VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o preventivku

https://forum.viry.cz:443/viewtopic.php?t=128155

Stránka 1 z 2

Prosím o preventivku

Napsal: 17 úno 2013 08:11
od Euronymous
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 10.7.2
Run by Pejcha Petr at 8:07:43 on 2013-02-17
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.1526.725 [GMT 1:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\C3PO v111.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Mir4nda-IM-0.9.41-Pack-v2.9.6\miranda32.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Windows\system32\taskeng.exe
C:\Users\Pejcha Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pejcha Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pejcha Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pejcha Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [Google Update] "c:\users\pejcha petr\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Sony PC Companion] "c:\program files\sony\sony pc companion\PCCompanion.exe" /Background
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [sys32] c:\windows\system32\C3PO v111.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\pejcha petr\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 213.46.172.36 213.46.172.37
TCP: Interfaces\{14F3BA95-5D9E-4FD7-90FD-BA3B92B3FB32} : DHCPNameServer = 213.46.172.36 213.46.172.37
TCP: Interfaces\{D175A9B6-BB47-405F-AFEA-DFF5FC2B92A0} : DHCPNameServer = 213.46.172.36 213.46.172.37
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\pejcha petr\appdata\roaming\mozilla\firefox\profiles\prz3i82k.default\
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\users\pejcha petr\appdata\local\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2012-5-25 242240]
R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\sony ericsson\sony ericsson pc suite\SupServ.exe [2012-11-22 90112]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [2012-5-26 27632]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2012-11-26 12400]
S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2012-12-31 16472]
S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2012-12-31 11104]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-5-22 15872]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [2012-11-22 86824]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [2012-11-22 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [2012-11-22 114600]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [2012-11-22 108328]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [2012-11-22 26024]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [2012-11-22 104616]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [2012-11-22 109736]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [2012-11-22 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\drivers\s1018mdfl.sys [2012-11-22 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\drivers\s1018mdm.sys [2012-11-22 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1018mgmt.sys [2012-11-22 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1018nd5.sys [2012-11-22 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\drivers\s1018obex.sys [2012-11-22 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1018unic.sys [2012-11-22 109864]
S3 Sony PC Companion;Sony PC Companion;c:\program files\sony\sony pc companion\PCCService.exe [2012-11-26 155320]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-5-25 52224]
S3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\wat\WatAdminSvc.exe [2012-5-25 1343400]
S3 wxpSvc;webcamXP Service;c:\program files\webcamxp 5\wService.exe [2011-7-27 5023744]
.
=============== Created Last 30 ================
.
2013-02-17 07:03:03 -------- d-----w- c:\program files\trend micro
2013-02-16 11:58:13 2656 ----a-w- c:\windows\system32\C3PO v111.exe
2013-02-16 11:27:22 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2013-02-16 11:26:12 21840 ----a-w- c:\windows\system32\SIntfNT.dll
2013-02-16 11:26:12 17212 ----a-w- c:\windows\system32\SIntf32.dll
2013-02-16 11:26:12 12067 ----a-w- c:\windows\system32\SIntf16.dll
2013-02-16 11:10:15 94208 ----a-w- c:\windows\DIIUnin.exe
2013-02-16 11:10:15 2829 ----a-w- c:\windows\DIIUnin.pif
2013-02-15 16:43:57 6991832 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{4a2f318d-47dc-4814-944c-8e1a10dbae53}\mpengine.dll
2013-02-12 20:22:55 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-02-12 20:22:06 3967848 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-12 20:22:01 3913064 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-12 20:21:55 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-12 20:21:53 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-12 20:21:32 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-02-03 17:38:26 -------- d-----w- c:\users\pejcha petr\appdata\local\Macromedia
2013-02-03 17:33:28 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-03 17:33:27 74096 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-02 07:55:31 -------- d-----w- c:\users\pejcha petr\.android
2013-02-02 07:54:32 -------- d-----w- c:\users\pejcha petr\appdata\local\Android
2013-02-02 07:36:05 581192 ----a-w- c:\windows\system32\WinUSBCoInstaller.dll
2013-02-02 07:36:05 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2013-01-27 10:40:54 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
2013-01-27 10:40:54 237568 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iscript.dll
2013-01-27 10:40:54 155648 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iuser.dll
2013-01-27 10:40:53 692224 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iKernel.dll
2013-01-27 10:40:53 57344 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\ctor.dll
2013-01-27 10:40:53 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\DotNetInstaller.exe
2013-01-27 10:40:50 163972 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iGdi.dll
2013-01-27 10:40:49 282756 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\setup.dll
2013-01-19 14:34:52 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2013-01-19 13:47:49 -------- d-----w- c:\program files\EA Sports
.
==================== Find3M ====================
.
2013-01-17 00:28:58 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-08 22:11:21 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-01-08 22:03:20 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-01-08 22:03:12 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-01-08 21:59:02 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-01-08 21:58:29 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-01-08 21:56:23 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-12-16 14:13:28 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-11-26 11:13:16 25200 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2012-11-26 11:13:16 1461992 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2012-11-26 11:13:16 12400 ----a-w- c:\windows\system32\drivers\ggflt.sys
2012-11-23 02:48:41 49152 ----a-w- c:\windows\system32\taskhost.exe
2012-11-22 18:21:39 148736 ----a-w- c:\programdata\hpe2107.dll
2012-11-20 04:51:09 220160 ----a-w- c:\windows\system32\ncrypt.dll
.
============= FINISH: 8:08:25,43 ===============

Re: Prosím o preventivku

Napsal: 17 úno 2013 09:08
od Márty84
Zdravim :)

:???: Jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze :?:

:???: Nevidim tam antivir. Proc? Kontrolovat nezabezpeceny pc je zbytecne. Je jen otazkou casu, nez bude infikovan.

:???: Nejste tady poprve, tak proc nejdrive davate log z DDS a ne z RSIT (ma to sve duvody, ukaze toho vic), jak se pise v pravidlech fora?

Re: Prosím o preventivku

Napsal: 17 úno 2013 10:19
od Euronymous
Také zdravím,

systém je legální :) antivir dnes budu instalovat, během včerejška mi avast free házel chybu, takže akorát přeinstalovávám.

RSIT mi nešel udělat log, házel jakousi chybu na konci. (spuštěno jako správce a staženo zde z fóra).

Re: Prosím o preventivku

Napsal: 17 úno 2013 10:20
od Márty84
OK. Zkuste udelat RSIT v nouzovem rezimu.

Re: Prosím o preventivku

Napsal: 17 úno 2013 11:59
od Euronymous
Logfile of random's system information tool 1.09 (written by random/random)
Run by Pejcha Petr at 2013-02-17 11:59:27
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 6 GB (21%) free of 30 GB
Total RAM: 1526 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:59:33, on 17.2.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16464)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Mir4nda-IM-0.9.41-Pack-v2.9.6\miranda32.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Users\Pejcha Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pejcha Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pejcha Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pejcha Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pejcha Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pejcha Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskmgr.exe
D:\RSIT.exe
C:\Program Files\trend micro\Pejcha Petr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [sys32] C:\Windows\system32\C3PO v111.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Pejcha Petr\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Pejcha Petr\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: webcamXP Service (wxpSvc) - Unknown owner - C:\Program Files\webcamXP 5\wService.exe

--
End of file - 4952 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4282015285-1654600802-1937256806-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4282015285-1654600802-1937256806-1001UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Pejcha Petr\AppData\Roaming\Mozilla\Firefox\Profiles\prz3i82k.default

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.149 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Pejcha Petr\AppData\Roaming\Mozilla\Firefox\Profiles\prz3i82k.default\extensions\
{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-04 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-04 157672]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"sys32"=C:\Windows\system32\C3PO v111.exe [2005-08-04 2656]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Pejcha [2012-10-13 38168]
"Sony PC Companion"=C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [2013-01-07 446648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-02-17 08:03:03 ----D---- C:\Program Files\trend micro
2013-02-17 08:03:02 ----D---- C:\rsit
2013-02-16 15:21:57 ----D---- C:\Users\Pejcha Petr\AppData\Roaming\InstallShield
2013-02-16 15:18:59 ----RASH---- C:\MSDOS.SYS
2013-02-16 15:18:59 ----RASH---- C:\IO.SYS
2013-02-16 13:37:52 ----A---- C:\Windows\system32\sysdata.dat
2013-02-16 12:58:13 ----A---- C:\Windows\system32\C3PO v111.exe
2013-02-16 12:27:22 ----A---- C:\Windows\system32\CmdLineExt03.dll
2013-02-16 12:26:12 ----A---- C:\Windows\system32\SIntfNT.dll
2013-02-16 12:26:12 ----A---- C:\Windows\system32\SIntf32.dll
2013-02-16 12:26:12 ----A---- C:\Windows\system32\SIntf16.dll
2013-02-16 12:10:21 ----A---- C:\Windows\DIIUnin.dat
2013-02-16 12:10:15 ----A---- C:\Windows\DIIUnin.pif
2013-02-16 12:10:15 ----A---- C:\Windows\DIIUnin.exe
2013-02-12 23:28:50 ----A---- C:\Windows\system32\mshtmled.dll
2013-02-12 23:28:49 ----A---- C:\Windows\system32\vbscript.dll
2013-02-12 23:28:48 ----A---- C:\Windows\system32\jsproxy.dll
2013-02-12 23:28:47 ----A---- C:\Windows\system32\ieUnatt.exe
2013-02-12 23:28:47 ----A---- C:\Windows\system32\ieui.dll
2013-02-12 23:28:46 ----A---- C:\Windows\system32\msfeeds.dll
2013-02-12 23:28:44 ----A---- C:\Windows\system32\wininet.dll
2013-02-12 23:28:43 ----A---- C:\Windows\system32\jscript.dll
2013-02-12 23:28:42 ----A---- C:\Windows\system32\url.dll
2013-02-12 23:28:42 ----A---- C:\Windows\system32\jscript9.dll
2013-02-12 23:28:41 ----A---- C:\Windows\system32\iertutil.dll
2013-02-12 23:28:38 ----A---- C:\Windows\system32\urlmon.dll
2013-02-12 23:28:36 ----A---- C:\Windows\system32\mshtml.dll
2013-02-12 23:28:33 ----A---- C:\Windows\system32\ieframe.dll
2013-02-12 21:22:55 ----A---- C:\Windows\system32\win32k.sys
2013-02-12 21:22:06 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-02-12 21:22:01 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-02-12 21:21:55 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-02-12 21:21:53 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-02-12 21:21:32 ----A---- C:\Windows\system32\winsrv.dll
2013-02-03 18:33:28 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-02-03 18:33:25 ----D---- C:\Windows\system32\Macromed
2013-02-02 08:36:05 ----A---- C:\Windows\system32\WinUSBCoInstaller.dll
2013-02-02 08:36:05 ----A---- C:\Windows\system32\WdfCoInstaller01007.dll
2013-01-27 11:40:49 ----D---- C:\Program Files\Common Files\InstallShield
2013-01-22 22:41:21 ----D---- C:\Users\Pejcha Petr\AppData\Roaming\dvdcss
2013-01-22 21:36:58 ----D---- C:\Users\Pejcha Petr\AppData\Roaming\WinRAR
2013-01-21 21:53:04 ----D---- C:\Program Files\Microsoft Silverlight
2013-01-19 15:34:52 ----A---- C:\Windows\system32\CmdLineExt.dll
2013-01-19 15:29:02 ----D---- C:\Users\Pejcha Petr\AppData\Roaming\Leadertech
2013-01-19 14:47:49 ----D---- C:\Program Files\EA Sports

