hry\valve\hl.exe |
"UDP Query User{4D49EFE5-8575-42DA-BB5F-1B01EBDD03FE}D:\µtorrent\µtorrent.exe" = protocol=17 | dir=in | app=d:\μtorrent\μtorrent.exe |
"UDP Query User{5BEB1711-A61E-49A7-A65B-ABC8C57CE1C2}D:\skype\phone\skype.exe" = protocol=17 | dir=in | app=d:\skype\phone\skype.exe |
"UDP Query User{6704B7CE-E4DB-45FA-87CB-ADBF9DF6F78B}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{6E2F5B9A-B517-480F-A13B-CC96E71DC28C}D:\hry\valve\hlds.exe" = protocol=17 | dir=in | app=d:\hry\valve\hlds.exe |
"UDP Query User{7D80672D-5FFF-4FB3-B089-0FCC8AFDE653}D:\µtorrent\utorrent.exe" = protocol=17 | dir=in | app=d:\μtorrent\utorrent.exe |
"UDP Query User{80698360-2D8E-46AF-A914-90B94B29AAA1}D:\skype\phone\skype.exe" = protocol=17 | dir=in | app=d:\skype\phone\skype.exe |
"UDP Query User{8C3D23E3-45B1-45E5-AA49-8693AA4F2337}D:\hry\traktor 2\game.exe" = protocol=17 | dir=in | app=d:\hry\traktor 2\game.exe |
"UDP Query User{97AF1662-882B-46EA-BDF6-0CF6F7F6E03C}D:\hry\valve\hltv.exe" = protocol=17 | dir=in | app=d:\hry\valve\hltv.exe |
"UDP Query User{995E4272-1DC1-4E1F-BBA9-D50F61185F51}D:\total commander\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=d:\total commander\totalcmd\totalcmd.exe |
"UDP Query User{9D836ECA-2657-4EAA-9358-2382E997019F}C:\users\dominik\downloads\skypeportable\app\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\users\dominik\downloads\skypeportable\app\skype\phone\skype.exe |
"UDP Query User{B94B3651-25EE-43A3-A047-98792E023E29}D:\µtorrent\utorrent.exe" = protocol=17 | dir=in | app=d:\μtorrent\utorrent.exe |
"UDP Query User{D7586A0A-A631-481E-B338-3F8A86539094}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{D7E34B53-2FDC-4026-A331-5DD6BFCB3512}D:\hry\valve\hlds.exe" = protocol=17 | dir=in | app=d:\hry\valve\hlds.exe |
"UDP Query User{F4BE898A-0B89-4646-B74E-6D277AF6BE26}D:\hry\valve\hltv.exe" = protocol=17 | dir=in | app=d:\hry\valve\hltv.exe |
"UDP Query User{F9A84B43-3B2D-4038-ADC8-7872BD649808}D:\total commander\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=d:\total commander\totalcmd\totalcmd.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4F2CE68F-EDBB-4592-BF07-5AC930A51029}" = Nero 7 Ultra Edition
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADE1C0F-CC4B-46CC-92E2-855B6E39BD2A}" = WRC 2 FIA World Rally Championship
"{8EBF1B19-7756-42E5-A663-93ACB1D1FEA8}" = DraftSight
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Czech
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C3311072-AB92-41FD-8B99-924D67317874}" = SolidWorks 2012 Czech Resources
"{D481EA96-2313-4A7C-98EE-710D1AF884AC}" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"{D8E824B6-78C0-4079-9B23-B86C8D9A78A1}" = SolidWorks eDrawings 2012 SP02
"{E4BB976A-A6E5-49A4-9885-A58B519C2705}" = WRC 2 FIA World Rally Championship
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{FE706200-62BF-4D25-8B34-DC31189DE902}" = SolidWorks 2012 SP02
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"Die Polizei" = Police Force
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Scanner" = EPSON Scan
"EPSON SX100 Series" = Odinstalace tiskárny EPSON SX100 Series
"FarmingSimulator2011DE_is1" = Landwirtschafts Simulator 2011
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft Visual Studio 2005 Tools for Applications - ENU" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"Mozilla Firefox 16.0.1 (x86 cs)" = Mozilla Firefox 16.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PCI Audio Driver" = PCI Audio Driver
"SolidWorks Installation Manager 20120-40200-1100-200" = SolidWorks 2012 SP02
"uTorrent" = µTorrent