======List of files/folders modified in the last 1 month======

2013-02-17 11:59:30 ----D---- C:\Windows\Temp
2013-02-17 11:56:46 ----D---- C:\Windows\Prefetch
2013-02-17 08:59:55 ----D---- C:\Windows\system32\config
2013-02-17 08:03:03 ----RD---- C:\Program Files
2013-02-16 16:26:45 ----D---- C:\Users\Pejcha Petr\AppData\Roaming\DAEMON Tools Lite
2013-02-16 16:13:20 ----D---- C:\ProgramData\AVAST Software
2013-02-16 16:11:41 ----D---- C:\Windows\System32
2013-02-16 16:11:41 ----D---- C:\Windows
2013-02-16 16:11:31 ----D---- C:\Windows\system32\drivers
2013-02-16 16:11:13 ----SHD---- C:\System Volume Information
2013-02-16 15:34:08 ----D---- C:\Windows\inf
2013-02-16 15:28:01 ----D---- C:\Windows\winsxs
2013-02-16 15:23:18 ----HD---- C:\Program Files\InstallShield Installation Information
2013-02-16 15:23:14 ----SHD---- C:\Windows\Installer
2013-02-16 15:23:06 ----D---- C:\Program Files\Common Files
2013-02-16 15:22:53 ----D---- C:\Program Files\STORMWARE
2013-02-16 15:19:05 ----HD---- C:\ProgramData
2013-02-16 15:19:00 ----D---- C:\Program Files\Zuma Deluxe
2013-02-16 15:17:46 ----D---- C:\Users\Pejcha Petr\AppData\Roaming\Zoner
2013-02-16 15:14:49 ----D---- C:\Program Files\MyPhoneExplorer
2013-02-16 15:14:48 ----D---- C:\Users\Pejcha Petr\AppData\Roaming\MyPhoneExplorer
2013-02-16 15:14:34 ----D---- C:\Program Files\JDownloader
2013-02-16 15:12:45 ----D---- C:\Users\Pejcha Petr\AppData\Roaming\uTorrent
2013-02-16 15:12:33 ----D---- C:\Windows\Panther
2013-02-16 15:12:33 ----D---- C:\Windows\Logs
2013-02-16 15:12:33 ----D---- C:\Windows\debug
2013-02-16 15:12:32 ----D---- C:\Windows\Minidump
2013-02-13 17:55:03 ----D---- C:\Windows\Microsoft.NET
2013-02-13 17:54:42 ----RSD---- C:\Windows\assembly
2013-02-13 07:24:30 ----D---- C:\Windows\system32\migration
2013-02-13 07:24:29 ----D---- C:\Program Files\Internet Explorer
2013-02-12 23:31:39 ----A---- C:\Windows\system32\MRT.exe
2013-02-12 23:30:48 ----A---- C:\Windows\win.ini
2013-02-12 23:29:10 ----D---- C:\Windows\system32\catroot2
2013-02-12 23:29:10 ----D---- C:\Windows\system32\catroot
2013-02-03 18:37:45 ----D---- C:\Program Files\Mozilla Firefox
2013-02-03 18:37:31 ----D---- C:\ProgramData\Adobe
2013-02-03 18:33:58 ----D---- C:\Windows\system32\Tasks
2013-02-03 18:33:55 ----D---- C:\Windows\Tasks
2013-02-02 10:32:56 ----D---- C:\Windows\system32\DriverStore
2013-01-27 12:19:49 ----D---- C:\Program Files\Microsoft Office
2013-01-26 08:53:58 ----D---- C:\Users\Pejcha Petr\AppData\Roaming\vlc
2013-01-25 19:50:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-01-23 23:21:59 ----D---- C:\Program Files\Common Files\microsoft shared
2013-01-22 22:49:54 ----RSD---- C:\Windows\Fonts
2013-01-21 21:53:42 ----SD---- C:\ProgramData\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-09-02 721904]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-05-25 242240]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R3 BCM43XX;Broadcom 802.11 – ovladač síťového adaptéru; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-07-13 1131008]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2009-07-13 46080]
R3 Cam5603D;Acer OrbiCam; C:\Windows\System32\Drivers\BisonCam.sys [2006-10-30 806320]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 efipsk;efipsk; \??\C:\Users\PEJCHA [2012-10-13 38168]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-11-26 12400]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-11-26 25200]
S3 mbr;mbr; \??\C:\Users\PEJCHA [2012-10-13 38168]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 pwdrvio;pwdrvio; \??\C:\Windows\system32\pwdrvio.sys [2010-08-16 16472]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2010-08-16 11104]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM); C:\Windows\system32\DRIVERS\s0017bus.sys [2008-10-21 86824]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 114600]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 108328]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS); C:\Windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 26024]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0017obex.sys [2008-10-21 104616]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM); C:\Windows\system32\DRIVERS\s0017unic.sys [2008-10-21 109736]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\Windows\system32\DRIVERS\s1018bus.sys [2009-03-25 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1018obex.sys [2009-03-25 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1018unic.sys [2009-03-25 109864]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;Sony Ericsson sa0102 ADB Interface; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-10 251248]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-14 113120]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-05-24 1343400]
S3 wxpSvc;webcamXP Service; C:\Program Files\webcamXP 5\wService.exe [2011-07-27 5023744]

-----------------EOF-----------------

Re: Prosím o preventivku

Napsal: 17 úno 2013 12:07
od Márty84
:arrow: Najdete tento soubor C:\Windows\system32\C3PO v111.exe a otestujte ho na virustotal, pripadne jotti http://forum.viry.cz/viewtopic.php?f=29&t=5846 Vysledky sem zkopirujte, nebo dejte odkaz.


:???: Na co cekate s tim antivirem? :?:


:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

Re: Prosím o preventivku

Napsal: 17 úno 2013 13:44
od Euronymous
http://virusscan.jotti.org/cs/scanresul ... a40ff32417 - výsledky C3po v111.exe

avast už je tam :-)

logy z OTL zašlu hned jak to doběhne, ale již to běží přes hodinu...

Re: Prosím o preventivku

Napsal: 17 úno 2013 13:49
od Márty84
OK. Pokud bezi, nechte ho. Jestli se seknul, je treba to rict a udelame to jinak.

Re: Prosím o preventivku

Napsal: 17 úno 2013 13:50
od Euronymous
stále dole probíhají soubory :-)

Re: Prosím o preventivku

Napsal: 17 úno 2013 13:52
od Márty84
Fajn, tak pockame.

Re: Prosím o preventivku

Napsal: 17 úno 2013 13:57
od Euronymous
OTL logfile created on: 17.2.2013 12:33:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pejcha Petr\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,49 Gb Total Physical Memory | 0,51 Gb Available Physical Memory | 34,56% Memory free
2,98 Gb Paging File | 1,56 Gb Available in Paging File | 52,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 29,20 Gb Total Space | 5,59 Gb Free Space | 19,13% Space Free | Partition Type: NTFS
Drive D: | 82,49 Gb Total Space | 5,32 Gb Free Space | 6,45% Space Free | Partition Type: NTFS
Drive F: | 549,52 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: EURONYMOUS | User Name: Pejcha Petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.02.17 12:21:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pejcha Petr\Desktop\OTL.exe
PRC - [2013.01.07 12:03:32 | 000,446,648 | ---- | M] (Sony) -- C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
PRC - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.12.17 19:50:28 | 016,328,976 | ---- | M] (Google) -- C:\Program Files\Google\Drive\googledrivesync.exe
PRC - [2012.11.23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012.10.30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.04.30 10:57:42 | 000,067,072 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
PRC - [2012.01.10 00:57:28 | 000,820,309 | ---- | M] ( ) -- C:\Program Files\Mir4nda-IM-0.9.41-Pack-v2.9.6\miranda32.exe
PRC - [2010.12.17 06:56:10 | 003,707,808 | ---- | M] (Ghisler Software GmbH) -- C:\Program Files\totalcmd\TOTALCMD.EXE
PRC - [2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.30 11:23:26 | 000,090,112 | ---- | M] () -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe


========== Modules (No Company Name) ==========

MOD - [2013.02.17 12:30:24 | 000,571,392 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Temp\_MEI31282\pysqlite2._sqlite.pyd
MOD - [2013.02.17 12:30:24 | 000,263,168 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Temp\_MEI31282\win32com.shell.shell.pyd
MOD - [2013.02.17 12:30:24 | 000,153,088 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Temp\_MEI31282\pyexpat.pyd
MOD - [2013.02.17 12:30:24 | 000,096,256 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Temp\_MEI31282\win32api.pyd
MOD - [2013.02.17 12:30:24 | 000,086,016 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Temp\_MEI31282\_elementtree.pyd
MOD - [2013.02.17 12:30:24 | 000,070,656 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Temp\_MEI31282\wx._html2.pyd
MOD - [2013.02.17 12:30:24 | 000,040,448 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Temp\_MEI31282\_socket.pyd
MOD - [2013.02.17 12:30:24 | 000,023,040 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Temp\_MEI31282\win32ts.pyd
MOD - [2013.02.17 12:30:24 | 000,011,776 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Temp\_MEI31282\win32crypt.pyd
MOD - [2013.02.17 12:30:23 | 001,024,616 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Temp\_MEI31282\windows._cacheinvalidation.pyd
MOD - [2013.02.17 12:30:23 | 000,792,576 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Temp\_MEI31282\wx._gdi_.pyd
MOD - [2013.02.17 12:30:23 | 000,731,136 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Temp\_MEI31282\wx._misc_.pyd
MOD - [2013.02.17 12:30:23 | 000,354,304 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Temp\_MEI31282\pythoncom26.dll
MOD - [2013.02.17 12:30:23 | 000,110,592 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Temp\_MEI31282\win32security.pyd
MOD - [2013.02.17 12:30:23 | 000,110,592 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Temp\_MEI31282\PyWinTypes26.dll
MOD - [2013.02.17 12:30:23 | 000,073,728 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Temp\_MEI31282\_ctypes.pyd
MOD - [2013.02.17 12:30:23 | 000,017,920 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Temp\_MEI31282\win32profile.pyd
MOD - [2013.02.17 12:30:22 | 001,169,408 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Temp\_MEI31282\wx._core_.pyd
MOD - [2013.02.17 12:30:22 | 000,645,120 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Temp\_MEI31282\_ssl.pyd
MOD - [2013.02.17 12:30:22 | 000,036,352 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Temp\_MEI31282\win32process.pyd
MOD - [2013.02.17 12:30:22 | 000,022,528 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Temp\_MEI31282\win32pdh.pyd
MOD - [2013.02.17 12:30:21 | 000,807,424 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Temp\_MEI31282\wx._windows_.pyd
MOD - [2013.02.17 12:30:21 | 000,311,808 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Temp\_MEI31282\_hashlib.pyd
MOD - [2013.02.17 12:30:21 | 000,121,856 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Temp\_MEI31282\wx._wizard.pyd
MOD - [2013.02.17 12:30:21 | 000,111,104 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Temp\_MEI31282\win32file.pyd
MOD - [2013.02.17 12:30:21 | 000,039,424 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Temp\_MEI31282\win32inet.pyd
MOD - [2013.02.17 12:30:20 | 001,056,256 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Temp\_MEI31282\wx._controls_.pyd
MOD - [2013.02.17 12:30:20 | 000,585,728 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Temp\_MEI31282\unicodedata.pyd
MOD - [2013.02.17 12:30:20 | 000,017,920 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Temp\_MEI31282\win32event.pyd
MOD - [2013.02.17 12:30:20 | 000,011,776 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Temp\_MEI31282\select.pyd
MOD - [2013.02.16 13:15:48 | 000,043,520 | ---- | M] () -- C:\Windows\System32\CmdLineExt03.dll
MOD - [2013.02.14 21:28:41 | 012,638,576 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Google\Chrome\User Data\PepperFlash\11.6.602.167\pepflashplayer.dll
MOD - [2013.01.26 03:35:06 | 000,460,240 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppgooglenaclpluginchrome.dll
MOD - [2013.01.26 03:35:04 | 004,012,496 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll
MOD - [2013.01.26 03:34:19 | 000,597,968 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Google\Chrome\Application\24.0.1312.57\libglesv2.dll
MOD - [2013.01.26 03:34:18 | 000,124,368 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Google\Chrome\Application\24.0.1312.57\libegl.dll
MOD - [2013.01.26 03:34:16 | 001,552,848 | ---- | M] () -- C:\Users\Pejcha Petr\AppData\Local\Google\Chrome\Application\24.0.1312.57\ffmpegsumo.dll
MOD - [2012.11.07 16:25:36 | 000,204,288 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\MExplorer.dll
MOD - [2012.10.24 11:59:14 | 000,582,656 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\PhoneUpdate.dll
MOD - [2012.09.24 14:56:26 | 000,450,560 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\Calendar.dll
MOD - [2012.07.26 11:51:52 | 000,208,896 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\VistaCalendar.dll
MOD - [2012.04.30 10:57:42 | 000,067,072 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
MOD - [2012.04.30 10:57:42 | 000,039,936 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\TMonitorAPI.dll
MOD - [2012.04.04 14:33:24 | 000,139,776 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\CAgdLNotes.dll
MOD - [2012.03.16 12:51:02 | 000,188,416 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\CAgdOutlook.dll
MOD - [2012.02.13 09:53:50 | 000,086,016 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\CalEngine.dll
MOD - [2012.01.16 23:29:53 | 000,178,688 | ---- | M] () -- C:\Program Files\Mir4nda-IM-0.9.41-Pack-v2.9.6\Plugins\Svc_dbepp.dll
MOD - [2012.01.10 00:56:59 | 000,054,361 | ---- | M] () -- C:\Program Files\Mir4nda-IM-0.9.41-Pack-v2.9.6\zlib.dll
MOD - [2012.01.10 00:56:48 | 000,338,527 | ---- | M] () -- C:\Program Files\Mir4nda-IM-0.9.41-Pack-v2.9.6\Plugins\ICQ.dll
MOD - [2012.01.10 00:56:32 | 000,036,962 | ---- | M] () -- C:\Program Files\Mir4nda-IM-0.9.41-Pack-v2.9.6\Plugins\dbx_mmap.dll
MOD - [2011.09.08 23:47:50 | 000,094,315 | ---- | M] () -- C:\Program Files\Mir4nda-IM-0.9.41-Pack-v2.9.6\Plugins\StartupStatus.dll
MOD - [2011.09.08 23:44:54 | 000,069,745 | ---- | M] () -- C:\Program Files\Mir4nda-IM-0.9.41-Pack-v2.9.6\Plugins\AdvancedAutoAway.dll
MOD - [2011.09.08 23:06:00 | 000,114,688 | ---- | M] () -- C:\Program Files\Mir4nda-IM-0.9.41-Pack-v2.9.6\Plugins\Variables.dll
MOD - [2011.08.23 10:56:00 | 000,110,592 | ---- | M] () -- C:\Program Files\Mir4nda-IM-0.9.41-Pack-v2.9.6\Plugins\folders.dll
MOD - [2011.07.07 14:54:36 | 000,233,984 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\Report.dll
MOD - [2011.04.21 01:12:53 | 000,080,494 | ---- | M] () -- C:\Program Files\Mir4nda-IM-0.9.41-Pack-v2.9.6\Plugins\modernopt.dll
MOD - [2011.03.19 22:31:02 | 000,099,328 | ---- | M] () -- C:\Program Files\Mir4nda-IM-0.9.41-Pack-v2.9.6\Plugins\updater.dll
MOD - [2010.12.17 06:56:10 | 000,123,536 | ---- | M] () -- C:\Program Files\totalcmd\WCMZIP32.DLL
MOD - [2010.09.20 17:41:34 | 000,498,688 | ---- | M] () -- C:\Program Files\Mir4nda-IM-0.9.41-Pack-v2.9.6\Plugins\Fingerprint.dll
MOD - [2010.09.11 22:21:18 | 000,035,328 | ---- | M] () -- C:\Program Files\Mir4nda-IM-0.9.41-Pack-v2.9.6\Plugins\autorun.dll
MOD - [2010.08.13 06:43:49 | 000,062,976 | ---- | M] () -- C:\Program Files\Mir4nda-IM-0.9.41-Pack-v2.9.6\Plugins\MenuEx.dll
MOD - [2010.01.11 15:44:54 | 000,053,248 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\VObject.dll
MOD - [2009.11.21 16:05:40 | 000,039,936 | ---- | M] () -- C:\Program Files\Mir4nda-IM-0.9.41-Pack-v2.9.6\Plugins\favcontacts.dll
MOD - [2007.03.14 00:22:12 | 000,056,320 | ---- | M] () -- C:\Program Files\Mir4nda-IM-0.9.41-Pack-v2.9.6\Plugins\nickhistoryW.dll
MOD - [2006.06.21 15:21:46 | 000,057,344 | ---- | M] () -- C:\Program Files\Mir4nda-IM-0.9.41-Pack-v2.9.6\Plugins\AAAIdle.dll
MOD - [2005.07.02 23:41:12 | 000,006,144 | ---- | M] () -- C:\Program Files\Mir4nda-IM-0.9.41-Pack-v2.9.6\Plugins\uptime.dll


========== Services (SafeList) ==========

SRV - [2013.02.10 19:08:15 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.06.14 23:17:46 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.24 06:08:06 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012.01.18 13:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2011.07.27 20:58:30 | 005,023,744 | ---- | M] (Moonware Studios) [On_Demand | Stopped] -- C:\Program Files\webcamXP 5\wService.exe -- (wxpSvc)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.04.30 11:23:26 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\PEJCHA~1\AppData\Local\Temp\mbr.sys -- (mbr)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\PEJCHA~1\AppData\Local\Temp\efipsk.sys -- (efipsk)
DRV - [2012.11.26 12:13:16 | 000,025,200 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2012.11.26 12:13:16 | 000,012,400 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2012.10.30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.10.30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.10.30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.10.30 23:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.10.30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.10.15 17:59:28 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Unknown] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012.09.02 17:27:43 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2012.05.25 18:33:33 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2010.11.20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.08.16 15:31:08 | 000,016,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\pwdrvio.sys -- (pwdrvio)
DRV - [2010.08.16 15:31:06 | 000,011,104 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\pwdspio.sys -- (pwdspio)
DRV - [2009.07.13 23:02:49 | 000,046,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2009.03.25 16:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2009.03.25 16:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic)
DRV - [2009.03.25 16:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt)
DRV - [2009.03.25 16:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2009.03.25 16:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus)
DRV - [2009.03.25 16:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5)
DRV - [2009.03.25 16:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2008.10.21 09:22:48 | 000,114,600 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017mdm.sys -- (s0017mdm)
DRV - [2008.10.21 09:22:48 | 000,109,736 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017unic.sys -- (s0017unic)
DRV - [2008.10.21 09:22:48 | 000,108,328 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017mgmt.sys -- (s0017mgmt)
DRV - [2008.10.21 09:22:48 | 000,104,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017obex.sys -- (s0017obex)
DRV - [2008.10.21 09:22:48 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017bus.sys -- (s0017bus)
DRV - [2008.10.21 09:22:48 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017nd5.sys -- (s0017nd5)
DRV - [2008.10.21 09:22:48 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017mdfl.sys -- (s0017mdfl)
DRV - [2008.01.09 11:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri)
DRV - [2006.10.30 14:59:40 | 000,806,320 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BisonCam.sys -- (Cam5603D)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4282015285-1654600802-1937256806-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4282015285-1654600802-1937256806-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-4282015285-1654600802-1937256806-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}:0.17
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Pejcha Petr\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Pejcha Petr\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.02.17 12:22:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.06.18 19:24:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012.06.18 19:25:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pejcha Petr\AppData\Roaming\Mozilla\Extensions
[2012.12.30 13:39:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pejcha Petr\AppData\Roaming\Mozilla\Firefox\Profiles\prz3i82k.default\extensions
[2012.06.18 19:26:09 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Users\Pejcha Petr\AppData\Roaming\Mozilla\Firefox\Profiles\prz3i82k.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2012.10.08 18:54:40 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Pejcha Petr\AppData\Roaming\Mozilla\Firefox\Profiles\prz3i82k.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.06.18 19:24:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.06.14 23:19:07 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.06.15 01:05:40 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.06.15 01:05:40 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.06.15 01:05:40 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.06.15 01:05:41 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.06.15 01:05:41 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Pejcha Petr\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Pejcha Petr\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Pejcha Petr\AppData\Local\Google\Chrome\Application\24.0.1312.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Pejcha Petr\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Pejcha Petr\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: YouTube = C:\Users\Pejcha Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Pejcha Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Auto Replay for YouTube = C:\Users\Pejcha Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb\1.9.24_0\
CHR - Extension: Late Night = C:\Users\Pejcha Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgbdhkpacgdhfabeceekiafonfkipohm\1.0_0\
CHR - Extension: Gmail = C:\Users\Pejcha Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [sys32] C:\Windows\System32\C3PO v111.exe ()
O4 - HKU\S-1-5-21-4282015285-1654600802-1937256806-1001..\Run: [Sony PC Companion] C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-4282015285-1654600802-1937256806-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Pejcha Petr\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{14F3BA95-5D9E-4FD7-90FD-BA3B92B3FB32}: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D175A9B6-BB47-405F-AFEA-DFF5FC2B92A0}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2001.04.18 16:23:00 | 000,000,041 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{3bd95ca8-37ab-11e2-bd02-0016d460e452}\Shell - "" = AutoRun
O33 - MountPoints2\{3bd95ca8-37ab-11e2-bd02-0016d460e452}\Shell\AutoRun\command - "" = G:\Startme.exe
O33 - MountPoints2\{3c3dda10-a62b-11e1-9253-0016d460e452}\Shell - "" = AutoRun
O33 - MountPoints2\{3c3dda10-a62b-11e1-9253-0016d460e452}\Shell\AutoRun\command - "" = F:\SETUP.EXE -- [2001.04.30 18:33:00 | 000,032,768 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.02.17 12:24:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2013.02.17 12:23:46 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013.02.17 12:23:41 | 000,361,032 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013.02.17 12:23:41 | 000,021,256 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2013.02.17 12:23:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013.02.17 12:23:35 | 000,044,784 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2013.02.17 12:23:34 | 000,054,232 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2013.02.17 12:23:33 | 000,738,504 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013.02.17 12:23:30 | 000,058,680 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2013.02.17 12:22:41 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2013.02.17 12:22:41 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.02.17 12:21:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Pejcha Petr\Desktop\OTL.exe
[2013.02.17 08:07:14 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Pejcha Petr\Desktop\dds.com
[2013.02.17 08:03:03 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.02.17 08:03:02 | 000,000,000 | ---D | C] -- C:\rsit
[2013.02.16 15:21:57 | 000,000,000 | ---D | C] -- C:\Users\Pejcha Petr\AppData\Roaming\InstallShield
[2013.02.16 12:16:53 | 000,000,000 | ---D | C] -- C:\Users\Pejcha Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Diablo II
[2013.02.16 12:10:15 | 000,094,208 | ---- | C] (Blizzard Entertainment) -- C:\Windows\DIIUnin.exe
[2013.02.16 12:10:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II
[2013.02.12 23:28:50 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.02.12 23:28:48 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.02.12 23:28:47 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.02.12 23:28:47 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.02.12 23:28:46 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.02.12 23:28:42 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.02.12 23:28:42 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.02.12 23:28:38 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.02.12 21:22:55 | 002,347,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.02.12 21:22:06 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013.02.12 21:22:01 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.02.12 21:21:53 | 000,187,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2013.02.12 21:21:32 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2013.02.03 18:38:26 | 000,000,000 | ---D | C] -- C:\Users\Pejcha Petr\AppData\Local\Macromedia
[2013.02.03 18:33:28 | 000,697,712 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.02.03 18:33:27 | 000,074,096 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.02.03 18:33:25 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2013.02.02 08:55:31 | 000,000,000 | ---D | C] -- C:\Users\Pejcha Petr\.android
[2013.02.02 08:55:08 | 000,000,000 | ---D | C] -- C:\Users\Pejcha Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Android SDK Tools
[2013.02.02 08:54:32 | 000,000,000 | ---D | C] -- C:\Users\Pejcha Petr\AppData\Local\Android
[2013.02.02 08:36:05 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01007.dll
[2013.02.02 08:36:05 | 000,581,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinUSBCoInstaller.dll
[2013.01.27 11:41:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vivendi Universal Games
[2013.01.27 11:40:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2013.01.27 08:52:13 | 000,000,000 | ---D | C] -- C:\Users\Pejcha Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013.01.22 22:41:21 | 000,000,000 | ---D | C] -- C:\Users\Pejcha Petr\AppData\Roaming\dvdcss
[2013.01.22 21:36:58 | 000,000,000 | ---D | C] -- C:\Users\Pejcha Petr\AppData\Roaming\WinRAR
[2013.01.21 21:53:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.01.21 21:53:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013.01.19 15:34:52 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2013.01.19 15:31:07 | 000,000,000 | ---D | C] -- C:\Users\Pejcha Petr\Documents\NHL09
[2013.01.19 15:29:02 | 000,000,000 | ---D | C] -- C:\Users\Pejcha Petr\AppData\Roaming\Leadertech
[2013.01.19 14:47:49 | 000,000,000 | ---D | C] -- C:\Program Files\EA Sports
[2012.11.22 19:21:39 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe2107.dll

========== Files - Modified Within 30 Days ==========

[2013.02.17 12:38:26 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.02.17 12:33:05 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.17 12:33:02 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.17 12:23:42 | 000,002,115 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.02.17 12:23:30 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013.02.17 12:21:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pejcha Petr\Desktop\OTL.exe
[2013.02.17 12:08:04 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.17 12:04:02 | 000,000,986 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4282015285-1654600802-1937256806-1001UA.job
[2013.02.17 08:44:12 | 000,005,355 | ---- | M] () -- C:\Windows\System32\sysdata.dat
[2013.02.17 08:07:09 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Pejcha Petr\Desktop\dds.com
[2013.02.17 08:06:39 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.17 08:06:39 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.17 07:58:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.17 07:58:35 | 1200,185,344 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.16 19:19:20 | 000,001,043 | ---- | M] () -- C:\Users\Pejcha Petr\Desktop\C3PO – zástupce.lnk
[2013.02.16 18:04:01 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4282015285-1654600802-1937256806-1001Core.job
[2013.02.16 16:38:33 | 000,088,028 | ---- | M] () -- C:\Windows\DIIUnin.dat
[2013.02.16 16:31:27 | 000,094,208 | ---- | M] (Blizzard Entertainment) -- C:\Windows\DIIUnin.exe
[2013.02.16 16:31:27 | 000,002,829 | ---- | M] () -- C:\Windows\DIIUnin.pif
[2013.02.16 15:18:59 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2013.02.16 15:18:59 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2013.02.16 13:15:48 | 000,043,520 | ---- | M] () -- C:\Windows\System32\CmdLineExt03.dll
[2013.02.16 12:26:12 | 000,021,840 | ---- | M] () -- C:\Windows\System32\SIntfNT.dll
[2013.02.16 12:26:12 | 000,017,212 | ---- | M] () -- C:\Windows\System32\SIntf32.dll
[2013.02.16 12:26:12 | 000,012,067 | ---- | M] () -- C:\Windows\System32\SIntf16.dll
[2013.02.16 12:16:54 | 000,000,696 | ---- | M] () -- C:\Users\Pejcha Petr\Desktop\Diablo II - Lord of Destruction.lnk
[2013.02.13 07:27:22 | 000,287,000 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.02.10 19:08:14 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.02.10 19:08:14 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.02.02 09:24:54 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_WinUsb_01007.Wdf
[2013.01.29 17:24:26 | 000,001,972 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2013.01.27 11:53:51 | 000,000,770 | ---- | M] () -- C:\Users\Public\Desktop\The Simpsons Hit & Run.lnk
[2013.01.25 19:50:00 | 000,625,914 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2013.01.25 19:50:00 | 000,610,094 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.01.25 19:50:00 | 000,120,000 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2013.01.25 19:50:00 | 000,104,412 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.01.19 15:34:52 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2013.01.19 15:00:37 | 000,001,942 | ---- | M] () -- C:\Users\Public\Desktop\NHL® 09.lnk

========== Files Created - No Company Name ==========

[2013.02.17 12:38:26 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.02.17 12:23:58 | 000,000,950 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.17 12:23:56 | 000,000,946 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.17 12:23:42 | 000,002,115 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.02.16 19:19:20 | 000,001,043 | ---- | C] () -- C:\Users\Pejcha Petr\Desktop\C3PO – zástupce.lnk
[2013.02.16 15:18:59 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2013.02.16 15:18:59 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2013.02.16 13:37:52 | 000,005,355 | ---- | C] () -- C:\Windows\System32\sysdata.dat
[2013.02.16 12:58:13 | 000,002,656 | ---- | C] () -- C:\Windows\System32\C3PO v111.exe
[2013.02.16 12:27:22 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2013.02.16 12:26:12 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2013.02.16 12:26:12 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2013.02.16 12:26:12 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2013.02.16 12:16:54 | 000,000,696 | ---- | C] () -- C:\Users\Pejcha Petr\Desktop\Diablo II - Lord of Destruction.lnk
[2013.02.16 12:10:21 | 000,088,028 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2013.02.16 12:10:15 | 000,002,829 | ---- | C] () -- C:\Windows\DIIUnin.pif
[2013.02.03 18:33:55 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.02 09:24:54 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_WinUsb_01007.Wdf
[2013.01.29 17:24:26 | 000,001,972 | ---- | C] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2013.01.27 11:53:51 | 000,000,770 | ---- | C] () -- C:\Users\Public\Desktop\The Simpsons Hit & Run.lnk
[2013.01.19 15:00:37 | 000,001,942 | ---- | C] () -- C:\Users\Public\Desktop\NHL® 09.lnk
[2012.12.31 14:18:48 | 000,725,064 | ---- | C] () -- C:\Windows\System32\pwNative.exe
[2012.12.31 14:18:47 | 000,016,472 | ---- | C] () -- C:\Windows\System32\pwdrvio.sys
[2012.12.31 14:18:41 | 000,011,104 | ---- | C] () -- C:\Windows\System32\pwdspio.sys
[2012.11.29 23:31:09 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfmonnt.dll
[2012.06.15 22:48:09 | 000,015,190 | ---- | C] () -- C:\Windows\M2000Twn.ini
[2012.06.12 19:25:43 | 000,000,010 | ---- | C] () -- C:\Windows\popcinfo.dat
[2012.05.25 19:10:07 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2012.05.25 07:09:09 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2012.05.25 07:07:41 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe

========== ZeroAccess Check ==========

[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012.10.08 19:51:25 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\Audacity
[2013.02.16 16:26:45 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\DAEMON Tools Lite
[2012.10.13 19:09:19 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\DVDVideoSoft
[2012.06.15 23:16:49 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\GHISLER
[2013.01.19 15:29:02 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\Leadertech
[2013.02.16 15:14:48 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\MyPhoneExplorer
[2012.06.07 15:58:49 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\pdfforge
[2012.12.04 08:54:13 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\Radmin
[2012.12.24 14:19:11 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\runic games
[2012.10.01 17:16:06 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\Softplicity
[2012.09.02 17:28:33 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\StarBurn
[2013.02.16 15:12:45 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\uTorrent
[2012.10.01 17:07:21 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\YCanPDF
[2012.10.08 18:54:01 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\Youtube to MP3 Converter
[2013.02.16 15:17:46 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\Zoner

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 05:53:46 | 000,032,582 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2012.05.23 06:13:26 | 000,000,934 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4282015285-1654600802-1937256806-1001Core.job
[2012.05.23 06:13:27 | 000,000,986 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4282015285-1654600802-1937256806-1001UA.job
[2013.02.03 18:33:55 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.02.17 12:23:56 | 000,000,946 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.02.17 12:23:58 | 000,000,950 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: AGP440.SYS >
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2012.06.02 05:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2012.04.24 05:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2012.04.24 05:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2012.04.24 05:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[2012.06.02 05:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\System32\cryptsvc.dll
[2012.06.02 05:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2012.06.02 05:41:59 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=EA8C26ECF1656D9647EF044F115EC6DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll
[2012.06.02 05:45:21 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=F2FDE6C8DBAAD44CC58D1E07E4AF4EED -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll
[2012.04.24 05:33:53 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=F522279B4717E2BFF269C771FAC2B78E -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: IASTORV.SYS >
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\drivers\iaStorV.sys
[2010.11.20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\drivers\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\isapnp.sys

< MD5 for: LSASS.EXE >
[2011.11.17 08:09:25 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=05F38CB7CAB3CE8E9A1812D517DA93EF -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_a69c8e86d7476262\lsass.exe
[2011.11.17 06:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\System32\lsass.exe
[2011.11.17 06:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\lsass.exe
[2011.11.17 06:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_a828bb43bb2beb28\lsass.exe
[2012.06.02 05:40:31 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=A6034689ACF9D14973F8384AD5A5451E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_a6eb42a4d70be51e\lsass.exe
[2011.11.17 06:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_a66c9bbdbde5f8fa\lsass.exe
[2011.11.17 06:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_a656d407bdf6641e\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe
[2012.06.02 05:51:22 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FA7B950E4CA6AA260C4EABA19E03644D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_a8d76e24d42eb666\lsass.exe
[2011.11.17 06:24:04 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FBCB2DFA40862DAA7B1534C9538208A5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\lsass.exe

< MD5 for: NDIS.SYS >
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys
[2010.11.20 13:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\System32\drivers\ndis.sys
[2010.11.20 13:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvraid.sys
[2010.11.20 13:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\System32\drivers\nvraid.sys
[2010.11.20 13:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 13:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2010.11.20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\drivers\nvstor.sys
[2010.11.20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\System32\smss.exe
[2009.07.14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2012.08.22 18:05:21 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2011.04.25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013.01.03 06:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2010.11.20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2013.01.04 05:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2012.03.30 11:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011.04.25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013.01.03 06:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\System32\drivers\tcpip.sys
[2013.01.03 06:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2012.03.30 11:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011.04.25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012.03.30 10:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2012.08.22 18:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2013.01.04 05:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
[2012.03.30 11:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\System32\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[7 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.06.07 16:04:26 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\Adobe
[2012.10.08 19:51:25 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\Audacity
[2013.02.16 16:26:45 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\DAEMON Tools Lite
[2013.01.26 08:49:08 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\dvdcss
[2012.10.13 19:09:19 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\DVDVideoSoft
[2012.06.15 23:16:49 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\GHISLER
[2012.09.28 08:50:21 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\Google
[2012.05.22 21:16:21 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\Identities
[2013.02.16 15:21:57 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\InstallShield
[2013.01.19 15:29:02 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\Leadertech
[2012.05.23 06:15:02 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\Macromedia
[2009.07.14 10:20:06 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\Media Center Programs
[2012.12.22 10:15:48 | 000,000,000 | --SD | M] -- C:\Users\Pejcha Petr\AppData\Roaming\Microsoft
[2012.06.18 19:25:25 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\Mozilla
[2013.02.16 15:14:48 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\MyPhoneExplorer
[2012.06.07 15:58:49 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\pdfforge
[2012.12.04 08:54:13 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\Radmin
[2012.12.24 14:19:11 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\runic games
[2012.10.13 19:04:44 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\Skype
[2012.10.01 17:16:06 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\Softplicity
[2012.09.02 17:28:33 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\StarBurn
[2013.02.16 15:12:45 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\uTorrent
[2013.01.26 08:53:58 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\vlc
[2013.01.22 21:36:58 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\WinRAR
[2012.10.01 17:07:21 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\YCanPDF
[2012.10.08 18:54:01 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\Youtube to MP3 Converter
[2013.02.16 15:17:46 | 000,000,000 | ---D | M] -- C:\Users\Pejcha Petr\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2012.12.04 08:53:48 | 000,065,536 | R--- | M] (Macrovision Corporation) -- C:\Users\Pejcha Petr\AppData\Roaming\Microsoft\Installer\{2517B7EA-6C03-4D86-A1B1-F3FE1C3BC03B}\ARPPRODUCTICON.exe
[2012.12.24 09:40:52 | 000,065,024 | R--- | M] () -- C:\Users\Pejcha Petr\AppData\Roaming\Microsoft\Installer\{4F64A46D-67F7-4497-AEA2-313D4305A5F6}\Icon4F64A46D.exe
[2012.09.13 08:41:25 | 000,038,078 | R--- | M] () -- C:\Users\Pejcha Petr\AppData\Roaming\Microsoft\Installer\{BD7C153B-B2B7-47D8-8A0E-5D6CC3C10005}\_02B004C64F43B9A8EE56A8.exe
[2012.09.13 08:41:25 | 000,092,843 | R--- | M] () -- C:\Users\Pejcha Petr\AppData\Roaming\Microsoft\Installer\{BD7C153B-B2B7-47D8-8A0E-5D6CC3C10005}\_2286A74CD45DAEE7084D67.exe
[2012.09.13 08:41:25 | 000,038,078 | R--- | M] () -- C:\Users\Pejcha Petr\AppData\Roaming\Microsoft\Installer\{BD7C153B-B2B7-47D8-8A0E-5D6CC3C10005}\_6FEFF9B68218417F98F549.exe
[2012.09.13 08:41:25 | 000,038,078 | R--- | M] () -- C:\Users\Pejcha Petr\AppData\Roaming\Microsoft\Installer\{BD7C153B-B2B7-47D8-8A0E-5D6CC3C10005}\_A74266963119BB7F54BF6B.exe
[2012.09.13 08:41:25 | 000,038,078 | R--- | M] () -- C:\Users\Pejcha Petr\AppData\Roaming\Microsoft\Installer\{BD7C153B-B2B7-47D8-8A0E-5D6CC3C10005}\_C19030577C9B52CFF2D05E.exe

Re: Prosím o preventivku

Napsal: 17 úno 2013 13:57
od Euronymous
< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2012.09.02 17:27:43 | 000,721,904 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.02.17 08:06:39 | 000,014,224 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.17 08:06:39 | 000,014,224 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.16 13:15:48 | 000,043,520 | ---- | M] () -- C:\Windows\system32\CmdLineExt03.dll
[2013.02.17 12:23:30 | 000,002,577 | ---- | M] () -- C:\Windows\system32\config.nt
[2013.02.16 12:26:12 | 000,012,067 | ---- | M] () -- C:\Windows\system32\SIntf16.dll
[2013.02.16 12:26:12 | 000,017,212 | ---- | M] () -- C:\Windows\system32\SIntf32.dll
[2013.02.16 12:26:12 | 000,021,840 | ---- | M] () -- C:\Windows\system32\SIntfNT.dll
[2013.02.17 08:44:12 | 000,005,355 | ---- | M] () -- C:\Windows\system32\sysdata.dat

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Google Update" = "C:\Users\Pejcha Petr\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2012.05.23 06:13:25 | 000,116,648 | ---- | M] (Google Inc.)
"Sony PC Companion" = "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background -- [2013.01.07 12:03:32 | 000,446,648 | ---- | M] (Sony)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.02.17 12:38:26 | 000,000,512 | ---- | M] () MD5=522B7A49BA7422779C4AFCD4177517C5 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2011.02.22 12:17:16 | 000,004,328 | ---- | M] () -- \Program Files\JDownloader\JDownloader\jd\plugins\hoster\CrackedCom.class
[2012.12.14 22:17:37 | 000,006,778 | ---- | M] () -- \Users\Pejcha Petr\AppData\Roaming\uTorrent\CloneDVD 2.9.3.0 With Crack Free By DSF.torrent
[2012.12.11 20:07:47 | 000,008,586 | ---- | M] () -- \Users\Pejcha Petr\AppData\Roaming\uTorrent\Youtube Downloader PRO (YTD) v3.9 Including Crack [h33t][iahq76].torrent