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-225031741-2692859406-3082480967-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 16.10.2012 7:58:16 | Computer Name = Dominik-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Microsoft Visual
Studio 8\Common7\IDE\Remote Debugger\x64\msvsmon.exe se nezdařilo. Závislé sestavení
Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 16.10.2012 7:58:16 | Computer Name = Dominik-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Microsoft Visual
Studio 8\Common7\IDE\Remote Debugger\ia64\msvsmon.exe se nezdařilo. Závislé sestavení
Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 16.10.2012 8:48:08 | Computer Name = Dominik-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Microsoft Visual
Studio 8\Common7\IDE\Remote Debugger\x64\msvsmon.exe se nezdařilo. Závislé sestavení
Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 16.10.2012 8:48:08 | Computer Name = Dominik-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Microsoft Visual
Studio 8\Common7\IDE\Remote Debugger\ia64\msvsmon.exe se nezdařilo. Závislé sestavení
Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 16.10.2012 11:13:45 | Computer Name = Dominik-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Microsoft Visual
Studio 8\Common7\IDE\Remote Debugger\x64\msvsmon.exe se nezdařilo. Závislé sestavení
Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 16.10.2012 11:13:45 | Computer Name = Dominik-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Microsoft Visual
Studio 8\Common7\IDE\Remote Debugger\ia64\msvsmon.exe se nezdařilo. Závislé sestavení
Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 16.10.2012 13:14:31 | Computer Name = Dominik-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: hl.exe, verze: 1.1.1.1, časové razítko:
0x48feaf5a Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16915, časové razítko:
0x4ec49caf Kód výjimky: 0xc0000005 Posun chyby: 0x000574fe ID chybujícího procesu:
0xf00 Čas spuštění chybující aplikace: 0x01cdabc187aeab2c Cesta k chybující aplikaci:
D:\Hry\Valve\hl.exe Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll ID
zprávy: f284ba56-17b4-11e2-ae87-0015f276e129

Error - 17.10.2012 11:33:41 | Computer Name = Dominik-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Microsoft Visual
Studio 8\Common7\IDE\Remote Debugger\x64\msvsmon.exe se nezdařilo. Závislé sestavení
Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 17.10.2012 11:33:41 | Computer Name = Dominik-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Microsoft Visual
Studio 8\Common7\IDE\Remote Debugger\ia64\msvsmon.exe se nezdařilo. Závislé sestavení
Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 20.10.2012 10:16:43 | Computer Name = Dominik-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: hl.exe, verze: 1.1.1.1, časové razítko:
0x48feaf5a Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16915, časové razítko:
0x4ec49caf Kód výjimky: 0xc0000005 Posun chyby: 0x000574fe ID chybujícího procesu:
0xcc0 Čas spuštění chybující aplikace: 0x01cdaecd4f4ee9fa Cesta k chybující aplikaci:
D:\Hry\Valve\hl.exe Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll ID
zprávy: c59db1ae-1ac0-11e2-8004-0015f276e129

[ System Events ]
Error - 20.10.2012 6:18:55 | Computer Name = Dominik-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 20.10.2012 8:28:20 | Computer Name = Dominik-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Některé funkce řízení napájení při činnosti procesoru byly zakázány
z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.

Error - 20.10.2012 8:28:30 | Computer Name = Dominik-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 20.10.2012 8:28:30 | Computer Name = Dominik-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 20.10.2012 10:51:22 | Computer Name = Dominik-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Některé funkce řízení napájení při činnosti procesoru byly zakázány
z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.

Error - 20.10.2012 10:51:32 | Computer Name = Dominik-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 20.10.2012 10:51:32 | Computer Name = Dominik-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 20.10.2012 10:58:45 | Computer Name = Dominik-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Některé funkce řízení napájení při činnosti procesoru byly zakázány
z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.

Error - 20.10.2012 10:58:54 | Computer Name = Dominik-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 20.10.2012 10:58:54 | Computer Name = Dominik-PC | Source = atikmdag | ID = 43029
Description = Display is not active

< End of report >

#9 Příspěvek od **vyosek** » 20 říj 2012 17:41

Jen se zeptam, pouzivate legalni windows

Dominator95 · #10 Příspěvek od **Dominator95** » 20 říj 2012 17:51

Myslím že jo

mám ho od kámoše ten pc !

#11 Příspěvek od **vyosek** » 20 říj 2012 17:53

Nasledujici soubory otestujte na VirusTotalu https://www.virustotal.com/cs/

c:\Windows\Setup\SCRIPTS\Windows7Loader.exe
Kliknete na Choose file
Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
Kliknete na Scan It
Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
Vysledek analyzy sem vlozte (jako odkaz)

#12 Příspěvek od **vyosek** » 20 říj 2012 17:54

A soubor, ktery je crackem na W7 se tam dostal jak, ze by zapomenuta ozdoba z vanoc

#13 Příspěvek od **vyosek** » 20 říj 2012 17:55

Nejak to menite, nejdriv ano, ted uz jen myslite

Ja myslim, ze to tu brzy pro poruseni pravidel zamknu

Dominator95 · #14 Příspěvek od **Dominator95** » 20 říj 2012 18:01

https://www.virustotal.com/file/4c9ba22 ... 350752427/

#15 Příspěvek od **vyosek** » 20 říj 2012 18:03

vyosek píše:A soubor, ktery je crackem na W7 se tam dostal jak, ze by zapomenuta ozdoba z vanoc

VIRY.CZ

Kontrola Logu

Kontrola Logu

Re: Kontrola Logu

Re: Kontrola Logu

Re: Kontrola Logu

Re: Kontrola Logu

Re: Kontrola Logu

Re: Kontrola Logu

Re: Kontrola Logu

Re: Kontrola Logu

Re: Kontrola Logu

Re: Kontrola Logu

Re: Kontrola Logu

Re: Kontrola Logu

Re: Kontrola Logu

Re: Kontrola Logu