< *keygen* /s >

< *loader* /s >
[2012.10.01 18:35:32 | 000,098,883 | ---- | M] () -- \Program Files\Flashtool\devices\E10\loader.sin
[2012.10.01 18:35:32 | 000,103,949 | ---- | M] () -- \Program Files\Flashtool\devices\E10\loader_unlocked.sin
[2012.10.01 18:35:32 | 000,098,883 | ---- | M] () -- \Program Files\Flashtool\devices\E15\loader.sin
[2012.10.01 18:35:32 | 000,103,949 | ---- | M] () -- \Program Files\Flashtool\devices\E15\loader_unlocked.sin
[2012.10.01 18:35:32 | 000,100,591 | ---- | M] () -- \Program Files\Flashtool\devices\LT15\loader.sin
[2012.10.01 18:35:32 | 000,100,591 | ---- | M] () -- \Program Files\Flashtool\devices\LT18\loader.sin
[2012.10.01 18:35:32 | 000,100,712 | ---- | M] () -- \Program Files\Flashtool\devices\LT22\loader.sin
[2012.10.01 18:35:32 | 000,136,600 | ---- | M] () -- \Program Files\Flashtool\devices\LT26\loader.sin
[2012.10.01 18:35:32 | 000,136,592 | ---- | M] () -- \Program Files\Flashtool\devices\LT26W\loader.sin
[2012.10.01 18:35:32 | 000,136,600 | ---- | M] () -- \Program Files\Flashtool\devices\LT28\loader.sin
[2012.10.01 18:35:34 | 000,077,700 | ---- | M] () -- \Program Files\Flashtool\devices\LT30\loader.sin
[2012.10.01 18:35:32 | 000,100,591 | ---- | M] () -- \Program Files\Flashtool\devices\MK16\loader.sin
[2012.10.01 18:35:32 | 000,100,591 | ---- | M] () -- \Program Files\Flashtool\devices\MT11\loader.sin
[2012.10.01 18:35:32 | 000,100,591 | ---- | M] () -- \Program Files\Flashtool\devices\MT15\loader.sin
[2012.10.01 18:35:32 | 000,100,712 | ---- | M] () -- \Program Files\Flashtool\devices\MT27\loader.sin
[2012.10.01 18:35:32 | 000,077,700 | ---- | M] () -- \Program Files\Flashtool\devices\MT28\loader.sin
[2012.10.01 18:35:32 | 000,100,591 | ---- | M] () -- \Program Files\Flashtool\devices\R800\loader.sin
[2012.10.01 18:35:32 | 000,100,591 | ---- | M] () -- \Program Files\Flashtool\devices\SK17\loader.sin
[2012.10.01 18:35:32 | 000,100,591 | ---- | M] () -- \Program Files\Flashtool\devices\ST15\loader.sin
[2012.10.01 18:35:32 | 000,100,591 | ---- | M] () -- \Program Files\Flashtool\devices\ST17\loader.sin
[2012.10.01 18:35:32 | 000,100,591 | ---- | M] () -- \Program Files\Flashtool\devices\ST18\loader.sin
[2012.10.01 18:35:32 | 000,106,428 | ---- | M] () -- \Program Files\Flashtool\devices\ST21\loader.sin
[2012.10.01 18:35:32 | 000,100,712 | ---- | M] () -- \Program Files\Flashtool\devices\ST25\loader.sin
[2012.10.01 18:35:32 | 000,100,712 | ---- | M] () -- \Program Files\Flashtool\devices\ST27\loader.sin
[2012.10.01 18:35:32 | 000,098,883 | ---- | M] () -- \Program Files\Flashtool\devices\U20\loader.sin
[2012.10.01 18:35:32 | 000,103,949 | ---- | M] () -- \Program Files\Flashtool\devices\U20\loader_unlocked.sin
[2012.10.01 18:35:32 | 000,100,591 | ---- | M] () -- \Program Files\Flashtool\devices\WT19\loader.sin
[2012.10.01 18:35:32 | 000,087,559 | ---- | M] () -- \Program Files\Flashtool\devices\X10\loader.sin
[2012.10.01 18:35:32 | 000,087,569 | ---- | M] () -- \Program Files\Flashtool\devices\X10\loader_unlocked.sin
[2012.11.26 19:39:31 | 000,100,840 | ---- | M] () -- \Program Files\Flashtool\firmwares\loader.sin
[2012.10.01 18:35:32 | 000,100,591 | ---- | M] () -- \Program Files\Flashtool\loaders\S1_Loader_Root_773f.sin
[2010.09.23 13:40:24 | 000,214,528 | ---- | M] () -- \Program Files\JDownloader\JDownloader\JDownloader.exe
[2011.02.22 12:01:10 | 000,593,293 | ---- | M] () -- \Program Files\JDownloader\JDownloader\JDownloader.jar
[2011.02.22 12:00:30 | 000,000,105 | ---- | M] () -- \Program Files\JDownloader\JDownloader\jd\img\hosterlogos\uploader.pl.png
[2011.02.22 12:05:58 | 000,007,069 | ---- | M] () -- \Program Files\JDownloader\JDownloader\jd\plugins\hoster\UploaderPl.class
[2010.09.23 13:43:08 | 000,032,222 | ---- | M] () -- \Program Files\JDownloader\JDownloader\licenses\jdownloader.license
[2012.11.15 14:00:16 | 000,001,702 | ---- | M] () -- \Program Files\Sony Ericsson\Update Engine\licenses\loaderbinarylegal.txt
[2012.11.26 12:11:20 | 000,001,702 | ---- | M] () -- \Program Files\Sony Ericsson\Update Service\licenses\loaderbinarylegal.txt
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2012.10.18 17:48:18 | 000,430,080 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 15:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Facebook\ZPSPluginLoader.exe
[2012.10.18 17:47:30 | 000,442,368 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 15:12:42 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Flickr\ZPSPluginLoader.exe
[2012.10.18 17:48:44 | 000,194,560 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Picasa\ZPSPicasaUploader.exe
[2010.04.29 15:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Picasa\ZPSPluginLoader.exe
[2012.10.18 17:56:18 | 000,103,520 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Program32\8bfLoader.exe
[2012.10.18 17:56:32 | 000,017,504 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Program32\WICLoader.exe
[2012.06.18 11:39:40 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.06.18 11:39:40 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.06.18 11:39:40 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.06.18 11:39:40 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.02.02 09:01:39 | 000,075,076 | ---- | M] () -- \Users\Pejcha Petr\AppData\Local\Android\android-sdk\docs\guide\components\loaders.html
[2013.02.02 09:01:16 | 000,082,826 | ---- | M] () -- \Users\Pejcha Petr\AppData\Local\Android\android-sdk\docs\reference\android\app\LoaderManager.html
[2013.02.02 09:02:36 | 000,067,887 | ---- | M] () -- \Users\Pejcha Petr\AppData\Local\Android\android-sdk\docs\reference\android\content\Loader.ForceLoadContentObserver.html
[2013.02.02 09:02:28 | 000,081,027 | ---- | M] () -- \Users\Pejcha Petr\AppData\Local\Android\android-sdk\docs\reference\android\support\v4\content\AsyncTaskLoader.html
[2013.02.02 09:01:05 | 000,094,483 | ---- | M] () -- \Users\Pejcha Petr\AppData\Local\Android\android-sdk\docs\reference\android\support\v4\content\Loader.html
[2013.02.02 09:02:59 | 000,097,695 | ---- | M] () -- \Users\Pejcha Petr\AppData\Local\Android\android-sdk\docs\reference\android\test\LoaderTestCase.html
[2013.02.02 09:02:19 | 000,053,389 | ---- | M] () -- \Users\Pejcha Petr\AppData\Local\Android\android-sdk\docs\reference\javax\xml\validation\SchemaFactoryLoader.html
[2013.02.02 09:02:53 | 000,044,778 | ---- | M] () -- \Users\Pejcha Petr\AppData\Local\Android\android-sdk\docs\reference\junit\runner\TestSuiteLoader.html
[2013.02.02 09:02:27 | 000,019,083 | ---- | M] () -- \Users\Pejcha Petr\AppData\Local\Android\android-sdk\docs\resources\samples\ApiDemos\src\com\example\android\apis\app\LoaderThrottle.java
[2013.02.02 09:01:30 | 000,007,624 | ---- | M] () -- \Users\Pejcha Petr\AppData\Local\Android\android-sdk\docs\resources\samples\Support4Demos\src\com\example\android\supportv4\app\LoaderCursorSupport.java
[2013.02.02 09:02:01 | 000,014,073 | ---- | M] () -- \Users\Pejcha Petr\AppData\Local\Android\android-sdk\docs\resources\samples\XmlAdapters\src\com\example\android\xmladapters\ImageDownloader.java
[2013.02.02 09:02:57 | 000,006,423 | ---- | M] () -- \Users\Pejcha Petr\AppData\Local\Android\android-sdk\docs\sdk\api_diff\16\changes\android.content.Loader.html
[2013.02.02 09:01:51 | 000,004,966 | ---- | M] () -- \Users\Pejcha Petr\AppData\Local\Android\android-sdk\docs\sdk\api_diff\9\changes\dalvik.system.PathClassLoader.html
[2013.02.02 09:01:20 | 000,049,582 | ---- | M] () -- \Users\Pejcha Petr\AppData\Local\Android\android-sdk\docs\training\load-data-background\setup-loader.html
[2012.12.11 20:07:47 | 000,008,586 | ---- | M] () -- \Users\Pejcha Petr\AppData\Roaming\uTorrent\Youtube Downloader PRO (YTD) v3.9 Including Crack [h33t][iahq76].torrent
[2009.07.14 13:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.07.14 09:43:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 09:43:57 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.07.14 09:43:57 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2012.05.25 19:22:11 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2012.05.25 19:22:11 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2012.05.25 19:22:11 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.14 09:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 08:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 08:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 04:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2012.04.11 01:15:28 | 000,434,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.dll
[2013.01.21 21:54:37 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.ni.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2012.11.15 13:56:16 | 000,026,802 | ---- | M] () -- \Program Files\Sony Ericsson\Update Engine\plugins\com.serialio.win32.x86_2.12.12.1.jar
[2012.11.15 13:56:12 | 000,049,529 | ---- | M] () -- \Program Files\Sony Ericsson\Update Engine\plugins\com.serialio_2.12.14.20.jar
[2012.11.15 14:01:18 | 000,006,322 | ---- | M] () -- \Program Files\Sony Ericsson\Update Engine\plugins\com.sonyericsson.cs.serialcommunication_2.12.14.20.jar
[2012.11.26 12:11:21 | 000,026,802 | ---- | M] () -- \Program Files\Sony Ericsson\Update Service\plugins\com.serialio.win32.x86_2.12.12.1.jar
[2012.11.26 12:11:22 | 000,049,529 | ---- | M] () -- \Program Files\Sony Ericsson\Update Service\plugins\com.serialio_2.12.14.20.jar
[2012.11.26 12:11:48 | 000,006,318 | ---- | M] () -- \Program Files\Sony Ericsson\Update Service\plugins\com.sonyericsson.cs.serialcommunication_2.12.14.20.jar
[2011.06.17 17:14:06 | 000,014,970 | ---- | M] () -- \Program Files\SpinVector\Bang\ui\login_serial.png
[2011.06.17 17:14:06 | 000,003,783 | ---- | M] () -- \Program Files\SpinVector\Bang\ui\popover_login_serial.png
[2013.02.02 09:02:18 | 000,072,100 | ---- | M] () -- \Users\Pejcha Petr\AppData\Local\Android\android-sdk\docs\reference\java\io\NotSerializableException.html
[2012.11.29 21:00:41 | 000,005,672 | ---- | M] () -- \Users\Pejcha Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_serialnumber.in_0.localstorage-journal
[2012.10.01 17:19:45 | 000,001,284 | ---- | M] () -- \Users\Pejcha Petr\AppData\Roaming\uTorrent\FoxIt PDF Editor 2.0 Incl Serial - www.GuruFuel.com.rar.torrent
[2009.07.14 09:43:23 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 02:55:26 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.01.10 17:59:48 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll
[2013.01.10 07:45:18 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\eb4fa29ea9ab56d453b36696edbe6423\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.14 09:43:17 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2009.07.14 09:43:30 | 000,009,728 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2009.07.13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009.07.13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2009.07.14 03:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 03:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2009.07.14 09:43:55 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 03:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010.11.20 04:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 18:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 18:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2009.07.14 09:42:43 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 20:04:43 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 20:02:24 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2009.07.14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010.11.20 04:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 18:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 18:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2009.07.14 02:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 02:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2009.07.14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010.11.20 04:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 18:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 18:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 09:43:23 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010.11.05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 11:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2009.07.14 09:43:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 02:55:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:50 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2009.07.13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2009.07.14 09:43:15 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c002c1170ca9a88f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_c233d4df09982c29\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.14 09:43:17 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.07.14 09:43:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009.07.14 09:43:30 | 000,009,728 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c48c78a9ad8ff996\serial.sys.mui
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009.07.13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

Re: Prosím o preventivku

Napsal: 17 úno 2013 13:58
od Euronymous
extras:

OTL Extras logfile created on: 17.2.2013 12:33:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pejcha Petr\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,49 Gb Total Physical Memory | 0,51 Gb Available Physical Memory | 34,56% Memory free
2,98 Gb Paging File | 1,56 Gb Available in Paging File | 52,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 29,20 Gb Total Space | 5,59 Gb Free Space | 19,13% Space Free | Partition Type: NTFS
Drive D: | 82,49 Gb Total Space | 5,32 Gb Free Space | 6,45% Space Free | Partition Type: NTFS
Drive F: | 549,52 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: EURONYMOUS | User Name: Pejcha Petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [KMPlayer.Enqueue] -- "C:\Program Files\The KMPlayer\KMPlayer.exe"/ADD "%1"
Directory [KMPlayer.Play] -- "C:\Program Files\The KMPlayer\KMPlayer.exe" "%1" (Pandora.TV)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1B815E80-6ADD-4E8D-AD50-2F22DDFDC7DF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{25DB7B46-6762-48D0-A906-CAB6788940A4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{28DFAD8D-9BB4-4F07-8010-28BC21FC78EE}" = rport=137 | protocol=17 | dir=out | app=system |
"{2C0AD8DB-9180-4696-9512-4A1847973BC2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2FE66200-7B01-4B3E-805E-C56E84D05C69}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3B7F82E0-ABE5-4211-AA32-DF49B21C5FC3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{3D5C35D4-C02B-4247-AE32-EDC23D5F667B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3DB36240-4211-4886-B271-18FF505DF939}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{47813692-024D-406A-80BF-1DACA7AA8E31}" = lport=138 | protocol=17 | dir=in | app=system |
"{4E3F65FC-1706-4666-8DAA-84677968812B}" = lport=10243 | protocol=6 | dir=in | app=system |
"{4F198978-B473-4A37-A2D9-A7B645B60280}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{62A24013-D828-41A1-A612-36397B8B7441}" = lport=139 | protocol=6 | dir=in | app=system |
"{682346CB-0E77-4E7A-8D19-C82FB0FF0DE6}" = lport=445 | protocol=6 | dir=in | app=system |
"{9B610965-9346-472A-83F3-7FED5B674712}" = rport=138 | protocol=17 | dir=out | app=system |
"{A08AA11F-DE38-4254-B5EC-C44715DDF2E9}" = rport=139 | protocol=6 | dir=out | app=system |
"{BB84DAEB-4600-4131-B49B-8BB94BC1BA20}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C2173934-886C-4358-A389-17A56671F60B}" = lport=137 | protocol=17 | dir=in | app=system |
"{E0E69EF8-52E1-4FB1-B139-E65CB7D765AB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E111EC86-A7E0-423C-AF27-1F5A5F2BFC26}" = rport=445 | protocol=6 | dir=out | app=system |
"{E84B2A0D-675C-4213-B36B-5B72839881F8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FACA6E87-9A66-4AD9-888F-5CEB857500BE}" = rport=10243 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{057F8AC3-8452-4491-A26E-C6E038248975}" = protocol=6 | dir=in | app=c:\program files\webcamxp 5\wlite.exe |
"{0E15A907-33AF-4349-B268-8E4C1BB13419}" = protocol=17 | dir=in | app=c:\program files\webcamxp 5\wlite.exe |
"{1BA4EE65-6888-4F10-B1D6-3B06D922BB8E}" = protocol=6 | dir=in | app=c:\program files\webcamxp 5\wservice.exe |
"{1E1AE64B-A84A-4A5D-B95D-548CA4DEB5FA}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{1F262681-7E82-4E63-ABE0-5452E601A28E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2792953E-309D-458A-A16B-FCFC06A78B6A}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{308C8D86-A266-4CED-A48C-795976D61707}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{37B99D3F-B577-40DA-8100-B00EA7F086DA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{38DC6154-0113-48E8-B466-7E6FCF080358}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{49393E05-0721-4EF0-A913-36296F95E3D6}" = protocol=6 | dir=out | app=system |
"{51B53B6C-C0F9-4247-812A-B4DB3C0555FE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6C31ED40-725B-41A4-9D98-F43354921660}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{6DDB6088-12A1-4D6C-94E4-0FD58FC7C36B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6E2BA286-A27E-4E03-AA29-FB6FD25680A9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8095E76F-7576-49DB-91AF-33377B821BA1}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{831BDEB2-3B31-4930-8836-3DB3AED65057}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8364FDF3-A261-4121-B092-A2F391F20707}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |
"{8E9BB930-E3A5-4B3D-9072-9BAE93551CBA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9A87C67C-503B-4C76-8E5B-DBB4E8D54C0E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9B5DCBCF-4BFA-45FF-9C33-70BCA858BC6E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A889A08C-7F03-4A98-B6CB-CC23B9A902C2}" = protocol=17 | dir=in | app=c:\program files\webcamxp 5\wservice.exe |
"{B6784FD4-FCBB-4E4F-9A98-4D27F96218E7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BDE879A4-9480-4147-9CFB-61D2102A9F2C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C6AEB103-E4BA-44D3-AD96-92916656E0CF}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D700B3D2-8B65-44B3-80B5-4EB477BC7049}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |
"{E7586487-E2C6-4551-942B-B6AF372EBF65}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F88D269D-B404-4346-891F-E276CA75E89C}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"TCP Query User{1DCF2E70-B092-4EAF-8F91-0ADC87557366}C:\program files\webcamxp 5\wlite.exe" = protocol=6 | dir=in | app=c:\program files\webcamxp 5\wlite.exe |
"TCP Query User{7228D766-492E-429D-AB3D-348B01938903}D:\filmy\aaa\magic\manalink.exe" = protocol=6 | dir=in | app=d:\filmy\aaa\magic\manalink.exe |
"TCP Query User{89968D28-262A-4F29-B60A-4965890E4FA7}C:\program files\mir4nda-im-0.9.41-pack-v2.9.6\miranda32.exe" = protocol=6 | dir=in | app=c:\program files\mir4nda-im-0.9.41-pack-v2.9.6\miranda32.exe |
"TCP Query User{9D97C63E-1865-49CA-A362-0A46C41BB98E}C:\program files\spinvector\bang\bang!.exe" = protocol=6 | dir=in | app=c:\program files\spinvector\bang\bang!.exe |
"TCP Query User{E7FEC7A4-F0C6-47BF-8DC4-9ABA03E45F11}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{F94B97B5-B6A1-4F3E-97DE-BD9E227301B7}C:\program files\mir4nda-im-0.9.41-pack-v2.9.6\miranda32.exe" = protocol=6 | dir=in | app=c:\program files\mir4nda-im-0.9.41-pack-v2.9.6\miranda32.exe |
"UDP Query User{0BD114F5-8C1F-4689-B15B-4AA9B7E41284}C:\program files\spinvector\bang\bang!.exe" = protocol=17 | dir=in | app=c:\program files\spinvector\bang\bang!.exe |
"UDP Query User{3370DA61-9BCF-4CE1-9A78-544A85120DC0}C:\program files\webcamxp 5\wlite.exe" = protocol=17 | dir=in | app=c:\program files\webcamxp 5\wlite.exe |
"UDP Query User{5C05DB6E-FF80-446A-9F1A-E16097CA820F}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{A60CEE58-E7F5-46B5-9E3A-5034A3BD0E15}D:\filmy\aaa\magic\manalink.exe" = protocol=17 | dir=in | app=d:\filmy\aaa\magic\manalink.exe |
"UDP Query User{D702A378-494B-45B5-8704-801A9D95A4FD}C:\program files\mir4nda-im-0.9.41-pack-v2.9.6\miranda32.exe" = protocol=17 | dir=in | app=c:\program files\mir4nda-im-0.9.41-pack-v2.9.6\miranda32.exe |
"UDP Query User{D871DECD-93A0-498A-AA70-DDDF0A354B80}C:\program files\mir4nda-im-0.9.41-pack-v2.9.6\miranda32.exe" = protocol=17 | dir=in | app=c:\program files\mir4nda-im-0.9.41-pack-v2.9.6\miranda32.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0853463E-3468-4BF8-9083-C7BF40AD2943}" = STORMWARE POHODA CZ Start
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2517B7EA-6C03-4D86-A1B1-F3FE1C3BC03B}" = Radmin Viewer 3.4
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.012.00
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A57592C-FF92-4083-97A9-92783BD5AFB4}" = Acer OrbiCam
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{74669C8B-4D0A-4237-997F-3E1C92331F7D}" = PDFConverter Printer Driver
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{7A21C722-F259-4976-B7AA-6658E5FDEDAF}" = Google Drive
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Czech
"{BD7C153B-B2B7-47D8-8A0E-5D6CC3C10005}" = BANG! the official video game
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.136
"{F2B5A2A7-2DF9-4361-8BD5-362714528B51}" = NHL® 09
"{F79AAB3A-B8B4-4AC7-94AB-1C4C076C6A89}" = The Simpsons Hit & Run(TM)
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo II" = Diablo II
"Flashtool" = Flashtool
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"Magic The Gathering - Duels of the Planeswalkers 2012_is1" = Magic The Gathering - Duels of the Planeswalkers 2012
"Mozilla Firefox 13.0.1 (x86 cs)" = Mozilla Firefox 13.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PDFConverter Printer Driver_is1" = PDFConverter Printer Driver version 2.00
"StarBurn_is1" = StarBurn Version 13 (Build 0x20110818)
"STORMWARE PDF Printer_is1" = STORMWARE PDF Printer 8.2.0.1406
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"Update Engine" = Sony Ericsson Update Engine
"Update Service" = Sony Ericsson Update Service
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.5
"ZonerPhotoStudio15_CZ_is1" = Zoner Photo Studio 15

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4282015285-1654600802-1937256806-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 17.2.2013 3:44:27 | Computer Name = Euronymous | Source = Application Error | ID = 1005
Description = Systém Windows nemůže získat přístup k souboru z jednoho z těchto
důvodů: došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen,
nebo s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí. Systém
Windows kvůli této chybě ukončil program Diablo II. Program: Diablo II Soubor: Hodnota
chyby je uvedena v části Další údaje. Akce uživatele 1. Otevřete soubor znovu. Může
se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud
k souboru stále nelze získat přístup a: - Nachází se v síti, měl by správce sítě
ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat. - Je na vyměnitelném
disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen
do počítače. 3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten
lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz
CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte
klávesu ENTER. 4. Pokud potíže potrvají, obnovte soubor ze záložní kopie. 5. Zjistěte,
zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen.
Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového
hardwaru se žádostí o pomoc. Další údaje Hodnota chyby: 00000000 Typ disku: 0

Error - 17.2.2013 3:44:59 | Computer Name = Euronymous | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Diablo II.exe, verze: 1.0.0.1, časové razítko:
0x3f9f275c Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.17725, časové razítko:
0x4ec49b60 Kód výjimky: 0xc0000096 Posun chyby: 0x001004f2 ID chybujícího procesu:
0xc3c Čas spuštění chybující aplikace: 0x01ce0ce2afc6665f Cesta k chybující aplikaci:
D:\Hry\Diablo II\Diablo II.exe Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID
zprávy: edb2f108-78d5-11e2-885b-0016d460e452

Error - 17.2.2013 3:44:59 | Computer Name = Euronymous | Source = Application Error | ID = 1005
Description = Systém Windows nemůže získat přístup k souboru z jednoho z těchto
důvodů: došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen,
nebo s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí. Systém
Windows kvůli této chybě ukončil program Diablo II. Program: Diablo II Soubor: Hodnota
chyby je uvedena v části Další údaje. Akce uživatele 1. Otevřete soubor znovu. Může
se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud
k souboru stále nelze získat přístup a: - Nachází se v síti, měl by správce sítě
ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat. - Je na vyměnitelném
disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen
do počítače. 3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten
lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz
CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte
klávesu ENTER. 4. Pokud potíže potrvají, obnovte soubor ze záložní kopie. 5. Zjistěte,
zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen.
Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového
hardwaru se žádostí o pomoc. Další údaje Hodnota chyby: 00000000 Typ disku: 0

Error - 17.2.2013 3:45:11 | Computer Name = Euronymous | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Diablo II.exe, verze: 1.0.0.1, časové razítko:
0x3f9f275c Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.17725, časové razítko:
0x4ec49b60 Kód výjimky: 0xc0000096 Posun chyby: 0x001004f2 ID chybujícího procesu:
0xa58 Čas spuštění chybující aplikace: 0x01ce0ce2b735479c Cesta k chybující aplikaci:
D:\Hry\Diablo II\Diablo II.exe Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID
zprávy: f514b2b4-78d5-11e2-885b-0016d460e452

Error - 17.2.2013 3:45:11 | Computer Name = Euronymous | Source = Application Error | ID = 1005
Description = Systém Windows nemůže získat přístup k souboru z jednoho z těchto
důvodů: došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen,
nebo s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí. Systém
Windows kvůli této chybě ukončil program Diablo II. Program: Diablo II Soubor: Hodnota
chyby je uvedena v části Další údaje. Akce uživatele 1. Otevřete soubor znovu. Může
se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud
k souboru stále nelze získat přístup a: - Nachází se v síti, měl by správce sítě
ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat. - Je na vyměnitelném
disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen
do počítače. 3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten
lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz
CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte
klávesu ENTER. 4. Pokud potíže potrvají, obnovte soubor ze záložní kopie. 5. Zjistěte,
zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen.
Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového
hardwaru se žádostí o pomoc. Další údaje Hodnota chyby: 00000000 Typ disku: 0

Error - 17.2.2013 3:45:49 | Computer Name = Euronymous | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Diablo II.exe, verze: 1.0.0.1, časové razítko:
0x3f9f275c Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.17725, časové razítko:
0x4ec49b60 Kód výjimky: 0xc0000096 Posun chyby: 0x001004f2 ID chybujícího procesu:
0x3f8 Čas spuštění chybující aplikace: 0x01ce0ce2cd6b2ead Cesta k chybující aplikaci:
D:\Hry\Diablo II\Diablo II.exe Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID
zprávy: 0b49131f-78d6-11e2-885b-0016d460e452

Error - 17.2.2013 3:45:49 | Computer Name = Euronymous | Source = Application Error | ID = 1005
Description = Systém Windows nemůže získat přístup k souboru z jednoho z těchto
důvodů: došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen,
nebo s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí. Systém
Windows kvůli této chybě ukončil program Diablo II. Program: Diablo II Soubor: Hodnota
chyby je uvedena v části Další údaje. Akce uživatele 1. Otevřete soubor znovu. Může
se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud
k souboru stále nelze získat přístup a: - Nachází se v síti, měl by správce sítě
ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat. - Je na vyměnitelném
disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen
do počítače. 3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten
lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz
CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte
klávesu ENTER. 4. Pokud potíže potrvají, obnovte soubor ze záložní kopie. 5. Zjistěte,
zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen.
Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového
hardwaru se žádostí o pomoc. Další údaje Hodnota chyby: 00000000 Typ disku: 0

Error - 17.2.2013 3:46:56 | Computer Name = Euronymous | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Diablo II.exe, verze: 1.0.0.1, časové razítko:
0x3f9f275c Název chybujícího modulu: D2Lang.dll, verze: 0.0.0.0, časové razítko:
0x43028b09 Kód výjimky: 0xc0000005 Posun chyby: 0x00008c80 ID chybujícího procesu:
0xff4 Čas spuštění chybující aplikace: 0x01ce0ce2f15b6294 Cesta k chybující aplikaci:
D:\Hry\Diablo II\Diablo II.exe Cesta k chybujícímu modulu: D:\Hry\Diablo II\D2Lang.dll
ID
zprávy: 3327a6f2-78d6-11e2-885b-0016d460e452

Error - 17.2.2013 4:57:48 | Computer Name = Euronymous | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Diablo II.exe, verze: 1.0.0.1, časové razítko:
0x3f9f275c Název chybujícího modulu: D2Lang.dll, verze: 0.0.0.0, časové razítko:
0x43028b09 Kód výjimky: 0xc0000005 Posun chyby: 0x00008c80 ID chybujícího procesu:
0x320 Čas spuštění chybující aplikace: 0x01ce0ce2f9f6ba47 Cesta k chybující aplikaci:
D:\Hry\Diablo II\Diablo II.exe Cesta k chybujícímu modulu: D:\Hry\Diablo II\D2Lang.dll
ID
zprávy: 19f4fd93-78e0-11e2-885b-0016d460e452

Error - 17.2.2013 5:27:52 | Computer Name = Euronymous | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Diablo II.exe, verze: 1.0.0.1, časové razítko:
0x3f9f275c Název chybujícího modulu: D2Lang.dll, verze: 0.0.0.0, časové razítko:
0x43028b09 Kód výjimky: 0xc0000005 Posun chyby: 0x00008c80 ID chybujícího procesu:
0xac8 Čas spuštění chybující aplikace: 0x01ce0cf01ecda301 Cesta k chybující aplikaci:
D:\Hry\Diablo II\Diablo II.exe Cesta k chybujícímu modulu: D:\Hry\Diablo II\D2Lang.dll
ID
zprávy: 4d4e2c75-78e4-11e2-885b-0016d460e452

[ Media Center Events ]
Error - 13.7.2012 12:16:39 | Computer Name = Euronymous | Source = MCUpdate | ID = 0
Description = 18:16:27 - Načtení položky Broadband se nezdařilo. (Chyba: Nadřízené
připojení bylo uzavřeno: Došlo k neočekávané chybě při příjmu.)

[ System Events ]
Error - 24.10.2012 0:56:33 | Computer Name = Euronymous | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 24.10.2012 0:56:36 | Computer Name = Euronymous | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 24.10.2012 0:56:39 | Computer Name = Euronymous | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 24.10.2012 0:56:42 | Computer Name = Euronymous | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 24.10.2012 0:56:45 | Computer Name = Euronymous | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 24.10.2012 0:56:48 | Computer Name = Euronymous | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 24.10.2012 0:56:51 | Computer Name = Euronymous | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 24.10.2012 0:56:54 | Computer Name = Euronymous | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 24.10.2012 0:56:56 | Computer Name = Euronymous | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 24.10.2012 0:56:59 | Computer Name = Euronymous | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.


< End of report >

Re: Prosím o preventivku

Napsal: 17 úno 2013 14:04
od Márty84
No, docela by me zajimalo, k cemu u toho legalniho systemu potrebujete ten crack na windows :roll:

Re: Prosím o preventivku

Napsal: 17 úno 2013 14:09
od Euronymous
Instalaci mi prováděl někdo jiný a měl originál DVD, ale koukám, že asi to nebyla pravda...
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz