Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola Logu - Konflikt - Podezřeni Na Virus

Patříte mezi Vzorné návštěvníky? Pak je tato sekce pro vás.

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zamčeno
Zpráva
Autor
Lilly [FR]

Kontrola Logu - Konflikt - Podezřeni Na Virus

#1 Příspěvek od Lilly [FR] »

:) Zdravim vas, potřebovala bych poradit a zjistit dostupne informace z logu co vam teď posilam
:) Hledam odpoveď, zda je log čisty a neni tam virus a co způsobuje problem konfliktu na moji pc sestavě

Moje Aktivity:
-------------

- Při instalace antivirusu AVIRA - PREMIUM, jsem byla upozorněna na přitomnosti antiviraku KASPERSKY INTERNET SECURITY, předtim jsem ho testovala a, už jsem napsala do fora, že si můj počitač s nim nerozumi, protože ho hrozně zatěžuje.
- Pokud si dobře pamatuji, KASPERSKY INTERNET SECURITY jsem, odinstalovala pryč, takže muselo tam ještě něco zůstat, zbytkove soubory a složky, ktere jsou ještě aktivne a spoušteji se při startu.
- Použila jsem teda nastroj KASPERSKY REMOVAL v nouzovem režimu na C:/a po zadani grafickeho kodu jsem nechala všechno odinstalovat v nastroji co ma společnyho s KASPERSKYM PRODUKTEM.
- Po restartu, ale nastal obrovsky problem, přestala mi fungovat klavesnice, takže můsela jsem použivat virtualni klavesnici na 7, v biosu, ale podpora usb klavesnice byla zapnuta.
- Byla jsem teda nucena použit obnovu systemu, kde mi tento nastroj sdělil co bude vracet nazpatky a byl tam aj straceny ovladač pro klavesnici, nechapu co se protě mohlo stat ja jsem to určitě nedala odinstalovat, podeziram jestli to neudělal samovolně nastroj removal od kaspersky.

- S kasperskym jsou jenom problemy a utrpení pro můj počitač, po obnově bodu, klavesnice zase pracuje tak jak ma, ale určtě se spustili zbytkove soubory od KASPERSKY, protože počitač nepracuje tak jak ma je nějaky zpomaleny, zatěž procesoru atd

Je tam virus, nebo něco co zůstalo po kasperskem antiviraku a ještě je to aktivne?

:worship: Diky za pomoc a informace....posilam log.
Nahoru
Lilly [FR]

Re: Kontrola Logu - Konflikt - Podezřeni Na Virus

#2 Příspěvek od Lilly [FR] »

Logfile of random's system information tool 1.08 (written by random/random)
Run by Skynet-2010 at 2013-03-29 10:43:14
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 341 GB (56%) free of 610 GB
Total RAM: 6141 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:43:03, on 26.2.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16464)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe
C:\Program Files (x86)\Auto - Tapety\awplite.exe
C:\Program Files (x86)\Manager - Acronis\Disk Backup\TrueImageMonitor.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\Program Files (x86)\Internet T-Mobile\Web'n'walk Manager\Manager.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Skynet-2010.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files (x86)\Manager - Acronis\Disk Backup\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe" Minimum
O4 - HKCU\..\Run: [awplite] C:\Program Files (x86)\Auto - Tapety\awplite.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2239461738-3896735249-2566334241-1008\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2239461738-3896735249-2566334241-1008\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Přidat do Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm
O9 - Extra button: Virtuální klávesnice - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Kontrola adres URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{BB9E5AD9-9C9E-60A6-EE59-C5F72FF09E6A}: NameServer = 93.153.117.33 93.153.117.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\Antispyware - SUPER\SASCORE64.EXE
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Služba Acronis Nonstop Backup (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: Ashampoo HDD Control 2 Service (AHDDC2) - Unknown owner - C:\Program Files (x86)\Ashampoo - Hardisk Control\AHDDC2_Service.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files (x86)\Internet T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: Služba Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files (x86)\Ashampoo - Hardisk Control\DfSdkS64.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Aktivátor Správce výběru OS Acronis (Správce výběru OS) - Unknown owner - C:\Program Files (x86)\Manager - Acronis\Disk Director\OSS\reinstall_svc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10980 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
"C:\Program Files\Antispyware - SUPER\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Ashampoo - Core Tuner 2\ACT2Service.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
"C:\Program Files (x86)\Ashampoo - Hardisk Control\AHDDC2_Service.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Manager - Acronis\Disk Director\OSS\reinstall_svc.exe"
WLIDSvcM.exe 2224
"C:\Program Files (x86)\Internet T-Mobile\Web'n'walk Manager\ameisvc.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000b40
"C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE"
"C:\Program Files (x86)\Safe IP\SafeIPs.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-489e0408-64dd-4e2c-a72a-3b7977d34ccf -SystemEventPortName:HostProcess-b060fd52-4445-40a1-bfdf-4d64bc1b14eb -IoCancelEventPortName:HostProcess-8dae3317-10e0-418a-9560-d8526bd343f5 -NonStateChangingEventPortName:HostProcess-2e37c29e-7944-4257-aa98-294e1f479360 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:177075ad-e3ec-48cb-815e-473af3d83646 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
"C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Auto - Tapety\awplite.exe"
"C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe" Minimum
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"C:\Program Files (x86)\Manager - Acronis\Disk Backup\TrueImageMonitor.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Internet T-Mobile\Web'n'walk Manager\Manager.exe"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\explorer.exe /factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding
"C:\program files (x86)\avira\antivir desktop\avcenter.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe" /CFG="C:\program files (x86)\avira\antivir desktop\sysscan.avp" /GUIMODE=1
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Users\Skynet-2010\4 - Poštova Schránka\RSITx64.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\Windows 7 Manager - Logon Background Changer.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-06 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-06 170912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Služba Acronis Scheduler2"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2011-10-13 394744]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2013-01-24 1451728]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"awplite"=C:\Program Files (x86)\Auto - Tapety\awplite.exe [2007-02-10 2607616]
"OscarEditor"=C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe [2012-03-20 3340288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
C:\Program Files (x86)\Virtualka - Daemon\DTAgent.exe [2011-03-17 842048]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TrueImageMonitor.exe"=C:\Program Files (x86)\Manager - Acronis\Disk Backup\TrueImageMonitor.exe [2011-10-13 5574456]
"Driver Genius"= []
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2013-03-19 345312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SafeIPS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoInstrumentation"=1
"NoDrives"=33622048

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2013-03-29 10:43:14 ----D---- C:\rsit
2013-03-28 18:30:09 ----A---- C:\Windows\system32\drivers\nvstusb.sys
2013-03-28 18:30:01 ----A---- C:\Windows\system32\nvwgf2umx.dll
2013-03-28 18:30:00 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2013-03-28 18:30:00 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2013-03-28 18:30:00 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2013-03-28 18:30:00 ----A---- C:\Windows\system32\nvopencl.dll
2013-03-28 18:29:59 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-03-28 18:29:59 ----A---- C:\Windows\system32\nvoglv64.dll
2013-03-28 18:29:59 ----A---- C:\Windows\system32\nvinitx.dll
2013-03-28 18:29:59 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-03-28 18:29:58 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2013-03-28 18:29:58 ----A---- C:\Windows\system32\nvdispgenco6431422.dll
2013-03-28 18:29:58 ----A---- C:\Windows\system32\nvdispco6431422.dll
2013-03-28 18:29:57 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2013-03-28 18:29:57 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-03-28 18:29:57 ----A---- C:\Windows\system32\nvd3dumx.dll
2013-03-28 18:29:56 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-03-28 18:29:56 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2013-03-28 18:29:56 ----A---- C:\Windows\system32\nvcuvid.dll
2013-03-28 18:29:56 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-03-28 18:29:56 ----A---- C:\Windows\system32\nvcuda.dll
2013-03-28 18:29:51 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-03-28 18:29:51 ----A---- C:\Windows\system32\nvcompiler.dll
2013-03-28 18:29:50 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2013-03-28 18:17:16 ----SD---- C:\ProgramData\Shared Space
2013-03-28 18:15:41 ----D---- C:\ProgramData\Comodo
2013-03-28 18:15:40 ----D---- C:\ProgramData\Comodo Downloader
2013-03-28 18:15:36 ----D---- C:\Program Files\COMODO
2013-03-28 18:09:57 ----D---- C:\ProgramData\DriverGenius
2013-03-28 17:36:37 ----D---- C:\Users\Skynet-2010\AppData\Roaming\Avira
2013-03-28 17:31:14 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2013-03-28 17:31:14 ----A---- C:\Windows\system32\drivers\avipbb.sys
2013-03-28 17:31:14 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2013-03-28 17:31:13 ----D---- C:\ProgramData\Avira
2013-03-28 17:31:13 ----D---- C:\Program Files (x86)\Avira
2013-03-28 17:16:05 ----D---- C:\Program Files (x86)\Driver-Soft
2013-03-28 17:12:41 ----D---- C:\Program Files\C-Cleaner
2013-03-26 22:50:30 ----D---- C:\ProgramData\NVIDIA Corporation
2013-03-24 14:52:09 ----D---- C:\ProgramData\Origin
2013-03-24 07:55:59 ----SHD---- C:\ProgramData\DSS
2013-03-24 06:33:13 ----D---- C:\Program Files (x86)\CAPCOM
2013-03-20 00:46:17 ----A---- C:\Windows\DIIUnin.pif
2013-03-20 00:46:17 ----A---- C:\Windows\DIIUnin.exe
2013-03-20 00:41:38 ----D---- C:\Program Files (x86)\Diablo II
2013-03-18 13:34:02 ----A---- C:\Windows\SYSWOW64\pbsvc_bc2.exe
2013-03-18 13:09:12 ----D---- C:\Program Files (x86)\Electronic Arts
2013-03-18 11:21:16 ----D---- C:\Program Files (x86)\Origin Games
2013-03-18 04:48:42 ----D---- C:\Program Files (x86)\OSCAR Editor X7
2013-03-18 04:28:39 ----D---- C:\Program Files (x86)\OscarEditor
2013-03-17 00:58:19 ----A---- C:\Windows\SYSWOW64\SafeIPSOff.ini
2013-03-17 00:58:19 ----A---- C:\Windows\SYSWOW64\SafeIPS.ini
2013-03-17 00:58:19 ----A---- C:\Windows\system32\SafeIPSOff.ini
2013-03-16 23:08:21 ----D---- C:\Program Files (x86)\Seagate
2013-03-16 19:11:23 ----D---- C:\Program Files (x86)\HDD Regenerator
2013-03-16 09:26:52 ----D---- C:\Program Files (x86)\Safe IP
2013-03-16 09:13:12 ----D---- C:\Program Files (x86)\Ashampoo - Core Tuner 2
2013-03-16 06:13:41 ----A---- C:\Windows\system32\SafeIPs64.dll
2013-03-16 06:13:38 ----A---- C:\Windows\SYSWOW64\SafeIPs.dll
2013-03-14 22:07:52 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2013-03-14 05:55:04 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-03-14 05:54:58 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-03-14 05:54:58 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-03-14 05:54:58 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-03-14 05:54:58 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-03-14 05:54:58 ----A---- C:\Windows\system32\elshyph.dll
2013-03-14 05:54:57 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-03-14 05:54:57 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-03-14 05:54:57 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-03-14 05:54:57 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-03-14 05:54:57 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-03-14 05:54:56 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-03-14 05:54:56 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-03-14 05:54:56 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-03-14 05:54:56 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-03-14 05:54:56 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-03-14 05:54:56 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-03-14 05:54:56 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-03-14 05:54:55 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-03-14 05:54:55 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-03-14 05:54:55 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-03-14 05:54:55 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-03-14 05:54:54 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-03-14 05:54:54 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-03-14 05:54:54 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-03-14 05:54:54 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-03-14 05:54:54 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-03-14 05:54:54 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-03-14 05:54:54 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-03-14 05:54:53 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-03-14 05:54:53 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-03-14 05:54:53 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-03-14 05:54:53 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-03-14 05:54:53 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-03-14 05:54:53 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-03-14 05:54:52 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-03-14 05:54:51 ----A---- C:\Windows\SYSWOW64\url.dll
2013-03-14 05:54:51 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-03-14 05:54:51 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-03-14 05:54:51 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-03-14 05:54:51 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-03-14 05:54:51 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-03-14 05:54:50 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-03-14 05:54:50 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-03-14 05:54:45 ----A---- C:\Windows\system32\wininet.dll
2013-03-14 05:54:45 ----A---- C:\Windows\system32\urlmon.dll
2013-03-14 05:54:45 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-03-14 05:54:45 ----A---- C:\Windows\system32\msrating.dll
2013-03-14 05:54:45 ----A---- C:\Windows\system32\msls31.dll
2013-03-14 05:54:45 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-14 05:54:45 ----A---- C:\Windows\system32\iertutil.dll
2013-03-14 05:54:45 ----A---- C:\Windows\system32\dxtrans.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\wextract.exe
2013-03-14 05:54:44 ----A---- C:\Windows\system32\webcheck.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\vbscript.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\url.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-03-14 05:54:44 ----A---- C:\Windows\system32\pngfilt.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\occache.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\mshtmler.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\mshtml.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\mshta.exe
2013-03-14 05:54:44 ----A---- C:\Windows\system32\msfeedssync.exe
2013-03-14 05:54:44 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\licmgr10.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\jscript9.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\jscript.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\inseng.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\imgutil.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\iexpress.exe
2013-03-14 05:54:44 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-14 05:54:44 ----A---- C:\Windows\system32\ieui.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\iesysprep.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\iesetup.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\iernonce.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\iepeers.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\ieframe.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\iedkcs32.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\ieapfltr.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\ie4uinit.exe
2013-03-14 05:54:44 ----A---- C:\Windows\system32\icardie.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\dxtmsft.dll
2013-03-14 04:46:01 ----A---- C:\Windows\SYSWOW64\gdiplus.dll
2013-03-14 04:39:35 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-03-14 04:13:33 ----D---- C:\Program Files\Manager - Windows 7
2013-03-14 03:23:49 ----SD---- C:\Windows\SYSWOW64\Microsoft
2013-03-08 20:53:22 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-03-07 21:32:56 ----D---- C:\Users\Skynet-2010\AppData\Roaming\Product_PT
2013-03-07 20:46:20 ----A---- C:\Windows\SYSWOW64\MRT.exe
2013-03-06 05:50:17 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-03-06 05:49:56 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-03-06 05:49:56 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-03-06 05:49:56 ----A---- C:\Windows\SYSWOW64\java.exe
2013-03-06 05:49:48 ----D---- C:\Program Files (x86)\Java
2013-03-04 06:16:18 ----D---- C:\Program Files\Editor - VPK
2013-03-03 19:02:23 ----A---- C:\Windows\system32\aswBoot.exe
2013-03-02 16:24:23 ----DC---- C:\Windows\system32\DRVSTORE
2013-03-02 16:24:23 ----A---- C:\Windows\system32\drivers\usbfilter.sys
2013-03-02 16:24:22 ----D---- C:\Program Files (x86)\AMD
2013-03-02 16:24:14 ----A---- C:\Windows\system32\drivers\AtiPcie.sys

======List of files/folders modified in the last 1 months======

2013-03-29 10:43:38 ----D---- C:\Windows\Temp
2013-03-29 10:43:33 ----D---- C:\Program Files\Trend Micro
2013-03-29 09:47:10 ----SHD---- C:\System Volume Information
2013-03-29 01:47:29 ----AD---- C:\ProgramData\Temp
2013-03-29 01:46:14 ----D---- C:\Program Files (x86)\Steam
2013-03-29 01:06:50 ----D---- C:\Windows\ModemLogs
2013-03-29 01:06:50 ----D---- C:\Windows\inf
2013-03-29 01:06:49 ----D---- C:\Windows
2013-03-28 21:30:08 ----D---- C:\Windows\system32\config
2013-03-28 21:14:42 ----D---- C:\Windows\System32
2013-03-28 21:14:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-28 21:09:35 ----D---- C:\ProgramData\NVIDIA
2013-03-28 21:09:25 ----D---- C:\Windows\Tasks
2013-03-28 21:09:25 ----D---- C:\Windows\system32\wfp
2013-03-28 21:09:22 ----D---- C:\Windows\system32\wbem
2013-03-28 21:08:31 ----D---- C:\Windows\system32\DriverStore
2013-03-28 21:08:31 ----D---- C:\Windows\system32\drivers
2013-03-28 21:08:31 ----D---- C:\Windows\system32\catroot2
2013-03-28 21:08:31 ----D---- C:\Windows\system32\catroot
2013-03-28 21:08:30 ----D---- C:\Windows\security
2013-03-28 21:08:28 ----SHD---- C:\Windows\Installer
2013-03-28 21:08:28 ----D---- C:\Windows\ELAMBKUP
2013-03-28 21:08:24 ----D---- C:\Windows\registration
2013-03-28 21:08:13 ----HD---- C:\ProgramData
2013-03-28 18:37:28 ----D---- C:\Windows\Logs
2013-03-28 18:32:30 ----D---- C:\Windows\SysWOW64
2013-03-28 18:32:21 ----RHD---- C:\Users
2013-03-28 18:15:36 ----RD---- C:\Program Files
2013-03-28 17:31:13 ----RD---- C:\Program Files (x86)
2013-03-28 17:12:43 ----D---- C:\Windows\system32\Tasks
2013-03-28 16:13:20 ----D---- C:\Program Files (x86)\Common Files
2013-03-28 14:51:00 ----RSD---- C:\Windows\assembly
2013-03-28 00:35:03 ----D---- C:\Program Files\Antispyware - SUPER
2013-03-28 00:17:40 ----D---- C:\Windows\SoftwareDistribution
2013-03-28 00:16:49 ----D---- C:\Users\Skynet-2010\AppData\Roaming\DAEMON Tools Pro
2013-03-27 23:02:05 ----D---- C:\Windows\system32\drivers\UMDF
2013-03-27 23:02:05 ----D---- C:\Windows\system32\CodeIntegrity
2013-03-27 23:02:04 ----D---- C:\Windows\Help
2013-03-27 23:02:03 ----D---- C:\Users\Skynet-2010\AppData\Roaming\IrfanView
2013-03-27 23:01:59 ----D---- C:\Program Files\NVIDIA Corporation
2013-03-27 23:01:56 ----D---- C:\Program Files (x86)\Origin
2013-03-27 23:01:56 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-03-24 15:29:20 ----D---- C:\Users\Skynet-2010\AppData\Roaming\Origin
2013-03-20 09:24:49 ----D---- C:\Program Files (x86)\Auto - Tapety
2013-03-19 12:45:15 ----D---- C:\Windows\tracing
2013-03-19 12:40:21 ----D---- C:\Windows\system32\NDF
2013-03-19 05:33:17 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-03-19 00:48:21 ----D---- C:\Program Files (x86)\Punkbuster
2013-03-18 12:17:36 ----D---- C:\ProgramData\Acronis
2013-03-18 04:48:52 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-03-16 15:58:33 ----D---- C:\Windows\rescache
2013-03-16 07:54:11 ----D---- C:\Users\Skynet-2010\AppData\Roaming\uTorrent
2013-03-16 07:54:07 ----D---- C:\Windows\Panther
2013-03-15 06:53:06 ----A---- C:\Windows\system32\nvumdshimx.dll
2013-03-15 06:53:06 ----A---- C:\Windows\system32\nvapi64.dll
2013-03-15 05:16:18 ----A---- C:\Windows\system32\nvsvc64.dll
2013-03-15 05:16:17 ----A---- C:\Windows\system32\nvcpl.dll
2013-03-15 05:16:10 ----A---- C:\Windows\system32\nvvsvc.exe
2013-03-15 05:16:10 ----A---- C:\Windows\system32\nvsvcr.dll
2013-03-15 05:16:10 ----A---- C:\Windows\system32\nvshext.dll
2013-03-15 05:16:10 ----A---- C:\Windows\system32\nvmctray.dll
2013-03-14 08:59:28 ----D---- C:\Windows\winsxs
2013-03-14 08:55:56 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-03-14 08:55:56 ----D---- C:\Program Files\Internet Explorer
2013-03-14 08:55:56 ----D---- C:\Program Files (x86)\Internet Explorer
2013-03-14 08:55:55 ----D---- C:\Windows\system32\cs-CZ
2013-03-14 08:55:54 ----D---- C:\Windows\SYSWOW64\migration
2013-03-14 08:55:53 ----D---- C:\Windows\SYSWOW64\en-US
2013-03-14 08:55:53 ----D---- C:\Windows\system32\migration
2013-03-14 08:55:53 ----D---- C:\Windows\system32\en-US
2013-03-14 08:55:53 ----D---- C:\Windows\PolicyDefinitions
2013-03-14 04:24:42 ----D---- C:\Program Files (x86)\E-Mail Klient
2013-03-14 04:08:26 ----D---- C:\Windows\debug
2013-03-13 18:25:30 ----D---- C:\Windows\AppPatch
2013-03-13 18:25:26 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-13 18:25:25 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-03-13 18:25:24 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-03-13 10:31:03 ----A---- C:\Windows\system32\MRT.exe
2013-03-13 10:30:56 ----D---- C:\ProgramData\Microsoft Help
2013-03-13 09:17:17 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-03-07 22:09:19 ----D---- C:\Program Files (x86)\Ashampoo - Hardisk Control
2013-03-07 21:04:29 ----D---- C:\Users\Skynet-2010\AppData\Roaming\Skype
2013-03-07 20:57:53 ----D---- C:\ProgramData\Skype
2013-03-07 20:57:50 ----RD---- C:\Program Files (x86)\Skype
2013-03-07 20:46:07 ----D---- C:\Windows\SYSWOW64\directx
2013-03-06 05:49:50 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2013-03-06 05:49:50 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-03-03 19:22:18 ----D---- C:\Program Files (x86)\Klient - Torrent
2013-03-02 16:27:59 ----HD---- C:\Program Files (x86)\Temp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2011-04-15 79488]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2011-04-15 40064]
R0 amdide64;amdide64; C:\Windows\system32\DRIVERS\amdide64.sys [2011-12-17 11904]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-04 16440]
R0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2012-06-19 458584]
R0 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2012-03-07 30312]
R0 MxEFUF;Matrox Extio Upper Function Filter; C:\Windows\system32\DRIVERS\MxEFUF64.sys [2011-10-20 157696]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2012-10-01 277088]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-12-10 530488]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273); C:\Windows\system32\DRIVERS\tdrpm273.sys [2012-10-01 1263200]
R0 timounter;Acronis Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2012-10-01 970336]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-02-26 130016]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-03-06 28600]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2013-01-16 23176]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2013-01-16 699880]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2013-01-16 48360]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-11-25 272448]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2013-01-16 95752]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2013-02-13 613720]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2012-08-02 28504]
R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2013-02-13 54104]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2012-08-13 178008]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\Antispyware - SUPER\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\Antispyware - SUPER\SASKUTIL64.SYS [2011-07-12 12368]
R2 ACT2PM;Ashampoo CoreTuner 2 ProcessMonitor Driver; \??\C:\Program Files (x86)\Ashampoo - Core Tuner 2\ACT2ProcessMonitor64.sys [2011-06-10 15160]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-02-26 100712]
R2 ntk_PowerDVD12;ntk_PowerDVD12; \??\C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2011-10-27 82928]
R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2012-10-01 285280]
R3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [1999-12-31 101504]
R3 CT20XUT.SYS;CT20XUT.SYS; C:\Windows\System32\drivers\CT20XUT.SYS [2010-07-07 230488]
R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2010-07-07 697816]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS; C:\Windows\System32\drivers\CTEXFIFX.SYS [2010-07-07 1445976]
R3 CTHWIUT.SYS;CTHWIUT.SYS; C:\Windows\System32\drivers\CTHWIUT.SYS [2010-07-07 95320]
R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2010-07-07 15960]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2010-07-07 213080]
R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2010-07-07 118360]
R3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2010-03-20 13952]
R3 ha20x22k;Creative 20X2 HAL Driver; C:\Windows\system32\drivers\ha20x22k.sys [2010-07-07 1612888]
R3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2011-09-09 98304]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2011-09-09 87040]
R3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2011-09-09 28672]
R3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2011-09-09 218624]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-19 4065296]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2012-10-25 29016]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2012-10-25 29528]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-12-19 194488]
R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver; C:\Windows\system32\DRIVERS\nvstusb.sys [2013-03-15 448288]
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2010-07-07 179288]
R3 PGR1394b;PGR IEEE 1394 Bus host controllers; C:\Windows\system32\DRIVERS\PGR1394.sys [2008-03-14 88064]
R3 pmkbdfltr;PenMount Keyboard Device Filter Driver; C:\Windows\system32\DRIVERS\pmkbdfltr.sys [2012-08-01 18832]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-10-06 766096]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872]
S3 CT20XUT;CT20XUT; C:\Windows\system32\drivers\CT20XUT.SYS [2010-07-07 230488]
S3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2010-07-07 580696]
S3 CTEXFIFX;CTEXFIFX; C:\Windows\system32\drivers\CTEXFIFX.SYS [2010-07-07 1445976]
S3 CTHWIUT;CTHWIUT; C:\Windows\system32\drivers\CTHWIUT.SYS [2010-07-07 95320]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 117248]
S3 ha20x2k;Creative 20X HAL Driver; C:\Windows\system32\drivers\ha20x2k.sys [2010-07-07 1567832]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 RTL8168;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2012-07-31 690832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\Antispyware - SUPER\SASCORE64.EXE [2012-07-11 140672]
R2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2011-10-13 1113696]
R2 ACT2_Service;Ashampoo Core Tuner 2 Service; C:\Program Files (x86)\Ashampoo - Core Tuner 2\ACT2Service.exe [2011-08-22 1421216]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 afcdpsrv;Služba Acronis Nonstop Backup; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2012-10-01 3246040]
R2 AHDDC2;Ashampoo HDD Control 2 Service; C:\Program Files (x86)\Ashampoo - Hardisk Control\AHDDC2_Service.exe [2012-07-30 1518504]
R2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\Program Files (x86)\Internet T-Mobile\Web'n'walk Manager\ameisvc.exe [2012-08-22 123320]
R2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [2013-02-25 374496]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-02-25 110816]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-02-25 86752]
R2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2013-02-25 565472]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2013-01-24 3724472]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2010-02-12 286720]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-03-15 877856]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-03-15 1266464]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-01-16 76888]
R2 Správce výběru OS;Aktivátor Správce výběru OS Acronis; C:\Program Files (x86)\Manager - Acronis\Disk Director\OSS\reinstall_svc.exe [2010-07-07 2156952]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]
R3 SafeIPS;SafeIPS; C:\Program Files (x86)\Safe IP\SafeIPs.exe [2013-02-10 3808960]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-13 253656]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-01-24 158928]
S3 DfSdkS;Defragmentation-Service; C:\Program Files (x86)\Ashampoo - Hardisk Control\DfSdkS64.exe [2009-08-24 544768]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-08 115608]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-02-25 543144]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-09-30 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S4 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12; C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2012-01-12 87336]
S4 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-09-30 79360]
S4 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-09-30 79360]
S4 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2012-01-12 75048]
S4 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2012-01-12 296232]
S4 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2011-03-01 130976]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2010-08-19 386344]

-----------------EOF-----------------
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Kontrola Logu - Konflikt - Podezřeni Na Virus

#3 Příspěvek od Márty84 »

Ahoj :)

Momentalne tam bezi Avira i Kasparek pekne naplno :roll:

:arrow: Zkus ho odinstalovat pomoci CCleaneru, jestli ho teda program uvidi.


Potom udelej sken s OTL a odpalime zbytek

:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Lilly [FR]

Re: Kontrola Logu - Konflikt - Podezřeni Na Virus

#4 Příspěvek od Lilly [FR] »

Ahoj Marty, prohledavala jsem ručně program files/86/, ale nikde neni tam vidět žadnou složku od kasperskeho antiviraku, program c-cleaner nic nenašel v odinstalatoru, cez trend micro hijack this jsem take nic nenašla.Ani v procesech spušteni a ni ve službach windows neni možne nalezt položky a všechno co patři kasperskemu, ale zajimave je, že log to tady detektuje aj moje avira ve spuštenych procesech.

Ja, už sama nevim co mam udělat, zkoušela jsem snad všechno ani můj program TASK MANAGER nic nenašel to musi byt velice ukryty spušteny zbytkovy proces od kasperskeho, někde se v systemu ukryva a ja nevim, už kde, ale nenašla jsem ho ani cez přikaz regedit nbo msconfig.Nechapu před nedavnem jsem ho odinstalovala pryč ja vim, že dva antiviraky nesmi do systemu.snad to vyřešime posilam log a jakto vypada s tim logem je čisty be vírusu???
Nahoru
Lilly [FR]

Re: Kontrola Logu - Konflikt - Podezřeni Na Virus

#5 Příspěvek od Lilly [FR] »

OTL logfile created on: 29.3.2013 19:22:05 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Skynet-2010\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16521)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

6,00 Gb Total Physical Memory | 4,26 Gb Available Physical Memory | 71,07% Memory free
15,43 Gb Paging File | 13,58 Gb Available in Paging File | 88,01% Paging File free
Paging file location(s): c:\pagefile.sys 0 0d:\pagefile.sy [Binary data over 200 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 596,07 Gb Total Space | 329,95 Gb Free Space | 55,35% Space Free | Partition Type: NTFS
Drive D: | 111,78 Gb Total Space | 90,76 Gb Free Space | 81,19% Space Free | Partition Type: NTFS
Drive F: | 100,00 Mb Total Space | 50,10 Mb Free Space | 50,10% Space Free | Partition Type: NTFS
Drive K: | 1863,01 Gb Total Space | 1241,43 Gb Free Space | 66,64% Space Free | Partition Type: NTFS
Drive L: | 11,10 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: AMD-SERVER | User Name: Skynet-2010 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.03.29 18:11:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Skynet-2010\Desktop\OTL.exe
PRC - [2013.03.19 08:15:43 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.03.15 06:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013.03.14 22:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013.03.08 20:53:26 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013.02.25 16:39:57 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.02.25 16:39:47 | 000,565,472 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2013.02.25 16:39:44 | 000,374,496 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
PRC - [2013.02.25 16:39:44 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.01.16 21:58:48 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.10.01 04:07:18 | 003,246,040 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2012.08.22 15:59:57 | 000,123,320 | ---- | M] (Gemfor s.r.o.) -- C:\Program Files (x86)\Internet T-Mobile\Web'n'walk Manager\ameisvc.exe
PRC - [2012.08.22 14:12:37 | 001,368,768 | ---- | M] (Gemfor s.r.o.) -- C:\Program Files (x86)\Internet T-Mobile\Web'n'walk Manager\Manager.exe
PRC - [2012.07.30 10:48:16 | 001,518,504 | ---- | M] () -- C:\Program Files (x86)\Ashampoo - Hardisk Control\AHDDC2_Service.exe
PRC - [2011.10.13 06:01:20 | 000,394,744 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2011.10.13 06:00:22 | 005,574,456 | ---- | M] (Acronis) -- C:\Program Files (x86)\Manager - Acronis\Disk Backup\TrueImageMonitor.exe
PRC - [2011.08.22 13:44:48 | 001,421,216 | ---- | M] () -- C:\Program Files (x86)\Ashampoo - Core Tuner 2\ACT2Service.exe
PRC - [2010.07.07 15:17:00 | 002,156,952 | ---- | M] () -- C:\Program Files (x86)\Manager - Acronis\Disk Director\OSS\reinstall_svc.exe
PRC - [2010.02.12 09:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2007.02.10 11:17:30 | 002,607,616 | ---- | M] (Nimble Software) -- C:\Program Files (x86)\Auto - Tapety\awplite.exe


========== Modules (No Company Name) ==========

MOD - [2013.03.08 20:53:25 | 003,069,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.10.13 05:59:42 | 011,227,192 | ---- | M] () -- C:\Program Files (x86)\Acronis\TrueImageHome\Common\ti_managers.dll


========== Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Running] -- C:\Program Files\Antispyware -- (!SASCORE)
SRV:64bit: - [2013.01.24 22:43:06 | 003,724,472 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:64bit: - [2013.01.24 22:42:44 | 000,158,928 | ---- | M] (COMODO) [On_Demand | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe -- (cmdvirth)
SRV:64bit: - [2010.08.19 16:43:23 | 000,386,344 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe -- (RichVideo64)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.03.15 06:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.03.14 22:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013.03.13 09:17:17 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.08 20:53:25 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.02.25 16:39:57 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.02.25 16:39:47 | 000,565,472 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2013.02.25 16:39:44 | 000,374,496 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2013.02.25 16:39:44 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.02.25 07:39:32 | 000,543,144 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.02.10 19:49:12 | 003,808,960 | ---- | M] (SafeIP) [Disabled | Stopped] -- C:\Program Files (x86)\Safe IP\SafeIPS.exe -- (SafeIPS)
SRV - [2013.01.16 21:58:48 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013.01.08 15:19:46 | 000,161,536 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.10.01 04:07:18 | 003,246,040 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2012.09.30 00:25:43 | 000,079,360 | ---- | M] (Creative Labs) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2012.09.30 00:25:21 | 000,079,360 | ---- | M] (Creative Labs) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2012.08.22 15:59:57 | 000,123,320 | ---- | M] (Gemfor s.r.o.) [Auto | Running] -- C:\Program Files (x86)\Internet T-Mobile\Web'n'walk Manager\ameisvc.exe -- (ameisvc)
SRV - [2012.01.12 14:52:57 | 000,296,232 | ---- | M] (CyberLink) [Disabled | Stopped] -- C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe -- (CyberLink PowerDVD 12 Media Server Service)
SRV - [2012.01.12 14:52:55 | 000,087,336 | ---- | M] (CyberLink Corp.) [Disabled | Stopped] -- C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe -- (CLHNServiceForPowerDVD12)
SRV - [2012.01.12 14:52:55 | 000,075,048 | ---- | M] (CyberLink) [Disabled | Stopped] -- C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe -- (CyberLink PowerDVD 12 Media Server Monitor Service)
SRV - [2011.10.13 06:03:02 | 001,113,696 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2011.03.01 17:29:58 | 000,130,976 | ---- | M] (Futuremark Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.12 09:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | System | Running] -- C:\Program Files\Antispyware -- (SASKUTIL)
DRV:64bit: - File not found [Kernel | System | Running] -- C:\Program Files\Antispyware -- (SASDIFSV)
DRV:64bit: - [2013.03.15 06:53:06 | 000,448,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)
DRV:64bit: - [2013.03.06 15:16:41 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013.02.26 15:58:24 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.02.26 15:58:24 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.02.13 19:42:19 | 000,613,720 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2013.02.13 19:42:19 | 000,054,104 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi)
DRV:64bit: - [2013.01.16 19:51:44 | 000,023,176 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\cmderd.sys -- (cmderd)
DRV:64bit: - [2012.12.19 06:41:52 | 000,194,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.12.10 03:08:40 | 000,530,488 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012.11.25 14:58:33 | 000,272,448 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.10.25 18:09:22 | 000,029,528 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2012.10.25 18:09:22 | 000,029,016 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt)
DRV:64bit: - [2012.10.06 14:26:46 | 000,766,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012.10.01 04:07:18 | 000,285,280 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp)
DRV:64bit: - [2012.10.01 04:07:17 | 001,263,200 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpm273.sys -- (tdrpman273)
DRV:64bit: - [2012.10.01 04:07:17 | 000,970,336 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2012.10.01 04:07:15 | 000,277,088 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.08.13 16:49:40 | 000,178,008 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps)
DRV:64bit: - [2012.08.02 15:09:34 | 000,028,504 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2012.08.01 15:01:14 | 000,018,832 | ---- | M] (PenMount) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pmkbdfltr.sys -- (pmkbdfltr)
DRV:64bit: - [2012.07.31 01:04:12 | 000,690,832 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012.06.19 17:28:12 | 000,458,584 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:64bit: - [2012.03.07 00:59:14 | 000,030,312 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.17 15:43:28 | 000,011,904 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdide64.sys -- (amdide64)
DRV:64bit: - [2011.10.20 10:24:06 | 000,157,696 | ---- | M] (Matrox Graphics Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\MxEFUF64.sys -- (MxEFUF)
DRV:64bit: - [2011.09.09 11:51:36 | 000,218,624 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys -- (huawei_wwanecm)
DRV:64bit: - [2011.09.09 11:51:02 | 000,028,672 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl)
DRV:64bit: - [2011.09.09 11:51:00 | 000,098,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV:64bit: - [2011.09.09 11:51:00 | 000,087,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2011.04.15 19:37:50 | 000,079,488 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011.04.15 19:37:50 | 000,040,064 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 04:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.07.27 09:52:16 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2010.07.07 21:21:18 | 001,612,888 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ha20x22k.sys -- (ha20x22k)
DRV:64bit: - [2010.07.07 21:21:06 | 001,567,832 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ha20x2k.sys -- (ha20x2k)
DRV:64bit: - [2010.07.07 21:20:56 | 000,118,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia)
DRV:64bit: - [2010.07.07 21:20:48 | 000,213,080 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV:64bit: - [2010.07.07 21:20:40 | 000,015,960 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV:64bit: - [2010.07.07 21:16:32 | 000,179,288 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv)
DRV:64bit: - [2010.07.07 21:16:24 | 000,697,816 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k)
DRV:64bit: - [2010.07.07 21:16:14 | 000,580,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k)
DRV:64bit: - [2010.07.07 21:16:06 | 001,445,976 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS)
DRV:64bit: - [2010.07.07 21:16:06 | 001,445,976 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV:64bit: - [2010.07.07 21:15:56 | 000,095,320 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT.SYS)
DRV:64bit: - [2010.07.07 21:15:56 | 000,095,320 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV:64bit: - [2010.07.07 21:15:50 | 000,230,488 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT.SYS)
DRV:64bit: - [2010.07.07 21:15:50 | 000,230,488 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT)
DRV:64bit: - [2010.03.20 12:06:58 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV:64bit: - [2009.12.30 10:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.04 17:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009.04.03 06:39:58 | 000,034,872 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2008.03.14 11:56:04 | 000,088,064 | ---- | M] (Point Grey Research) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGR1394.sys -- (PGR1394b)
DRV:64bit: - [2005.09.23 21:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV:64bit: - [1999.12.31 17:00:00 | 000,101,504 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV - [2012.01.11 21:57:42 | 000,146,928 | ---- | M] (CyberLink Corp.) [2012/10/01 23:02:52] [Kernel | Auto | Running] -- C:\Program Files (x86)\Cyberlink\PowerDVD12\Common\NavFilter\000.fcl -- ({329F96B6-DF1E-4328-BFDA-39EA953C1312})
DRV - [2011.10.27 07:18:45 | 000,082,928 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys -- (ntk_PowerDVD12)
DRV - [2010.06.28 21:50:22 | 000,146,928 | ---- | M] (CyberLink Corp.) [2012/10/01 22:07:48] [Kernel | Auto | Running] -- C:\Program Files (x86)\Cyberlink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2239461738-3896735249-2566334241-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
IE - HKU\S-1-5-21-2239461738-3896735249-2566334241-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-2239461738-3896735249-2566334241-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2239461738-3896735249-2566334241-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
IE - HKU\S-1-5-21-2239461738-3896735249-2566334241-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "Google.cz"
FF - prefs.js..extensions.enabledAddons: translator%40zoli.bod:2.1.0.3
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130129
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java - KB\bin\plugin2\npjp2.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 20:53:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Components: C:\Program Files (x86)\E-Mail Klient\components [2013.02.21 13:08:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 20:53:26 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Components: C:\Program Files (x86)\E-Mail Klient\components [2013.02.21 13:08:05 | 000,000,000 | ---D | M]

[2012.09.30 01:24:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Skynet-2010\AppData\Roaming\Mozilla\Extensions
[2013.03.29 09:54:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Skynet-2010\AppData\Roaming\Mozilla\Firefox\Profiles\ynji0cny.default\extensions
[2013.03.18 06:51:15 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Skynet-2010\AppData\Roaming\Mozilla\Firefox\Profiles\ynji0cny.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013.03.29 09:54:24 | 002,358,379 | ---- | M] () (No name found) -- C:\Users\Skynet-2010\AppData\Roaming\Mozilla\Firefox\Profiles\ynji0cny.default\extensions\nasanightlaunch@example.com.xpi
[2012.11.17 15:28:42 | 000,060,290 | ---- | M] () (No name found) -- C:\Users\Skynet-2010\AppData\Roaming\Mozilla\Firefox\Profiles\ynji0cny.default\extensions\translator@zoli.bod.xpi
[2013.02.15 12:17:43 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Skynet-2010\AppData\Roaming\Mozilla\Firefox\Profiles\ynji0cny.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.03.08 20:53:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.03.08 20:53:26 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.02.22 14:27:28 | 000,002,421 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2013.02.22 14:27:28 | 000,000,851 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2013.02.22 14:27:28 | 000,001,580 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2013.02.22 14:27:28 | 000,000,867 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2013.02.22 14:27:28 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2013.01.07 13:47:01 | 000,445,034 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.123fporn.info
O1 - Hosts: 15284 more lines...
O2:64bit: - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2:64bit: - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\S-1-5-21-2239461738-3896735249-2566334241-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe (COMODO)
O4:64bit: - HKLM..\Run: [Služba Acronis Scheduler2] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Manager - Acronis\Disk Backup\TrueImageMonitor.exe (Acronis)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2239461738-3896735249-2566334241-1000..\Run: [awplite] C:\Program Files (x86)\Auto - Tapety\awplite.exe (Nimble Software)
O4 - HKU\S-1-5-21-2239461738-3896735249-2566334241-1009..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2239461738-3896735249-2566334241-1009..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\S-1-5-21-2239461738-3896735249-2566334241-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 33622048
O8:64bit: - Extra context menu item: E&xportovať do programu Microsoft Excel - C:\Program Files (x86)\Microsoft Office - 2007\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - C:\Program Files (x86)\Microsoft Office - 2007\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office - 2007\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\SafeIPs64.dll (SafeIP)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\SafeIPs64.dll (SafeIP)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\SafeIPs64.dll (SafeIP)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\SafeIPs64.dll (SafeIP)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000014 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000023 - C:\Windows\SysNative\SafeIPs64.dll (SafeIP)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000024 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\SafeIPs.dll (SafeIP)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\SafeIPs.dll (SafeIP)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\SafeIPs.dll (SafeIP)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\SafeIPs.dll (SafeIP)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\SysWow64\SafeIPs.dll (SafeIP)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: mojebanka.cz ([]https in Trusted sites)
O15 - HKLM\..Trusted Domains: mojebanka.cz ([etrading] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-2239461738-3896735249-2566334241-1000\..Trusted Domains: mojebanka.cz ([]https in Trusted sites)
O15 - HKU\S-1-5-21-2239461738-3896735249-2566334241-1000\..Trusted Domains: mojebanka.cz ([etrading] https in Trusted sites)
O15 - HKU\S-1-5-21-2239461738-3896735249-2566334241-1000\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2FCC251A-2C36-42FE-8F5F-1C6F942F3668}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{848EDAC4-0FA8-4087-8329-BEE3DE1DAC57}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BB9E5AD9-9C9E-60A6-EE59-C5F72FF09E6A}: NameServer = 93.153.117.33 93.153.117.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.01.07 12:29:07 | 000,047,344 | R--- | M] (Gemfor s.r.o.) - L:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2010.02.24 16:10:56 | 000,025,214 | R--- | M] () - L:\Autorun.ico -- [ CDFS ]
O32 - AutoRun File - [2011.11.22 19:57:26 | 000,000,238 | R--- | M] () - L:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{0038dd85-33c0-11e2-a5e5-001fd0d74acb}\Shell - "" = AutoRun
O33 - MountPoints2\{a4bf3307-0a93-11e2-91e9-001fd0d74acb}\Shell - "" = AutoRun
O33 - MountPoints2\{a4bf3311-0a93-11e2-91e9-001fd0d74acb}\Shell - "" = AutoRun
O33 - MountPoints2\{a4bf3311-0a93-11e2-91e9-001fd0d74acb}\Shell\AutoRun\command - "" = Z:\Autorun.exe
O33 - MountPoints2\{e8225902-0a81-11e2-9efb-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\L\Shell - "" = AutoRun
O33 - MountPoints2\Z\Shell - "" = AutoRun
O33 - MountPoints2\Z\Shell\AutoRun\command - "" = Z:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FFDS - ff_vfw.dll ()
Drivers32:64bit: VIDC.LAGS - lagarith.dll ( )
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.03.29 18:11:10 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Skynet-2010\Desktop\OTL.exe
[2013.03.29 17:48:19 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2013.03.29 12:22:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
[2013.03.29 12:22:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Diablo III
[2013.03.29 12:22:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2013.03.29 12:21:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2013.03.29 10:43:14 | 000,000,000 | ---D | C] -- C:\Users\Skynet-2010\Documents\Rsit
[2013.03.28 18:32:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Manager - 3D Vision
[2013.03.28 18:30:09 | 000,448,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvstusb.sys
[2013.03.28 18:30:01 | 015,508,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2013.03.28 18:30:00 | 013,088,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013.03.28 18:30:00 | 007,573,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013.03.28 18:30:00 | 006,271,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013.03.28 18:30:00 | 000,968,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2013.03.28 18:29:59 | 026,956,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013.03.28 18:29:59 | 020,542,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013.03.28 18:29:59 | 000,250,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2013.03.28 18:29:58 | 001,807,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6431422.dll
[2013.03.28 18:29:58 | 001,510,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6431422.dll
[2013.03.28 18:29:58 | 000,205,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2013.03.28 18:29:57 | 017,990,800 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013.03.28 18:29:57 | 015,042,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2013.03.28 18:29:57 | 002,728,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013.03.28 18:29:56 | 009,414,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013.03.28 18:29:56 | 007,959,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013.03.28 18:29:56 | 002,913,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013.03.28 18:29:56 | 002,355,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013.03.28 18:29:56 | 001,995,552 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013.03.28 18:29:51 | 025,256,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013.03.28 18:29:51 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013.03.28 18:29:50 | 002,539,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2013.03.28 18:18:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3 - Firewal
[2013.03.28 18:17:16 | 000,000,000 | --SD | C] -- C:\ProgramData\Shared Space
[2013.03.28 18:15:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2013.03.28 18:15:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo Downloader
[2013.03.28 18:15:36 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2013.03.28 18:09:57 | 000,000,000 | ---D | C] -- C:\ProgramData\DriverGenius
[2013.03.28 17:36:37 | 000,000,000 | ---D | C] -- C:\Users\Skynet-2010\AppData\Roaming\Avira
[2013.03.28 17:31:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1 - Antivirus
[2013.03.28 17:31:14 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.03.28 17:31:14 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.03.28 17:31:14 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.03.28 17:31:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2013.03.28 17:31:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2013.03.28 17:16:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Manager - Driver Genius
[2013.03.28 17:16:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver-Soft
[2013.03.28 17:12:43 | 000,000,000 | ---D | C] -- C:\Users\Skynet-2010\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Manager - Cleaner
[2013.03.28 17:12:41 | 000,000,000 | ---D | C] -- C:\Program Files\C-Cleaner
[2013.03.26 22:50:30 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2013.03.26 10:01:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2013.03.24 14:52:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2013.03.24 07:55:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS
[2013.03.24 07:55:58 | 000,000,000 | ---D | C] -- C:\Users\Skynet-2010\Documents\EA Games
[2013.03.24 06:33:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CAPCOM
[2013.03.20 00:46:17 | 000,094,208 | ---- | C] (Blizzard Entertainment) -- C:\Windows\DIIUnin.exe
[2013.03.20 00:41:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Diablo II
[2013.03.19 12:40:22 | 000,000,000 | ---D | C] -- C:\Users\Skynet-2010\AppData\Local\ElevatedDiagnostics
[2013.03.18 14:22:17 | 000,000,000 | -H-D | C] -- C:\Users\Skynet-2010\Documents\BFBC2
[2013.03.18 13:09:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2013.03.18 11:21:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2013.03.16 23:08:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Seagate
[2013.03.16 23:08:21 | 000,000,000 | ---D | C] -- C:\Users\Skynet-2010\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Manager - Disk HDD - Seagate
[2013.03.16 19:11:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Manager - Disk HDD - Regenator
[2013.03.16 19:11:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HDD Regenerator
[2013.03.16 09:26:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software - Safe IP
[2013.03.16 09:26:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Safe IP
[2013.03.16 09:13:16 | 000,000,000 | ---D | C] -- C:\Users\Skynet-2010\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Manager - Procesor AMD
[2013.03.16 09:13:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ashampoo - Core Tuner 2
[2013.03.16 06:13:41 | 000,540,864 | ---- | C] (SafeIP) -- C:\Windows\SysNative\SafeIPs64.dll
[2013.03.16 06:13:38 | 000,380,608 | ---- | C] (SafeIP) -- C:\Windows\SysWow64\SafeIPs.dll
[2013.03.14 22:07:52 | 000,559,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2013.03.14 05:55:04 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013.03.14 05:54:58 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013.03.14 05:54:58 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013.03.14 05:54:58 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.03.14 05:54:57 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.03.14 05:54:57 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.03.14 05:54:56 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013.03.14 05:54:56 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.03.14 05:54:56 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.03.14 05:54:56 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.03.14 05:54:55 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.03.14 05:54:55 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.03.14 05:54:55 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.03.14 05:54:54 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.03.14 05:54:54 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.03.14 05:54:54 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.03.14 05:54:54 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.03.14 05:54:53 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.03.14 05:54:53 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.03.14 05:54:53 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.03.14 05:54:53 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.03.14 05:54:52 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.03.14 05:54:52 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.03.14 05:54:51 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.03.14 05:54:51 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.03.14 05:54:51 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.03.14 05:54:51 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.03.14 05:54:51 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.03.14 05:54:51 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.03.14 05:54:50 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.03.14 05:54:50 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.03.14 05:54:45 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.03.14 05:54:45 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.03.14 05:54:45 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.03.14 05:54:45 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.03.14 05:54:45 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.03.14 05:54:44 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.03.14 05:54:44 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.03.14 05:54:44 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.03.14 05:54:44 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013.03.14 05:54:44 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.03.14 05:54:44 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.03.14 05:54:44 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.03.14 05:54:44 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.03.14 05:54:44 | 000,526,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.03.14 05:54:44 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.03.14 05:54:44 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.03.14 05:54:44 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.03.14 05:54:44 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.03.14 05:54:44 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.03.14 05:54:44 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.03.14 05:54:44 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.03.14 05:54:44 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.03.14 05:54:44 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.03.14 05:54:44 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.03.14 05:54:44 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.03.14 05:54:44 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.03.14 05:54:44 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.03.14 05:54:44 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.03.14 05:54:44 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.03.14 05:54:44 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.03.14 05:54:44 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.03.14 05:54:44 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.03.14 05:54:44 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.03.14 05:54:44 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.03.14 05:54:44 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.03.14 05:54:44 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013.03.14 05:54:44 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013.03.14 04:48:02 | 000,000,000 | -H-D | C] -- C:\Users\Skynet-2010\Links
[2013.03.14 04:46:01 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2013.03.14 04:39:35 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013.03.14 04:13:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Manager - Windows 7
[2013.03.14 04:13:33 | 000,000,000 | ---D | C] -- C:\Program Files\Manager - Windows 7
[2013.03.14 03:23:49 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft
[2013.03.13 10:29:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.03.08 20:53:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.03.07 21:32:56 | 000,000,000 | ---D | C] -- C:\Users\Skynet-2010\AppData\Roaming\Product_PT
[2013.03.07 20:57:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software - Skype Telefon
[2013.03.07 20:57:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.03.07 20:46:20 | 067,823,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe
[2013.03.06 05:50:17 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.03.06 05:49:56 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.03.06 05:49:56 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.03.06 05:49:56 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.03.06 05:49:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013.03.04 06:16:45 | 000,000,000 | ---D | C] -- C:\Users\Skynet-2010\AppData\Local\Nem's Tools
[2013.03.04 06:16:18 | 000,000,000 | ---D | C] -- C:\Program Files\Editor - VPK
[2013.03.03 19:14:57 | 000,000,000 | ---D | C] -- C:\Users\Skynet-2010\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Software - Editor Irfanview
[2013.03.03 19:02:23 | 000,287,840 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013.03.03 18:34:53 | 000,000,000 | R--D | C] -- C:\Users\Skynet-2010\X - Links
[2013.03.02 16:24:23 | 000,034,872 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\usbfilter.sys
[2013.03.02 16:24:23 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2013.03.02 16:24:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2013.03.02 16:24:14 | 000,016,440 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\drivers\AtiPcie.sys
[2013.02.27 23:15:44 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013.02.27 23:15:43 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013.02.27 23:15:43 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013.02.27 23:15:43 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013.02.27 23:15:38 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013.02.27 23:15:38 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013.02.27 23:15:36 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013.02.27 23:15:36 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013.02.27 23:15:36 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013.02.27 23:15:36 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.02.27 23:15:36 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.02.27 23:15:36 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.02.27 23:15:36 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.02.27 23:15:36 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.02.27 23:15:36 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.02.27 23:15:36 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.02.27 23:15:36 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.02.27 23:15:35 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013.02.27 23:15:35 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013.02.27 23:15:35 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013.02.27 23:15:35 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013.02.27 23:15:35 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013.02.27 23:15:35 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013.02.27 23:15:35 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013.02.27 23:15:35 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013.02.27 23:15:35 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013.02.27 23:15:35 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013.02.27 23:15:35 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.02.27 23:15:35 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.02.27 23:15:35 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.02.27 23:15:35 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.02.27 23:15:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.02.27 23:15:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.02.27 23:15:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013.02.27 23:15:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013.02.27 23:15:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.02.27 23:15:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.02.27 23:15:34 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013.02.27 23:15:34 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.02.27 23:15:34 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.02.27 23:15:34 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013.02.27 21:54:20 | 000,000,000 | ---D | C] -- C:\Users\Skynet-2010\AppData\Local\AMD
[2013.02.27 21:54:15 | 000,000,000 | ---D | C] -- C:\Users\Skynet-2010\AppData\Roaming\ATI
[2013.02.27 21:54:15 | 000,000,000 | ---D | C] -- C:\Users\Skynet-2010\AppData\Local\ATI
[2013.02.27 21:54:15 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013.02.27 21:49:23 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2013.02.27 21:48:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2013.02.27 21:48:01 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2013.02.27 21:29:51 | 000,000,000 | ---D | C] -- C:\Users\Skynet-2010\AppData\Local\SlimWare Utilities Inc
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
Nahoru
Lilly [FR]

Re: Kontrola Logu - Konflikt - Podezřeni Na Virus

#6 Příspěvek od Lilly [FR] »

========== Files - Modified Within 30 Days ==========

[2013.03.29 19:24:23 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.03.29 19:23:33 | 000,015,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.29 19:23:33 | 000,015,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.29 19:16:05 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.29 19:14:45 | 000,000,304 | ---- | M] () -- C:\Windows\tasks\Windows 7 Manager - Logon Background Changer.job
[2013.03.29 19:12:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.29 19:11:50 | 000,063,864 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000002-00000000-00000000-00001102-0000000B-00411102}.rfx
[2013.03.29 19:11:50 | 000,063,864 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000002-00000000-00000000-00001102-0000000B-00411102}.rfx
[2013.03.29 19:11:50 | 000,000,820 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000002-00000000-00000000-00001102-0000000B-00411102}.rfx
[2013.03.29 18:11:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Skynet-2010\Desktop\OTL.exe
[2013.03.28 21:14:42 | 001,584,890 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.03.28 21:14:42 | 000,669,160 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.03.28 21:14:42 | 000,654,904 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.03.28 21:14:42 | 000,140,796 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.03.28 21:14:42 | 000,121,776 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.03.27 23:20:30 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.03.21 03:53:46 | 001,474,832 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat
[2013.03.20 01:00:02 | 000,039,602 | ---- | M] () -- C:\Windows\DIIUnin.dat
[2013.03.20 00:46:17 | 000,094,208 | ---- | M] (Blizzard Entertainment) -- C:\Windows\DIIUnin.exe
[2013.03.20 00:46:17 | 000,002,829 | ---- | M] () -- C:\Windows\DIIUnin.pif
[2013.03.19 12:45:20 | 000,131,072 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2013.03.19 05:33:17 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.03.19 05:33:17 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.03.19 05:29:23 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013.03.18 13:34:02 | 002,434,856 | ---- | M] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2013.03.17 02:47:12 | 000,003,608 | ---- | M] () -- C:\Windows\SysWow64\SafeIPS.ini
[2013.03.17 02:47:12 | 000,001,928 | ---- | M] () -- C:\Windows\SysWow64\SafeIPSOff.ini
[2013.03.17 02:47:12 | 000,001,928 | ---- | M] () -- C:\Windows\SysNative\SafeIPSOff.ini
[2013.03.15 06:53:06 | 026,956,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013.03.15 06:53:06 | 025,256,736 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013.03.15 06:53:06 | 020,542,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013.03.15 06:53:06 | 017,990,800 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013.03.15 06:53:06 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013.03.15 06:53:06 | 015,508,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2013.03.15 06:53:06 | 015,042,928 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2013.03.15 06:53:06 | 013,088,000 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013.03.15 06:53:06 | 009,414,456 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013.03.15 06:53:06 | 007,959,000 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013.03.15 06:53:06 | 007,573,816 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013.03.15 06:53:06 | 006,271,872 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013.03.15 06:53:06 | 002,913,056 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013.03.15 06:53:06 | 002,864,144 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2013.03.15 06:53:06 | 002,728,736 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013.03.15 06:53:06 | 002,539,128 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2013.03.15 06:53:06 | 002,355,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013.03.15 06:53:06 | 001,995,552 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013.03.15 06:53:06 | 001,807,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6431422.dll
[2013.03.15 06:53:06 | 001,510,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6431422.dll
[2013.03.15 06:53:06 | 001,118,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2013.03.15 06:53:06 | 000,968,408 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2013.03.15 06:53:06 | 000,448,288 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvstusb.sys
[2013.03.15 06:53:06 | 000,250,504 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2013.03.15 06:53:06 | 000,205,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2013.03.15 06:53:06 | 000,017,738 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2013.03.15 05:16:18 | 003,477,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2013.03.15 05:16:17 | 006,398,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2013.03.15 05:16:10 | 002,555,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2013.03.15 05:16:10 | 000,237,856 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2013.03.15 05:16:10 | 000,063,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2013.03.14 22:07:52 | 000,559,904 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2013.03.14 08:56:22 | 000,060,586 | ---- | M] () -- C:\Windows\SysNative\drivers\fvstore.dat
[2013.03.14 05:55:04 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013.03.14 05:54:58 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013.03.14 05:54:58 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013.03.14 05:54:58 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.03.14 05:54:57 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.03.14 05:54:57 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.03.14 05:54:56 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013.03.14 05:54:56 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.03.14 05:54:56 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.03.14 05:54:56 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.03.14 05:54:55 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.03.14 05:54:55 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.03.14 05:54:55 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.03.14 05:54:54 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.03.14 05:54:54 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.03.14 05:54:54 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.03.14 05:54:54 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.03.14 05:54:53 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.03.14 05:54:53 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.03.14 05:54:53 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.03.14 05:54:53 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.03.14 05:54:52 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.03.14 05:54:52 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.03.14 05:54:51 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.03.14 05:54:51 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.03.14 05:54:51 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.03.14 05:54:51 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.03.14 05:54:51 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.03.14 05:54:51 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.03.14 05:54:50 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.03.14 05:54:50 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.03.14 05:54:50 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.03.14 05:54:45 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.03.14 05:54:45 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.03.14 05:54:45 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.03.14 05:54:45 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.03.14 05:54:45 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.03.14 05:54:44 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.03.14 05:54:44 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.03.14 05:54:44 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.03.14 05:54:44 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013.03.14 05:54:44 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.03.14 05:54:44 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.03.14 05:54:44 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.03.14 05:54:44 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.03.14 05:54:44 | 000,526,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.03.14 05:54:44 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.03.14 05:54:44 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.03.14 05:54:44 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.03.14 05:54:44 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.03.14 05:54:44 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.03.14 05:54:44 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.03.14 05:54:44 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.03.14 05:54:44 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.03.14 05:54:44 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.03.14 05:54:44 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.03.14 05:54:44 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.03.14 05:54:44 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.03.14 05:54:44 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.03.14 05:54:44 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.03.14 05:54:44 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.03.14 05:54:44 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.03.14 05:54:44 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.03.14 05:54:44 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.03.14 05:54:44 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.03.14 05:54:44 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.03.14 05:54:44 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.03.14 05:54:44 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013.03.14 05:54:44 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013.03.14 05:54:44 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013.03.14 04:46:01 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2013.03.13 17:24:01 | 003,065,455 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2013.03.13 09:17:17 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.03.13 09:17:17 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.03.07 00:32:22 | 000,287,840 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013.03.06 15:16:41 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.03.06 05:49:51 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.03.06 05:49:50 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013.03.06 05:49:50 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.03.06 05:49:50 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.03.06 05:49:50 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.03.06 05:49:50 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.03.29 19:24:23 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.03.20 00:46:18 | 000,039,602 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2013.03.20 00:46:17 | 000,002,829 | ---- | C] () -- C:\Windows\DIIUnin.pif
[2013.03.19 12:45:10 | 000,131,072 | ---- | C] () -- C:\Windows\SysNative\Ikeext.etl
[2013.03.18 13:34:02 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2013.03.17 00:58:19 | 000,003,608 | ---- | C] () -- C:\Windows\SysWow64\SafeIPS.ini
[2013.03.17 00:58:19 | 000,001,928 | ---- | C] () -- C:\Windows\SysWow64\SafeIPSOff.ini
[2013.03.17 00:58:19 | 000,001,928 | ---- | C] () -- C:\Windows\SysNative\SafeIPSOff.ini
[2013.03.14 09:00:04 | 000,001,410 | ---- | C] () -- C:\Users\Skynet-2010\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013.03.14 05:54:50 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.03.14 05:54:44 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013.03.14 05:07:36 | 000,060,586 | ---- | C] () -- C:\Windows\SysNative\drivers\fvstore.dat
[2013.03.14 04:47:56 | 001,474,832 | ---- | C] () -- C:\Windows\SysNative\drivers\sfi.dat
[2013.03.04 06:16:19 | 000,001,010 | ---- | C] () -- C:\Users\Skynet-2010\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nástroj - Vpk.lnk
[2013.03.03 19:02:23 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2013.02.25 22:09:41 | 000,000,884 | ---- | C] () -- C:\Users\Skynet-2010\D - Video.lnk
[2013.02.25 22:09:38 | 000,000,881 | ---- | C] () -- C:\Users\Skynet-2010\C - Hudba.lnk
[2013.02.25 22:09:34 | 000,000,898 | ---- | C] () -- C:\Users\Skynet-2010\B - Obrázky.lnk
[2013.02.25 22:05:12 | 000,000,909 | ---- | C] () -- C:\Users\Skynet-2010\A - Dokumenty.lnk
[2013.01.16 02:54:48 | 002,580,552 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2013.01.16 02:45:42 | 000,215,128 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.01.16 02:45:40 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.12.26 13:43:48 | 000,000,000 | ---- | C] () -- C:\Users\Skynet-2010\AppData\Roaming\FileOut.cns
[2012.12.26 13:43:48 | 000,000,000 | ---- | C] () -- C:\Users\Skynet-2010\AppData\Roaming\FileIn.cns
[2012.12.15 07:40:44 | 000,000,315 | ---- | C] () -- C:\Users\Skynet-2010\AppData\Roaming\GPU MeterV2_Settings.ini
[2012.12.01 22:19:05 | 000,000,803 | ---- | C] () -- C:\Users\Skynet-2010\AppData\Roaming\Drives Meter_Settings.ini
[2012.12.01 22:15:53 | 000,000,119 | ---- | C] () -- C:\Users\Skynet-2010\AppData\Roaming\Network Monitor II_Traffic.ini
[2012.12.01 22:04:31 | 000,000,691 | ---- | C] () -- C:\Users\Skynet-2010\AppData\Roaming\Network Monitor II_Settings.ini
[2012.12.01 20:46:10 | 000,000,436 | ---- | C] () -- C:\Users\Skynet-2010\AppData\Roaming\Network Meter_Settings.ini
[2012.11.18 10:39:04 | 000,000,017 | ---- | C] () -- C:\Users\Skynet-2010\AppData\Local\resmon.resmoncfg
[2012.11.18 09:00:07 | 000,001,389 | R--- | C] () -- C:\Windows\cm108.ini
[2012.11.17 17:59:26 | 000,000,436 | ---- | C] () -- C:\Users\Skynet-2010\AppData\Roaming\Drives Monitor_Settings.ini
[2012.10.03 02:42:13 | 000,000,457 | ---- | C] () -- C:\Users\Skynet-2010\AppData\Roaming\All CPU Meter_Settings.ini
[2012.10.01 23:07:29 | 000,003,584 | ---- | C] () -- C:\Users\Skynet-2010\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.10.01 13:45:15 | 001,563,176 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.09.30 00:31:07 | 000,177,664 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2012.09.30 00:31:07 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2012.09.30 00:30:57 | 000,000,285 | ---- | C] () -- C:\Windows\SysWow64\kill.ini
[2012.09.30 00:30:57 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.08.21 14:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.08.21 14:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.08.21 14:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012.10.01 04:20:08 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\Acronis
[2012.10.01 13:30:58 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\AMS Software
[2012.10.01 16:02:41 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\Ashampoo
[2012.10.01 16:29:16 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\Canneverbe Limited
[2013.03.28 00:16:49 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\DAEMON Tools Pro
[2012.12.09 08:04:06 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\ESET
[2012.10.03 05:24:14 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\GHISLER
[2013.03.27 23:02:03 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\IrfanView
[2012.11.18 07:08:27 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\Marine Aquarium 3
[2012.10.03 05:47:41 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\mkvtoolnix
[2013.03.24 15:29:20 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\Origin
[2012.10.01 20:51:38 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\Prehravač - Winamp
[2013.03.07 21:32:56 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\Product_PT
[2012.12.18 22:47:11 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\Smart PC Solutions
[2012.10.02 17:14:54 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\Stellarium
[2012.10.02 11:48:08 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\Thunderbird
[2012.12.18 12:48:33 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\TuneUp Software
[2012.12.30 09:36:13 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\Ubisoft
[2012.10.02 17:09:42 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\Ulozto File Manager
[2013.03.16 07:54:11 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\uTorrent

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,602 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.10.01 14:46:24 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.02.22 16:01:40 | 000,000,304 | ---- | C] () -- C:\Windows\Tasks\Windows 7 Manager - Logon Background Changer.job

< >

< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 04:24:28 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 04:24:28 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 03:16:56 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 03:16:56 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 00:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 00:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 00:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2012.06.02 05:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2012.04.24 05:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2010.11.20 04:26:00 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012.04.24 05:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2012.06.02 06:32:25 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=456107D69D4EE850A559434F19EFEE65 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_d2beeccacd6d6c07\cryptsvc.dll
[2012.04.24 06:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[2012.04.24 05:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[2012.06.04 08:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2009.07.14 02:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2012.06.02 05:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\SysWOW64\cryptsvc.dll
[2012.06.02 05:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012.06.02 06:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\SysNative\cryptsvc.dll
[2012.06.02 06:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 03:18:26 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2012.04.24 06:22:32 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=B7337E9C9E5936355BB700AA33E0936E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll
[2012.06.02 06:25:12 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=BAF19B633933A9FB4883D27D66C39E9A -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_d22a7e2db457eb07\cryptsvc.dll
[2012.04.24 06:36:46 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=CE8BF1423AEE47DA5275FBC8AD3BD642 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_d2773c98cda297d3\cryptsvc.dll
[2012.06.02 05:41:59 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=EA8C26ECF1656D9647EF044F115EC6DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll
[2012.04.24 06:59:45 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=F02786B66375292E58C8777082D4396D -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_d24deecfb43ce339\cryptsvc.dll
[2012.06.02 05:45:21 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=F2FDE6C8DBAAD44CC58D1E07E4AF4EED -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll
[2012.04.24 05:33:53 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=F522279B4717E2BFF269C771FAC2B78E -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2010.03.12 22:47:22 | 000,006,440 | ---- | M] () MD5=ACD301711FC165ED77A8D364D407BAF9 -- C:\Program Files\CyberLink\PowerDirector10\EventLog.dll

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 03:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.20 04:24:46 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 04:33:36 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 04:33:36 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTORV.SYS >
[2010.11.20 04:33:40 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 04:33:40 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 07:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 07:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2011.11.17 08:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_028b374176436a30\lsass.exe
[2011.11.17 08:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_02756f8b7653d554\lsass.exe
[2012.08.24 18:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2012.06.04 08:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2012.06.02 06:30:31 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=BF63CE11A25F3509129888710D5111FC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_0309de288f695654\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\SysNative\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe
[2011.11.17 07:42:52 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D21BD47E528CD62E79311FB5DF0150E6 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_02bb2a0a8fa4d398\lsass.exe

< MD5 for: NDIS.SYS >
[2012.08.22 19:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012.08.22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012.08.22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010.11.20 04:33:46 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009.07.14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 04:27:24 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 04:27:24 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 03:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 03:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009.07.14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2010.11.20 04:33:50 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 04:33:50 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 07:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2011.03.11 07:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2011.03.11 07:25:53 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 07:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 04:33:50 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 04:33:50 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 03:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 03:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 04:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 04:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2010.11.20 04:33:58 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.01.04 06:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2012.03.30 11:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2012.03.30 12:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2013.01.03 06:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2012.08.22 19:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 11:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2012.03.30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.01.03 07:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.01.03 07:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 06:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2012.08.22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 03:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 03:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 04:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 04:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 04:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 04:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.20 04:27:30 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.20 04:27:30 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009.07.14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010.11.20 03:21:40 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.20 03:21:40 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[62 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2011.08.08 17:56:56 | 000,434,176 | ---- | M] (Alex Schepeljanski) -- C:\Test - SSD Benchmark.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.10.01 04:20:08 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\Acronis
[2012.10.02 11:46:52 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\Adobe
[2012.10.01 13:30:58 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\AMS Software
[2012.10.01 16:02:41 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\Ashampoo
[2013.02.27 21:54:15 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\ATI
[2013.03.28 17:36:37 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\Avira
[2012.10.01 16:29:16 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\Canneverbe Limited
[2012.09.30 12:09:03 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\Creative
[2012.10.01 22:07:49 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\CyberLink
[2013.03.28 00:16:49 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\DAEMON Tools Pro
[2012.12.09 08:04:06 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\ESET
[2012.10.03 05:24:14 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\GHISLER
[2012.09.29 23:17:17 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\Identities
[2012.10.01 04:59:17 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\InstallShield
[2013.03.27 23:02:03 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\IrfanView
[2012.10.01 05:03:49 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\Macromedia
[2012.11.18 07:08:27 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\Marine Aquarium 3
[2009.07.14 16:36:31 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\Media Center Programs
[2012.12.20 08:33:01 | 000,000,000 | --SD | M] -- C:\Users\Skynet-2010\AppData\Roaming\Microsoft
[2012.10.03 05:47:41 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\mkvtoolnix
[2012.09.30 01:24:16 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\Mozilla
[2012.10.01 05:36:00 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\NVIDIA
[2013.03.24 15:29:20 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\Origin
[2012.10.01 20:51:38 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\Prehravač - Winamp
[2013.03.07 21:32:56 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\Product_PT
[2012.10.02 12:51:01 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\RealWorld
[2013.03.07 21:04:29 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\Skype
[2012.12.18 22:47:11 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\Smart PC Solutions
[2012.10.02 17:14:54 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\Stellarium
[2012.10.01 11:32:53 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\SUPERAntiSpyware.com
[2012.10.02 11:48:08 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\Thunderbird
[2012.12.18 12:48:33 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\TuneUp Software
[2012.12.30 09:36:13 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\Ubisoft
[2012.10.02 17:09:42 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\Ulozto File Manager
[2013.03.16 07:54:11 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\uTorrent
[2012.10.01 11:10:18 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2012.10.01 18:28:34 | 000,029,926 | R--- | M] () -- C:\Users\Skynet-2010\AppData\Roaming\Microsoft\Installer\{6DE721A5-5E89-4D74-994C-652BB3C0672E}\ARPPRODUCTICON.exe
[2013.03.16 23:08:21 | 000,011,264 | R--- | M] () -- C:\Users\Skynet-2010\AppData\Roaming\Microsoft\Installer\{98613C99-1399-416C-A07C-1EE1C585D872}\Icon98613C992.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.03.27 23:20:30 | 000,000,000 | ---- | M] () -- C:\Windows\system32\config.nt

< %SYSTEMDRIVE%\*.exe >
[2011.08.08 17:56:56 | 000,434,176 | ---- | M] (Alex Schepeljanski) -- C:\Test - SSD Benchmark.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 04:25:18 | 001,475,584 | ---- | M] (Microsoft Corporation)
"awplite" = C:\Program Files (x86)\Auto - Tapety\awplite.exe -- [2007.02.10 11:17:30 | 002,607,616 | ---- | M] (Nimble Software)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.03.29 19:24:23 | 000,000,512 | ---- | M] () MD5=721D48D4A1FE0A0FCD6949B2A29A454B -- C:\PhysicalMBR.bin

========== Alternate Data Streams ==========

@Alternate Data Stream - 175 bytes -> C:\ProgramData\Temp:1AAB2E68
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:B755D674
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:CC2DDA0D

< End of report >
Nahoru
Lilly [FR]

Re: Kontrola Logu - Konflikt - Podezřeni Na Virus

#7 Příspěvek od Lilly [FR] »

OTL Extras logfile created on: 29.3.2013 19:22:05 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Skynet-2010\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16521)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

6,00 Gb Total Physical Memory | 4,26 Gb Available Physical Memory | 71,07% Memory free
15,43 Gb Paging File | 13,58 Gb Available in Paging File | 88,01% Paging File free
Paging file location(s): c:\pagefile.sys 0 0d:\pagefile.sy [Binary data over 200 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 596,07 Gb Total Space | 329,95 Gb Free Space | 55,35% Space Free | Partition Type: NTFS
Drive D: | 111,78 Gb Total Space | 90,76 Gb Free Space | 81,19% Space Free | Partition Type: NTFS
Drive F: | 100,00 Mb Total Space | 50,10 Mb Free Space | 50,10% Space Free | Partition Type: NTFS
Drive K: | 1863,01 Gb Total Space | 1241,43 Gb Free Space | 66,64% Space Free | Partition Type: NTFS
Drive L: | 11,10 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: AMD-SERVER | User Name: Skynet-2010 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2239461738-3896735249-2566334241-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office - 2007\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\Photo Editor - IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office - 2007\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\Photo Editor - IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09E95CB1-0294-4ABF-BB3B-56C0F4E380BB}" = rport=445 | protocol=6 | dir=out | app=system |
"{0C244269-81D3-4D7B-9DCE-85BFB7CBC231}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office - 2007\office12\outlook.exe |
"{23C48AD3-AEF9-463A-9C74-4DEEDD65E6ED}" = rport=139 | protocol=6 | dir=out | app=system |
"{23D103BB-3E8E-435F-BEB1-B8BAC996FF5F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{262C7378-E697-4E4B-B8F3-D78F24D205A2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2D5CCB29-24A4-4CAC-BBBF-CEEDBC6098B3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{52EB8E8E-FFB9-4616-B8B0-49F5C7995025}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{540B664F-C4A8-427A-BCEF-12A48243AF00}" = lport=137 | protocol=17 | dir=in | app=system |
"{648AF056-5856-451F-978E-D75F55BED73B}" = lport=139 | protocol=6 | dir=in | app=system |
"{69D9F9DA-4555-4C05-A9C1-C91143EFA6B2}" = rport=138 | protocol=17 | dir=out | app=system |
"{AAFE861E-DF80-457A-A542-B876D10C83F9}" = lport=445 | protocol=6 | dir=in | app=system |
"{B3698B3F-D06A-4F82-959C-56E6939BCDD0}" = rport=137 | protocol=17 | dir=out | app=system |
"{CA1C7D45-58C3-4652-8EAE-35B11FAC8F70}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D1302FD3-DD17-4F0A-AFC7-BDDFF6D54715}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{DB815637-36C1-4031-B05E-585B09C03F4E}" = lport=138 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{076980B7-D1B7-4B20-BA7C-11F14DEAFAFB}" = protocol=17 | dir=in | app=c:\program files (x86)\capcom\resident evil 5\re5dx9.exe |
"{0E9E6870-54DE-4889-8973-A66A43294F0D}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle - studio 15\programs\rm.exe |
"{0EC11258-7CB4-4AF7-8933-7228FE34BC36}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12ml.exe |
"{0FE2A3F7-982B-476B-B705-5857473A2EFE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{11F22EFE-83E4-4A8A-82B7-8EDD9333721F}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{15FBFD3A-167C-4D62-ADC6-0FB259CB815C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crysis\bin32\crysis.exe |
"{21E04BDC-DA88-4A5C-8B30-02C5532FB9DD}" = protocol=6 | dir=in | app=c:\program files (x86)\klient - torrent\utorrent.exe |
"{2319051B-D24D-49C9-B1F6-C5F9EB4C2555}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{2A8279F0-B435-4A6A-AE7D-436183AA9D8D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dead island\deadislandgame.exe |
"{3101B2A2-79FB-4D89-A372-BD73CD320576}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{333B5FBE-88FA-4D85-A7AA-EC018F292D87}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{35D299FD-55CC-413F-9404-617096B327EF}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{35D71A37-3251-46EF-8F1B-552CAA190E13}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12agent.exe |
"{395EEA9A-04AB-4B1C-9AE1-060D773FCCAE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2launcher.exe |
"{3B331216-8EA9-4EAE-B96E-DB6CB5E40F61}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12.exe |
"{3FCC614A-BC3D-40F6-ADD2-4B6D2077294A}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{3FF1B163-5266-409E-B719-C215FBF60865}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\star wars the force unleashed\swtfu launcher.exe |
"{400B1C51-3FA8-43DC-A5A7-1122571E7861}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{43E521D9-994D-45D2-9BAC-395E0F6A97A7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{44C1070D-66AA-4AD8-A730-EFB5BBF3B296}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{48958F31-5857-4606-AA7E-DD0D5113C21C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life\hl.exe |
"{48B58C7B-5742-4088-B4A7-0C788CA247D1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{491B3B71-10F2-46E1-86D4-E4552B1405D6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crysis warhead\bin32\crysis.exe |
"{4CDEEED3-7883-4F0E-BA15-9E2561102EED}" = protocol=17 | dir=in | app=c:\program files (x86)\f1 - 2010\f1_2010_game.exe |
"{4D2905FC-A121-4D0B-83EC-2405BFB5A801}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{50515E75-517A-49B9-9884-DB8FD3D34633}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle - studio 15\programs\studio.exe |
"{50F7BDB2-C710-4D4B-B9A3-2936DDFCDEEB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{51DA0D0D-AD1C-4DB3-AD95-B2D8D58F30A9}" = dir=in | app=c:\program files\cyberlink\powerdirector10\pdr10.exe |
"{520E960F-F933-4C2F-85E2-7C92140CC2BD}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{5379960D-8372-452A-9989-C712E086DE9F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shattered_horizon\client_exe\shattered_horizon.exe |
"{5DC555D8-B616-4A69-BFCC-CA5DD533121D}" = protocol=6 | dir=in | app=c:\program files (x86)\f1 - 2010\f1_2010_game.exe |
"{5EE60125-3618-46D9-9E36-AA650853001F}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{5FEC8331-0890-45FC-A00C-47B60795CA79}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle - studio 15\programs\rm.exe |
"{68665DEF-4BC0-4E49-8DE5-15274CE05EA7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe |
"{6E1DFE13-2982-4C80-A684-B1A46B6317C5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6E71B035-1592-4D64-B4A2-6D74F6747DEB}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{709E3F45-4294-4103-9861-AAAE12C579E6}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{74C7CC24-8406-4EF9-83EA-44E4BC148167}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\titan quest immortal throne\tqit.exe |
"{754E2C0D-8A4D-4C8F-A0A7-CBB514C3F2EF}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{792B4457-0A76-4202-825A-3695A7D06CF4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{7DD84D94-34D2-4880-9D94-4E36D1EACD0F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sniper elite v2\bin\sniperelitev2.exe |
"{809F68AD-433C-47E0-844A-DBE52A09FBAE}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{85588AE4-9F16-431C-9E97-5AB0EACF3324}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{86564F2D-EB73-4398-A8A7-BF4F14D77C78}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle - studio 15\programs\umi.exe |
"{87A23875-1BEF-4047-AE9B-0545DEAA87E8}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{8A276CC6-7DD4-4D8B-BFE6-CC3753B5A292}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\movie\powerdvd cinema\powerdvdcinema12.exe |
"{8B715867-C641-4A38-9E2E-FE5EFB5AE919}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{8D90FF42-54C3-4D47-83E3-35504A859C8A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\star wars the force unleashed\swtfu launcher.exe |
"{91113E45-F25A-4938-8217-697838762269}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life\hl.exe |
"{96B2F4B8-6206-4DD9-9409-BB84A22C793A}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dmr\powerdvd12dmrengine.exe |
"{9ACC6861-B166-4541-B6E3-720AF8BD7928}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{9BEBB11F-6BC3-49C0-B1FD-D7955B6722FD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{A470A912-3AF0-47A5-8DC1-BF26F0E8EFDF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sniper elite v2\bin\sniperelitev2.exe |
"{A716CE31-D76E-48B3-A4BF-E9857B083C5E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\titan quest\titan quest.exe |
"{A81A442D-CA30-482F-8889-F422B04CD6C9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crysis\bin32\crysis.exe |
"{ABAAD27A-B7C9-4069-8DBB-29E0995D112A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\star wars the force unleashed 2\swtfu2.exe |
"{AEBF0D3C-5B39-4616-BB51-8F9406246AE3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dead island\deadislandgame.exe |
"{B176F7A2-A98F-4A63-AD12-4860CFDCFB25}" = protocol=17 | dir=in | app=c:\program files (x86)\klient - torrent\utorrent.exe |
"{B40D0C7B-4F65-43DF-8444-8344C8866CC1}" = protocol=17 | dir=in | app=c:\program files (x86)\capcom\resident evil 5\re5dx10.exe |
"{B4EC4F34-FAF9-4700-935D-4A2022F089DC}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{B91ACFFA-6231-4E48-9DEE-045111A65D24}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shattered_horizon\client_exe\shattered_horizon.exe |
"{BA8F0054-2D08-47CA-B2E6-767B4C5C409B}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dms\clmsserverpdvd12.exe |
"{BA9927DB-A0ED-4EC7-8AFF-290C48190E81}" = protocol=17 | dir=in | app=c:\program files (x86)\resident evil - operation raccoon city\raccooncity.exe |
"{BEA6ABF1-2697-4396-9E99-196CF3D7F45C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{BF44EAE3-1CDB-48D1-B355-BB84683BFC25}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C29A69B2-F085-4DA2-9DEA-F1A7CB78997C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\titan quest immortal throne\tqit.exe |
"{C4301871-EBC1-45E0-A2EF-37E443943C2E}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle - studio 15\programs\umi.exe |
"{C7705321-E38E-41A6-8040-474E4143218B}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle - studio 15\programs\studio.exe |
"{CCC4CC34-7779-410E-A469-5B32EC14E5E8}" = protocol=6 | dir=in | app=c:\program files (x86)\capcom\resident evil 5\re5dx10.exe |
"{CCF992A6-A0BE-4E4E-9660-10876AC3002F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe |
"{D08D1200-7C81-4075-BA96-3A8DF6BF1605}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2launcher.exe |
"{DB490496-9160-41F1-ADDE-FED800B7B757}" = protocol=6 | dir=in | app=c:\program files (x86)\capcom\resident evil 5\re5dx9.exe |
"{E4C60BDC-C4B3-4B20-BF3C-441B184077B6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{E9354DAC-6707-4E38-8427-4199819A8A96}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\star wars the force unleashed 2\swtfu2.exe |
"{EAA61088-6A74-4567-BCDF-5C958346ECBA}" = protocol=6 | dir=in | app=c:\program files (x86)\resident evil - operation raccoon city\raccooncity.exe |
"{EC52D60D-5941-4D74-B67D-731CC2AF55AE}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{F2C0769B-44F1-432F-93B9-CCB7A96D1AB0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crysis warhead\bin32\crysis.exe |
"{F30C4786-6DBB-4AD4-86BE-BCCFA3E1315A}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{FAE5BBE1-F233-4CF1-8DEE-5451F3E22E83}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\titan quest\titan quest.exe |
"{FB53C2CD-E0A3-42A3-A766-37E82C214E94}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{FBE327C4-A8FD-40B6-8467-A00850AB7F04}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\uplaybrowser.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{5E5B7F6D-69D9-4D95-85EC-EB29F1CA280B}" = Windows 7 Manager
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 3.0.1
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Ovladače videa společnosti Pinnacle
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-041B-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovak) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.23.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BCC0552D-76C0-4130-BFBD-49BE49ACC594}" = COMODO Internet Security
"{C3AE9CC5-9040-A242-7D5D-D058453FD96F}" = AMD Catalyst Install Manager
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{E8C64028-08E5-4BF0-B1C0-DBAAC6A77DF1}" = PowerDirector
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"GCFScape_is1" = GCFScape 1.8.4
"KLiteCodecPack64_is1" = K-Lite Codec Pack 9.3.0 (64-bit)
"MediaInfo" = MediaInfo 0.7.61
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NewBlue Art Effects for PDR10" = Art Effects for PDR10
"Speccy" = Speccy
"Stellarium_is1" = Stellarium 0.11.4
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}" = Acronis True Image Home 2011
"{06D085C8-1F00-11B2-96A7-8f0CE39193ED}" = Intel® SSD Toolbox
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1362E602-9625-42D3-B57F-CDA9D26F9DA8}" = Pinnacle Studio 15
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20188C9F-02A9-4A7E-8A70-F3F4C5E9E0D4}" = SSDlife Pro
"{20288888-A7AF-4B24-8AEB-398D20CD563C}" = Sound Blaster X-Fi
"{2445981B-A23B-4A0E-AD15-3D391BDAEC3E}" = HDD Regenerator
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}" = CyberLink WaveEditor
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM)
"{43430FA1-12BB-4D88-862E-4F1000008400}" = Resident Evil: Operation Raccoon City
"{43430FA1-388E-4359-A6DB-DA1000048401}" = Resident Evil: Operation Raccoon City
"{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010
"{434D0831-A4CC-401A-9E74-621000018401}" = F1 2010
"{4441574D-727E-4DD3-AAFD-4E240EE3B588}" = CyberLink Holiday Pack Vol. 3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{5588D686-D23B-4C9D-BDFA-2A7875CD3722}" = GIGABYTE OC_GURU
"{587A2120-41D3-11DB-3D6C-00E19E4D4AE1}" = MSTS Patch 1.7.00819
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74835B0B-1F98-42ED-AD53-8B1F8C2627AD}" = Intel(R) Update Manager
"{74F07082-38DB-4E42-A6B6-CA617E21B033}_is1" = AllWallpapers Lite 2.0
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{82809116-D1EE-443C-AE31-F19E709DDF7A}" = AMD USB Filter Driver
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_STANDARD_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_STANDARD_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}_STANDARD_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_STANDARD_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_STANDARD_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_STANDARD_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARD_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_STANDARD_{0AD4BB83-13B4-4C9D-9BAC-7F64E0B2D5D7}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_STANDARD_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_STANDARD_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-041B-1000-0000000FF1CE}_STANDARD_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_STANDARD_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CCC78EF-027E-40E0-9B61-39932C65E3FE}" = Acronis Disk Director Home
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AABB78C0-A435-486A-84E3-17E6684828C2}" = CyberLink PowerDirector 10 Content Pack II
"{AC08BBA0-96B9-431A-A7D0-D8598E493775}" = RESIDENT EVIL 5
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Czech
"{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C40C3C3D-97CF-44B5-836C-766E374464B3}" = 3DMark Vantage
"{C82D8932-EB28-4da6-9582-33D515D46F04}" = Huawei Drivers
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.4 Game
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5F05232-96B6-4552-A480-785A60A94B21}" = System Requirements Lab CYRI
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F241EC95-C81A-466E-8006-6B0B364B07A0}" = PCMark Vantage
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Ashampoo Core Tuner 2_is1" = Ashampoo Core Tuner 2 2.0.1
"Ashampoo HDD Control 2_is1" = Ashampoo HDD Control 2 2.09
"Ashampoo Music Studio 4_is1" = Ashampoo Music Studio 4 v.4.0.5
"Ashampoo Video Styler_is1" = Ashampoo Video Styler 1.0.0
"AudioCS" = Creative Audio Control Panel
"Avira AntiVir Desktop" = Avira Antivirus Premium
"ColorCastFX for Digital Cameras_is1" = ColorCastFX for Digital Cameras
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
"DAEMON Tools Pro" = DAEMON Tools Pro
"Diablo II" = Diablo II
"Diablo III" = Diablo III
"Dolby Digital Live Pack" = Dolby Digital Live Pack
"DreamLight Photo Editor_is1" = DreamLight Photo Editor 4.2
"Driver Genius_is1" = Driver Genius
"DTS Connect Pack" = DTS Connect Pack
"EximiousSoft Banner Maker_is1" = EximiousSoft Banner Maker V3.02
"FormatFactory" = FormatFactory 3.0.1
"GFWL_{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}" = CyberLink WaveEditor
"InstallShield_{5588D686-D23B-4C9D-BDFA-2A7875CD3722}" = GIGABYTE OC_GURU
"InstallShield_{AABB78C0-A435-486A-84E3-17E6684828C2}" = CyberLink PowerDirector 10 Content Pack II
"InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"IrfanView" = IrfanView (remove only)
"jdownloader09" = JDownloader 0.9
"MKVToolNix" = MKVToolNix 5.5.0
"Mozilla Firefox 19.0.2 (x86 cs)" = Mozilla Firefox 19.0.2 (x86 cs)
"Mozilla Thunderbird 17.0.4 (x86 cs)" = Mozilla Thunderbird 17.0.4 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3 Knife_is1" = Mp3 Knife 3.2
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Origin" = Origin
"Photo Collage Maker_is1" = Photo Collage Maker 1.42
"PunkBusterSvc" = PunkBuster Services
"SAFEIP_is1" = SafeIP
"SereneScreen Marine Aquarium 3_is1" = SereneScreen Marine Aquarium 3
"STANDARD" = Microsoft Office Standard 2007
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 108800" = Crysis 2 Maximum Edition
"Steam App 17300" = Crysis
"Steam App 17330" = Crysis Warhead
"Steam App 18110" = Shattered Horizon
"Steam App 420" = Half-Life 2: Episode Two
"Steam App 43110" = Metro 2033
"Steam App 4540" = Titan Quest
"Steam App 4550" = Titan Quest: Immortal Throne
"Steam App 550" = Left 4 Dead 2
"Steam App 63380" = Sniper Elite V2
"Steam App 7940" = Call of Duty 4: Modern Warfare
"Steam App 91310" = Dead Island
"Surround MP4 Tool" = Surround MP4 Tool 3.1.0
"SysInfo" = Creative System Information
"T-Mobile Communication Centre" = Web'n'walk Manager
"Totalcmd" = Total Commander (Remove or Repair)
"Train Simulator 1.0" = Microsoft Train Simulator
"Trať Bratislava-Brno-Praha pro MSTS_is1" = Trať Bratislava-Brno-Praha pro MSTS verze BP87.00-T9-14.12.2011
"Uplay" = Uplay
"uTorrent" = µTorrent
"Winamp" = Winamp

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 28.3.2013 14:52:36 | Computer Name = AMD-Server | Source = Application Error | ID = 1000
Description = Název chybující aplikace: firefox.exe, verze: 19.0.2.4814, časové
razítko: 0x5138a1d3 Název chybujícího modulu: xul.dll, verze: 19.0.2.4814, časové
razítko: 0x5138a0ed Kód výjimky: 0xc0000005 Posun chyby: 0x00172818 ID chybujícího
procesu: 0xa00 Čas spuštění chybující aplikace: 0x01ce2be331ed7aa0 Cesta k chybující
aplikaci: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\Mozilla Firefox\xul.dll ID zprávy: a74ecc0d-97d8-11e2-ba42-001fd0d74acb

Error - 29.3.2013 7:04:24 | Computer Name = AMD-Server | Source = Application Hang | ID = 1002
Description = Program Steam.exe verze 1.71.49.2 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
1f2c Čas spuštění: 01ce2c68771ab194 Čas ukončení: 13 Cesta k aplikaci: C:\Program
Files (x86)\Steam\Steam.exe ID hlášení: fd8fdada-985f-11e2-acc7-001fd0d74acb

Error - 29.3.2013 7:06:39 | Computer Name = AMD-Server | Source = Application Hang | ID = 1002
Description = Program Uninstall.exe verze 1.0.0.4835 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
1d1c Čas spuštění: 01ce2c6d42b441fb Čas ukončení: 2 Cesta k aplikaci: C:\Program Files
(x86)\Common Files\Blizzard Entertainment\Diablo III (2)\Uninstall.exe ID hlášení:
b8da79b7-9860-11e2-acc7-001fd0d74acb

Error - 29.3.2013 9:02:22 | Computer Name = AMD-Server | Source = Application Hang | ID = 1002
Description = Program Steam.exe verze 1.71.49.2 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
1a6c Čas spuštění: 01ce2c7ad2362ddc Čas ukončení: 36 Cesta k aplikaci: C:\Program
Files (x86)\Steam\Steam.exe ID hlášení: b0a67fa9-9870-11e2-acc7-001fd0d74acb

Error - 29.3.2013 9:28:14 | Computer Name = AMD-Server | Source = Application Hang | ID = 1002
Description = Program Steam.exe verze 1.71.49.2 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
1ca8 Čas spuštění: 01ce2c7dac014574 Čas ukončení: 44 Cesta k aplikaci: C:\Program
Files (x86)\Steam\Steam.exe ID hlášení: 67dfb995-9874-11e2-acc7-001fd0d74acb

Error - 29.3.2013 9:36:13 | Computer Name = AMD-Server | Source = AHDDC2_Service.exe | ID = 0
Description =

Error - 29.3.2013 10:11:15 | Computer Name = AMD-Server | Source = Application Hang | ID = 1002
Description = Program Steam.exe verze 1.71.49.2 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
974 Čas spuštění: 01ce2c84312cf003 Čas ukončení: 34 Cesta k aplikaci: C:\Program Files
(x86)\Steam\Steam.exe ID hlášení: 5d39563a-987a-11e2-a689-001fd0d74acb

Error - 29.3.2013 14:11:44 | Computer Name = AMD-Server | Source = AHDDC2_Service.exe | ID = 0
Description =

Error - 29.3.2013 14:14:15 | Computer Name = AMD-Server | Source = ESENT | ID = 454
Description = Catalog Database (1620) Catalog Database: Při zotavení či obnovení
databáze došlo k neočekávané chybě -515.

Error - 29.3.2013 14:14:15 | Computer Name = AMD-Server | Source = Microsoft-Windows-CAPI2 | ID = 257
Description = Služba Šifrování neinicializovala databázi katalogu. Chyba součásti
ESENT: -515.

[ System Events ]
Error - 28.3.2013 13:59:57 | Computer Name = AMD-Server | Source = Service Control Manager | ID = 7038
Description = Služba Dhcp se nemohla přihlásit jako NT Authority\LocalService s
aktuálně konfigurovaným heslem z důvodu následující chyby: %%50 Chcete-li zajistit
správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management
Console (MMC).

Error - 28.3.2013 13:59:57 | Computer Name = AMD-Server | Source = Service Control Manager | ID = 7000
Description = Služba Klient DHCP neuspěla při spuštění v důsledku následující chyby:
%%1069

Error - 28.3.2013 13:59:57 | Computer Name = AMD-Server | Source = Service Control Manager | ID = 7001
Description = Služba Služba WinHTTP WPAD závisí na službě Klient DHCP, která neuspěla
při spuštění v důsledku následující chyby: %%1069

Error - 28.3.2013 13:59:57 | Computer Name = AMD-Server | Source = Service Control Manager | ID = 7023
Description = Služba Web'n'walk Manager mobile equipment installation service byla
ukončena s následující chybou: %%-2147483576

Error - 28.3.2013 15:14:32 | Computer Name = AMD-Server | Source = Service Control Manager | ID = 7022
Description = Služba Web'n'walk Manager mobile equipment installation service přestala
během spouštění reagovat.

Error - 28.3.2013 15:59:26 | Computer Name = AMD-Server | Source = VDS Basic Provider | ID = 33554433
Description =

Error - 28.3.2013 16:11:43 | Computer Name = AMD-Server | Source = Service Control Manager | ID = 7022
Description = Služba Web'n'walk Manager mobile equipment installation service přestala
během spouštění reagovat.

Error - 29.3.2013 9:39:38 | Computer Name = AMD-Server | Source = Service Control Manager | ID = 7022
Description = Služba Web'n'walk Manager mobile equipment installation service přestala
během spouštění reagovat.

Error - 29.3.2013 13:02:50 | Computer Name = AMD-Server | Source = Service Control Manager | ID = 7022
Description = Služba Web'n'walk Manager mobile equipment installation service přestala
během spouštění reagovat.

Error - 29.3.2013 14:15:30 | Computer Name = AMD-Server | Source = Service Control Manager | ID = 7022
Description = Služba Web'n'walk Manager mobile equipment installation service přestala
během spouštění reagovat.


< End of report >
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Kontrola Logu - Konflikt - Podezřeni Na Virus

#8 Příspěvek od Márty84 »

Vir jsem nevidel, ale proverime to. Nejdriv se zkusime zbavit toho Kaspera


:!: Tento krok provedte v nouzovem rezimu
:arrow: Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]

:services
AdobeARMservice
SkypeUpdate
AdobeFlashPlayerUpdateSvc
AVP
KLIF
kltdi
klmouflt
klkbdflt
kneps
KLIM6
kl1

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\SysNative\drivers\klif.sys
C:\Windows\SysNative\drivers\kltdi.sys
C:\Windows\SysNative\drivers\klmouflt.sys
C:\Windows\SysNative\drivers\klkbdflt.sys
C:\Windows\SysNative\drivers\kneps.sys
C:\Windows\SysNative\drivers\klim6.sys
C:\Windows\SysNative\drivers\kl1.sys
C:\Program Files (x86)\Kaspersky Lab

:otl
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2239461738-3896735249-2566334241-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
IE - HKU\S-1-5-21-2239461738-3896735249-2566334241-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2239461738-3896735249-2566334241-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
O3 - HKU\S-1-5-21-2239461738-3896735249-2566334241-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2239461738-3896735249-2566334241-1009..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O15 - HKLM\..Trusted Domains: mojebanka.cz ([]https in Trusted sites)
O15 - HKLM\..Trusted Domains: mojebanka.cz ([etrading] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-2239461738-3896735249-2566334241-1000\..Trusted Domains: mojebanka.cz ([]https in Trusted sites)
O15 - HKU\S-1-5-21-2239461738-3896735249-2566334241-1000\..Trusted Domains: mojebanka.cz ([etrading] https in Trusted sites)
O15 - HKU\S-1-5-21-2239461738-3896735249-2566334241-1000\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[62 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[2012.12.09 08:04:06 | 000,000,000 | ---D | M] -- C:\Users\Skynet-2010\AppData\Roaming\ESET
@Alternate Data Stream - 175 bytes -> C:\ProgramData\Temp:1AAB2E68
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:B755D674
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:CC2DDA0D

reg:
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AVP"=-
Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Lilly [FR]

Re: Kontrola Logu - Konflikt - Podezřeni Na Virus

#9 Příspěvek od Lilly [FR] »

Marty Při teto operaci mi nastali potiže, jenom co jsem restartovala počitač z nouzoveho režimu /OTL-Požadoval restart/a snažila jsem se vratit nazpatky do normalního režimu a startu windows 7, z nepochopitelnych důvodu mi přestala fungovat klavesnice a myš, pokoušela jsem se prohodit usb porty a stejně to nezabralo, ja nevim co se stalo.....

:arrow: Musela jsem z inštalačniho disku windows 7 vyvolat nabidku bod obnovy a vybrala jsem ten nejbližši bod pro obnovu.System nastartoval od posledního bodu v pořadku a začala mi zase fungovat klavesnice a myška, ale obavam se, že se stratil posledni log z OTL, našla jsem jenom tohle......

Co se to děje...??? s timhle jsem nikdy neměla potiže..... :shock: :shock: :shock: :?: :?: :?:

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Skynet - 2010

User: Skynet-2010
->Temp folder emptied: 1037835 bytes
->Temporary Internet Files folder emptied: 4382 bytes
->Java cache emptied: 4685131 bytes
->FireFox cache emptied: 15749109 bytes
->Flash cache emptied: 506 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 3968488 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 17740 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50702 bytes
RecycleBin emptied: 437799 bytes

Total Files Cleaned = 25,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: Skynet - 2010

User: Skynet-2010
->Flash cache emptied: 0 bytes

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Unable to start System Restore Service. Error code 1084
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Error: No service named AVP was found to stop!
Service\Driver key AVP not found.
Service KLIF stopped successfully!
Service KLIF deleted successfully!
Service kltdi stopped successfully!
Service kltdi deleted successfully!
Service klmouflt stopped successfully!
Service klmouflt deleted successfully!
Service klkbdflt stopped successfully!
Service klkbdflt deleted successfully!
Service kneps stopped successfully!
Service kneps deleted successfully!
Service KLIM6 stopped successfully!
Service KLIM6 deleted successfully!
Error: Unable to stop service kl1!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\kl1 deleted successfully.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\SysNative\drivers\klif.sys moved successfully.
C:\Windows\SysNative\drivers\kltdi.sys moved successfully.
C:\Windows\SysNative\drivers\klmouflt.sys moved successfully.
C:\Windows\SysNative\drivers\klkbdflt.sys moved successfully.
C:\Windows\SysNative\drivers\kneps.sys moved successfully.
C:\Windows\SysNative\drivers\klim6.sys moved successfully.
C:\Windows\SysNative\drivers\kl1.sys moved successfully.
File\Folder C:\Program Files (x86)\Kaspersky Lab not found.
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-2239461738-3896735249-2566334241-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKEY_USERS\S-1-5-21-2239461738-3896735249-2566334241-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2239461738-3896735249-2566334241-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_USERS\S-1-5-21-2239461738-3896735249-2566334241-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry key HKEY_USERS\S-1-5-21-2239461738-3896735249-2566334241-1009\Software\Microsoft\Windows\CurrentVersion\RunOnce not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz\etrading\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz\www\ not found.
Registry key HKEY_USERS\S-1-5-21-2239461738-3896735249-2566334241-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-2239461738-3896735249-2566334241-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz\etrading\ not found.
Registry key HKEY_USERS\S-1-5-21-2239461738-3896735249-2566334241-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz\www\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
File/Folder C:\Windows\SysNative\*.tmp not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA087.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPECED.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF6DC.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPFB5E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1B42.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP67B9.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPFFB2.tmp folder deleted successfully.
C:\Windows\Installer\MSI106.tmp deleted successfully.
C:\Windows\Installer\MSI12DB.tmp deleted successfully.
C:\Windows\Installer\MSI131D.tmp deleted successfully.
C:\Windows\Installer\MSI15F1.tmp deleted successfully.
C:\Windows\Installer\MSI166F.tmp deleted successfully.
C:\Windows\Installer\MSI2502.tmp deleted successfully.
C:\Windows\Installer\MSI265A.tmp deleted successfully.
C:\Windows\Installer\MSI2891.tmp deleted successfully.
C:\Windows\Installer\MSI2A52.tmp deleted successfully.
C:\Windows\Installer\MSI2C4A.tmp deleted successfully.
C:\Windows\Installer\MSI2D25.tmp deleted successfully.
C:\Windows\Installer\MSI2E4.tmp deleted successfully.
C:\Windows\Installer\MSI346F.tmp deleted successfully.
C:\Windows\Installer\MSI3644.tmp deleted successfully.
C:\Windows\Installer\MSI36B7.tmp deleted successfully.
C:\Windows\Installer\MSI36F1.tmp deleted successfully.
C:\Windows\Installer\MSI372.tmp deleted successfully.
C:\Windows\Installer\MSI3735.tmp deleted successfully.
C:\Windows\Installer\MSI430F.tmp deleted successfully.
C:\Windows\Installer\MSI4423.tmp deleted successfully.
C:\Windows\Installer\MSI475F.tmp deleted successfully.
C:\Windows\Installer\MSI490.tmp deleted successfully.
C:\Windows\Installer\MSI49F3.tmp deleted successfully.
C:\Windows\Installer\MSI4E33.tmp deleted successfully.
C:\Windows\Installer\MSI5E9.tmp deleted successfully.
C:\Windows\Installer\MSI664B.tmp deleted successfully.
C:\Windows\Installer\MSI73A2.tmp deleted successfully.
C:\Windows\Installer\MSI7A3D.tmp deleted successfully.
C:\Windows\Installer\MSI883C.tmp deleted successfully.
C:\Windows\Installer\MSI8C52.tmp deleted successfully.
C:\Windows\Installer\MSI8D9B.tmp deleted successfully.
C:\Windows\Installer\MSI944A.tmp deleted successfully.
C:\Windows\Installer\MSI977B.tmp deleted successfully.
C:\Windows\Installer\MSI97F.tmp deleted successfully.
C:\Windows\Installer\MSI97F9.tmp deleted successfully.
C:\Windows\Installer\MSI9C95.tmp deleted successfully.
C:\Windows\Installer\MSI9D22.tmp deleted successfully.
C:\Windows\Installer\MSI9FFC.tmp deleted successfully.
C:\Windows\Installer\MSIA8B0.tmp deleted successfully.
C:\Windows\Installer\MSIAD26.tmp deleted successfully.
C:\Windows\Installer\MSIAE22.tmp deleted successfully.
C:\Windows\Installer\MSIBCCD.tmp deleted successfully.
C:\Windows\Installer\MSIC067.tmp deleted successfully.
C:\Windows\Installer\MSIC131.tmp deleted successfully.
C:\Windows\Installer\MSIC152.tmp deleted successfully.
C:\Windows\Installer\MSIC9DB.tmp deleted successfully.
C:\Windows\Installer\MSICB04.tmp deleted successfully.
C:\Windows\Installer\MSIDB35.tmp deleted successfully.
C:\Windows\Installer\MSIDD58.tmp deleted successfully.
C:\Windows\Installer\MSIDFDD.tmp deleted successfully.
C:\Windows\Installer\MSIE069.tmp deleted successfully.
C:\Windows\Installer\MSIE998.tmp deleted successfully.
C:\Windows\Installer\MSIE9F8.tmp deleted successfully.
C:\Windows\Installer\MSIECC6.tmp deleted successfully.
C:\Windows\Installer\MSIF3AC.tmp deleted successfully.
C:\Windows\Installer\MSIF429.tmp deleted successfully.
C:\Windows\Installer\MSIF4D6.tmp deleted successfully.
C:\Windows\Installer\MSIF530.tmp deleted successfully.
C:\Windows\Installer\MSIF571.tmp deleted successfully.
C:\Windows\Installer\MSIF8EB.tmp deleted successfully.
C:\Windows\Installer\MSIFA81.tmp deleted successfully.
C:\Windows\Installer\MSIFD6D.tmp deleted successfully.
C:\Users\Skynet-2010\AppData\Roaming\ESET\ESET Smart Security folder moved successfully.
C:\Users\Skynet-2010\AppData\Roaming\ESET folder moved successfully.
ADS C:\ProgramData\Temp:1AAB2E68 deleted successfully.
ADS C:\ProgramData\Temp:B755D674 deleted successfully.
ADS C:\ProgramData\Temp:CC2DDA0D deleted successfully.
File EY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] not found.

OTL by OldTimer - Version 3.2.69.0 log created on 03292013_211508
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Kontrola Logu - Konflikt - Podezřeni Na Virus

#10 Příspěvek od Márty84 »

:?: takze se stalo to same jako po pouziti KASPERSKY REMOVAL

Dej mi sem prosim novy log z RSIT
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Lilly [FR]

Re: Kontrola Logu - Konflikt - Podezřeni Na Virus

#11 Příspěvek od Lilly [FR] »

Přesně tak a potvrzuji tvoje slova, jenomže tady nešla ani myš ani klavesnice a posledni operace KASPERSKY REMOVAL z nouzoveho režimu byla jenom nefunkční klavesnice, myška mi nadale fungovala.

Posilam novy log...... :o :?:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Skynet-2010 at 2013-03-29 22:34:38
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 320 GB (52%) free of 610 GB
Total RAM: 6141 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:43:03, on 26.2.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16464)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe
C:\Program Files (x86)\Auto - Tapety\awplite.exe
C:\Program Files (x86)\Manager - Acronis\Disk Backup\TrueImageMonitor.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\Program Files (x86)\Internet T-Mobile\Web'n'walk Manager\Manager.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Skynet-2010.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files (x86)\Manager - Acronis\Disk Backup\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe" Minimum
O4 - HKCU\..\Run: [awplite] C:\Program Files (x86)\Auto - Tapety\awplite.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2239461738-3896735249-2566334241-1008\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2239461738-3896735249-2566334241-1008\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Přidat do Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm
O9 - Extra button: Virtuální klávesnice - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Kontrola adres URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{BB9E5AD9-9C9E-60A6-EE59-C5F72FF09E6A}: NameServer = 93.153.117.33 93.153.117.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\Antispyware - SUPER\SASCORE64.EXE
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Služba Acronis Nonstop Backup (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: Ashampoo HDD Control 2 Service (AHDDC2) - Unknown owner - C:\Program Files (x86)\Ashampoo - Hardisk Control\AHDDC2_Service.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files (x86)\Internet T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: Služba Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files (x86)\Ashampoo - Hardisk Control\DfSdkS64.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Aktivátor Správce výběru OS Acronis (Správce výběru OS) - Unknown owner - C:\Program Files (x86)\Manager - Acronis\Disk Director\OSS\reinstall_svc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10980 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
"C:\Program Files\Antispyware - SUPER\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Ashampoo - Core Tuner 2\ACT2Service.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
"C:\Program Files (x86)\Ashampoo - Hardisk Control\AHDDC2_Service.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Manager - Acronis\Disk Director\OSS\reinstall_svc.exe"
WLIDSvcM.exe 2272
"C:\Program Files (x86)\Internet T-Mobile\Web'n'walk Manager\ameisvc.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000b7c
"C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-0f74573b-e7bc-4ce2-9315-ca3c83c86432 -SystemEventPortName:HostProcess-27654530-4519-48e1-a487-5a2baba88832 -IoCancelEventPortName:HostProcess-da8ddcb2-e9f9-4d2d-bf28-b3fbe3e029c5 -NonStateChangingEventPortName:HostProcess-97b7c291-48fb-4517-b7ff-95ee4eeddefd -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d00f2e41-0e8d-43d8-816c-09274f25b639 -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
"C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Auto - Tapety\awplite.exe"
"C:\Program Files (x86)\Manager - Acronis\Disk Backup\TrueImageMonitor.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
C:\Windows\explorer.exe /factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Internet T-Mobile\Web'n'walk Manager\Manager.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\Prehravač - Winamp\winamp.exe" "C:\Users\Skynet-2010\5 - Počitačová Základňa\7 - Základňa - Relaxačne Studio\Radio - Dreams.pls"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Users\Skynet-2010\4 - Poštova Schránka\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\Windows 7 Manager - Logon Background Changer.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-06 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-06 170912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Služba Acronis Scheduler2"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2011-10-13 394744]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2013-01-24 1451728]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"awplite"=C:\Program Files (x86)\Auto - Tapety\awplite.exe [2007-02-10 2607616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
C:\Program Files (x86)\Virtualka - Daemon\DTAgent.exe [2011-03-17 842048]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TrueImageMonitor.exe"=C:\Program Files (x86)\Manager - Acronis\Disk Backup\TrueImageMonitor.exe [2011-10-13 5574456]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2013-03-19 345312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SafeIPS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoInstrumentation"=1
"NoDrives"=33622048

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2013-03-29 22:34:38 ----D---- C:\rsit
2013-03-29 17:48:19 ----D---- C:\ProgramData\SecTaskMan
2013-03-29 12:22:45 ----D---- C:\ProgramData\Blizzard Entertainment
2013-03-29 12:22:45 ----D---- C:\Program Files (x86)\Diablo III
2013-03-29 12:21:11 ----D---- C:\ProgramData\Battle.net
2013-03-28 18:30:09 ----A---- C:\Windows\system32\drivers\nvstusb.sys
2013-03-28 18:30:01 ----A---- C:\Windows\system32\nvwgf2umx.dll
2013-03-28 18:30:00 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2013-03-28 18:30:00 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2013-03-28 18:30:00 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2013-03-28 18:30:00 ----A---- C:\Windows\system32\nvopencl.dll
2013-03-28 18:29:59 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-03-28 18:29:59 ----A---- C:\Windows\system32\nvoglv64.dll
2013-03-28 18:29:59 ----A---- C:\Windows\system32\nvinitx.dll
2013-03-28 18:29:59 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-03-28 18:29:58 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2013-03-28 18:29:58 ----A---- C:\Windows\system32\nvdispgenco6431422.dll
2013-03-28 18:29:58 ----A---- C:\Windows\system32\nvdispco6431422.dll
2013-03-28 18:29:57 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2013-03-28 18:29:57 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-03-28 18:29:57 ----A---- C:\Windows\system32\nvd3dumx.dll
2013-03-28 18:29:56 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-03-28 18:29:56 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2013-03-28 18:29:56 ----A---- C:\Windows\system32\nvcuvid.dll
2013-03-28 18:29:56 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-03-28 18:29:56 ----A---- C:\Windows\system32\nvcuda.dll
2013-03-28 18:29:51 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-03-28 18:29:51 ----A---- C:\Windows\system32\nvcompiler.dll
2013-03-28 18:29:50 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2013-03-28 18:17:16 ----SD---- C:\ProgramData\Shared Space
2013-03-28 18:15:41 ----D---- C:\ProgramData\Comodo
2013-03-28 18:15:40 ----D---- C:\ProgramData\Comodo Downloader
2013-03-28 18:15:36 ----D---- C:\Program Files\COMODO
2013-03-28 18:09:57 ----D---- C:\ProgramData\DriverGenius
2013-03-28 17:36:37 ----D---- C:\Users\Skynet-2010\AppData\Roaming\Avira
2013-03-28 17:31:14 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2013-03-28 17:31:14 ----A---- C:\Windows\system32\drivers\avipbb.sys
2013-03-28 17:31:14 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2013-03-28 17:31:13 ----D---- C:\ProgramData\Avira
2013-03-28 17:31:13 ----D---- C:\Program Files (x86)\Avira
2013-03-28 17:16:05 ----D---- C:\Program Files (x86)\Driver-Soft
2013-03-28 17:12:41 ----D---- C:\Program Files\C-Cleaner
2013-03-26 22:50:30 ----D---- C:\ProgramData\NVIDIA Corporation
2013-03-24 14:52:09 ----D---- C:\ProgramData\Origin
2013-03-24 07:55:59 ----SHD---- C:\ProgramData\DSS
2013-03-24 06:33:13 ----D---- C:\Program Files (x86)\CAPCOM
2013-03-20 00:46:17 ----A---- C:\Windows\DIIUnin.pif
2013-03-20 00:46:17 ----A---- C:\Windows\DIIUnin.exe
2013-03-20 00:41:38 ----D---- C:\Program Files (x86)\Diablo II
2013-03-18 13:34:02 ----A---- C:\Windows\SYSWOW64\pbsvc_bc2.exe
2013-03-18 13:09:12 ----D---- C:\Program Files (x86)\Electronic Arts
2013-03-18 11:21:16 ----D---- C:\Program Files (x86)\Origin Games
2013-03-17 00:58:19 ----A---- C:\Windows\SYSWOW64\SafeIPSOff.ini
2013-03-17 00:58:19 ----A---- C:\Windows\SYSWOW64\SafeIPS.ini
2013-03-17 00:58:19 ----A---- C:\Windows\system32\SafeIPSOff.ini
2013-03-16 23:08:21 ----D---- C:\Program Files (x86)\Seagate
2013-03-16 19:11:23 ----D---- C:\Program Files (x86)\HDD Regenerator
2013-03-16 09:26:52 ----D---- C:\Program Files (x86)\Safe IP
2013-03-16 09:13:12 ----D---- C:\Program Files (x86)\Ashampoo - Core Tuner 2
2013-03-16 06:13:41 ----A---- C:\Windows\system32\SafeIPs64.dll
2013-03-16 06:13:38 ----A---- C:\Windows\SYSWOW64\SafeIPs.dll
2013-03-14 22:07:52 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2013-03-14 05:55:04 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-03-14 05:54:58 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-03-14 05:54:58 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-03-14 05:54:58 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-03-14 05:54:58 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-03-14 05:54:58 ----A---- C:\Windows\system32\elshyph.dll
2013-03-14 05:54:57 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-03-14 05:54:57 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-03-14 05:54:57 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-03-14 05:54:57 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-03-14 05:54:57 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-03-14 05:54:56 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-03-14 05:54:56 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-03-14 05:54:56 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-03-14 05:54:56 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-03-14 05:54:56 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-03-14 05:54:56 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-03-14 05:54:56 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-03-14 05:54:55 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-03-14 05:54:55 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-03-14 05:54:55 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-03-14 05:54:55 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-03-14 05:54:54 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-03-14 05:54:54 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-03-14 05:54:54 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-03-14 05:54:54 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-03-14 05:54:54 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-03-14 05:54:54 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-03-14 05:54:54 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-03-14 05:54:53 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-03-14 05:54:53 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-03-14 05:54:53 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-03-14 05:54:53 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-03-14 05:54:53 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-03-14 05:54:53 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-03-14 05:54:52 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-03-14 05:54:51 ----A---- C:\Windows\SYSWOW64\url.dll
2013-03-14 05:54:51 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-03-14 05:54:51 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-03-14 05:54:51 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-03-14 05:54:51 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-03-14 05:54:51 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-03-14 05:54:50 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-03-14 05:54:50 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-03-14 05:54:45 ----A---- C:\Windows\system32\wininet.dll
2013-03-14 05:54:45 ----A---- C:\Windows\system32\urlmon.dll
2013-03-14 05:54:45 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-03-14 05:54:45 ----A---- C:\Windows\system32\msrating.dll
2013-03-14 05:54:45 ----A---- C:\Windows\system32\msls31.dll
2013-03-14 05:54:45 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-14 05:54:45 ----A---- C:\Windows\system32\iertutil.dll
2013-03-14 05:54:45 ----A---- C:\Windows\system32\dxtrans.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\wextract.exe
2013-03-14 05:54:44 ----A---- C:\Windows\system32\webcheck.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\vbscript.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\url.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-03-14 05:54:44 ----A---- C:\Windows\system32\pngfilt.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\occache.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\mshtmler.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\mshtml.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\mshta.exe
2013-03-14 05:54:44 ----A---- C:\Windows\system32\msfeedssync.exe
2013-03-14 05:54:44 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\licmgr10.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\jscript9.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\jscript.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\inseng.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\imgutil.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\iexpress.exe
2013-03-14 05:54:44 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-14 05:54:44 ----A---- C:\Windows\system32\ieui.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\iesysprep.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\iesetup.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\iernonce.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\iepeers.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\ieframe.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\iedkcs32.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\ieapfltr.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\ie4uinit.exe
2013-03-14 05:54:44 ----A---- C:\Windows\system32\icardie.dll
2013-03-14 05:54:44 ----A---- C:\Windows\system32\dxtmsft.dll
2013-03-14 04:46:01 ----A---- C:\Windows\SYSWOW64\gdiplus.dll
2013-03-14 04:39:35 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-03-14 04:13:33 ----D---- C:\Program Files\Manager - Windows 7
2013-03-14 03:23:49 ----SD---- C:\Windows\SYSWOW64\Microsoft
2013-03-08 20:53:22 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-03-07 21:32:56 ----D---- C:\Users\Skynet-2010\AppData\Roaming\Product_PT
2013-03-07 20:46:20 ----A---- C:\Windows\SYSWOW64\MRT.exe
2013-03-06 05:50:17 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-03-06 05:49:56 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-03-06 05:49:56 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-03-06 05:49:56 ----A---- C:\Windows\SYSWOW64\java.exe
2013-03-06 05:49:48 ----D---- C:\Program Files (x86)\Java
2013-03-04 06:16:18 ----D---- C:\Program Files\Editor - VPK
2013-03-03 19:02:23 ----A---- C:\Windows\system32\aswBoot.exe
2013-03-02 16:24:23 ----DC---- C:\Windows\system32\DRVSTORE
2013-03-02 16:24:23 ----A---- C:\Windows\system32\drivers\usbfilter.sys
2013-03-02 16:24:22 ----D---- C:\Program Files (x86)\AMD
2013-03-02 16:24:14 ----A---- C:\Windows\system32\drivers\AtiPcie.sys

======List of files/folders modified in the last 1 months======

2013-03-29 22:34:45 ----D---- C:\Windows\Temp
2013-03-29 22:34:42 ----D---- C:\Program Files\Trend Micro
2013-03-29 22:13:47 ----D---- C:\Program Files (x86)\Steam
2013-03-29 21:59:48 ----D---- C:\Windows\system32\config
2013-03-29 21:46:56 ----SHD---- C:\System Volume Information
2013-03-29 21:43:55 ----D---- C:\ProgramData\NVIDIA
2013-03-29 21:42:42 ----D---- C:\Windows\Tasks
2013-03-29 21:42:42 ----D---- C:\Windows\system32\wfp
2013-03-29 21:42:42 ----D---- C:\Windows\system32\DriverStore
2013-03-29 21:42:42 ----D---- C:\Windows\system32\drivers\etc
2013-03-29 21:42:42 ----D---- C:\Windows\system32\drivers
2013-03-29 21:42:42 ----D---- C:\Windows\System32
2013-03-29 21:42:42 ----D---- C:\Windows
2013-03-29 21:42:40 ----SHD---- C:\Windows\Installer
2013-03-29 21:42:40 ----D---- C:\Windows\system32\catroot2
2013-03-29 21:42:38 ----D---- C:\Windows\inf
2013-03-29 21:42:37 ----D---- C:\Users\Skynet-2010\AppData\Roaming\Prehravač - Winamp
2013-03-29 21:42:35 ----D---- C:\Windows\system32\wbem
2013-03-29 21:42:35 ----D---- C:\Windows\registration
2013-03-29 19:18:57 ----D---- C:\Windows\ModemLogs
2013-03-29 19:09:11 ----RD---- C:\Program Files (x86)
2013-03-29 19:05:50 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-03-29 17:48:19 ----HD---- C:\ProgramData
2013-03-29 17:45:37 ----D---- C:\Windows\system32\Tasks
2013-03-29 14:34:20 ----D---- C:\Windows\SysWOW64
2013-03-29 01:47:29 ----AD---- C:\ProgramData\Temp
2013-03-28 21:14:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-28 21:08:31 ----D---- C:\Windows\system32\catroot
2013-03-28 21:08:30 ----D---- C:\Windows\security
2013-03-28 21:08:28 ----D---- C:\Windows\ELAMBKUP
2013-03-28 18:37:28 ----D---- C:\Windows\Logs
2013-03-28 18:32:21 ----RHD---- C:\Users
2013-03-28 18:15:36 ----RD---- C:\Program Files
2013-03-28 16:13:20 ----D---- C:\Program Files (x86)\Common Files
2013-03-28 14:51:00 ----RSD---- C:\Windows\assembly
2013-03-28 00:35:03 ----D---- C:\Program Files\Antispyware - SUPER
2013-03-28 00:17:40 ----D---- C:\Windows\SoftwareDistribution
2013-03-28 00:16:49 ----D---- C:\Users\Skynet-2010\AppData\Roaming\DAEMON Tools Pro
2013-03-27 23:02:05 ----D---- C:\Windows\system32\drivers\UMDF
2013-03-27 23:02:05 ----D---- C:\Windows\system32\CodeIntegrity
2013-03-27 23:02:04 ----D---- C:\Windows\Help
2013-03-27 23:02:03 ----D---- C:\Users\Skynet-2010\AppData\Roaming\IrfanView
2013-03-27 23:01:59 ----D---- C:\Program Files\NVIDIA Corporation
2013-03-27 23:01:56 ----D---- C:\Program Files (x86)\Origin
2013-03-27 23:01:56 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-03-24 15:29:20 ----D---- C:\Users\Skynet-2010\AppData\Roaming\Origin
2013-03-20 09:24:49 ----D---- C:\Program Files (x86)\Auto - Tapety
2013-03-19 12:45:15 ----D---- C:\Windows\tracing
2013-03-19 12:40:21 ----D---- C:\Windows\system32\NDF
2013-03-19 05:33:17 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-03-19 00:48:21 ----D---- C:\Program Files (x86)\Punkbuster
2013-03-18 12:17:36 ----D---- C:\ProgramData\Acronis
2013-03-16 15:58:33 ----D---- C:\Windows\rescache
2013-03-16 07:54:11 ----D---- C:\Users\Skynet-2010\AppData\Roaming\uTorrent
2013-03-16 07:54:07 ----D---- C:\Windows\Panther
2013-03-15 06:53:06 ----A---- C:\Windows\system32\nvumdshimx.dll
2013-03-15 06:53:06 ----A---- C:\Windows\system32\nvapi64.dll
2013-03-15 05:16:18 ----A---- C:\Windows\system32\nvsvc64.dll
2013-03-15 05:16:17 ----A---- C:\Windows\system32\nvcpl.dll
2013-03-15 05:16:10 ----A---- C:\Windows\system32\nvvsvc.exe
2013-03-15 05:16:10 ----A---- C:\Windows\system32\nvsvcr.dll
2013-03-15 05:16:10 ----A---- C:\Windows\system32\nvshext.dll
2013-03-15 05:16:10 ----A---- C:\Windows\system32\nvmctray.dll
2013-03-14 08:59:28 ----D---- C:\Windows\winsxs
2013-03-14 08:55:56 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-03-14 08:55:56 ----D---- C:\Program Files\Internet Explorer
2013-03-14 08:55:56 ----D---- C:\Program Files (x86)\Internet Explorer
2013-03-14 08:55:55 ----D---- C:\Windows\system32\cs-CZ
2013-03-14 08:55:54 ----D---- C:\Windows\SYSWOW64\migration
2013-03-14 08:55:53 ----D---- C:\Windows\SYSWOW64\en-US
2013-03-14 08:55:53 ----D---- C:\Windows\system32\migration
2013-03-14 08:55:53 ----D---- C:\Windows\system32\en-US
2013-03-14 08:55:53 ----D---- C:\Windows\PolicyDefinitions
2013-03-14 04:24:42 ----D---- C:\Program Files (x86)\E-Mail Klient
2013-03-14 04:08:26 ----D---- C:\Windows\debug
2013-03-13 18:25:30 ----D---- C:\Windows\AppPatch
2013-03-13 18:25:26 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-13 18:25:25 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-03-13 18:25:24 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-03-13 10:31:03 ----A---- C:\Windows\system32\MRT.exe
2013-03-13 10:30:56 ----D---- C:\ProgramData\Microsoft Help
2013-03-13 09:17:17 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-03-07 22:09:19 ----D---- C:\Program Files (x86)\Ashampoo - Hardisk Control
2013-03-07 21:04:29 ----D---- C:\Users\Skynet-2010\AppData\Roaming\Skype
2013-03-07 20:57:53 ----D---- C:\ProgramData\Skype
2013-03-07 20:57:50 ----RD---- C:\Program Files (x86)\Skype
2013-03-07 20:46:07 ----D---- C:\Windows\SYSWOW64\directx
2013-03-06 05:49:50 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2013-03-06 05:49:50 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-03-03 19:22:18 ----D---- C:\Program Files (x86)\Klient - Torrent
2013-03-02 16:27:59 ----HD---- C:\Program Files (x86)\Temp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2011-04-15 79488]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2011-04-15 40064]
R0 amdide64;amdide64; C:\Windows\system32\DRIVERS\amdide64.sys [2011-12-17 11904]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-04 16440]
R0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2012-06-19 458584]
R0 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2012-03-07 30312]
R0 MxEFUF;Matrox Extio Upper Function Filter; C:\Windows\system32\DRIVERS\MxEFUF64.sys [2011-10-20 157696]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2012-10-01 277088]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-12-10 530488]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273); C:\Windows\system32\DRIVERS\tdrpm273.sys [2012-10-01 1263200]
R0 timounter;Acronis Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2012-10-01 970336]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-02-26 130016]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-03-06 28600]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2013-01-16 23176]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2013-01-16 699880]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2013-01-16 48360]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-11-25 272448]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2013-01-16 95752]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2013-02-13 613720]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2012-08-02 28504]
R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2013-02-13 54104]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2012-08-13 178008]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\Antispyware - SUPER\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\Antispyware - SUPER\SASKUTIL64.SYS [2011-07-12 12368]
R2 ACT2PM;Ashampoo CoreTuner 2 ProcessMonitor Driver; \??\C:\Program Files (x86)\Ashampoo - Core Tuner 2\ACT2ProcessMonitor64.sys [2011-06-10 15160]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-02-26 100712]
R2 ntk_PowerDVD12;ntk_PowerDVD12; \??\C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2011-10-27 82928]
R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2012-10-01 285280]
R3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [1999-12-31 101504]
R3 CT20XUT.SYS;CT20XUT.SYS; C:\Windows\System32\drivers\CT20XUT.SYS [2010-07-07 230488]
R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2010-07-07 697816]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS; C:\Windows\System32\drivers\CTEXFIFX.SYS [2010-07-07 1445976]
R3 CTHWIUT.SYS;CTHWIUT.SYS; C:\Windows\System32\drivers\CTHWIUT.SYS [2010-07-07 95320]
R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2010-07-07 15960]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2010-07-07 213080]
R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2010-07-07 118360]
R3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2010-03-20 13952]
R3 ha20x22k;Creative 20X2 HAL Driver; C:\Windows\system32\drivers\ha20x22k.sys [2010-07-07 1612888]
R3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2011-09-09 98304]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2011-09-09 87040]
R3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2011-09-09 28672]
R3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2011-09-09 218624]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-19 4065296]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2012-10-25 29016]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2012-10-25 29528]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-12-19 194488]
R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver; C:\Windows\system32\DRIVERS\nvstusb.sys [2013-03-15 448288]
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2010-07-07 179288]
R3 PGR1394b;PGR IEEE 1394 Bus host controllers; C:\Windows\system32\DRIVERS\PGR1394.sys [2008-03-14 88064]
R3 pmkbdfltr;PenMount Keyboard Device Filter Driver; C:\Windows\system32\DRIVERS\pmkbdfltr.sys [2012-08-01 18832]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-10-06 766096]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872]
S3 CT20XUT;CT20XUT; C:\Windows\system32\drivers\CT20XUT.SYS [2010-07-07 230488]
S3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2010-07-07 580696]
S3 CTEXFIFX;CTEXFIFX; C:\Windows\system32\drivers\CTEXFIFX.SYS [2010-07-07 1445976]
S3 CTHWIUT;CTHWIUT; C:\Windows\system32\drivers\CTHWIUT.SYS [2010-07-07 95320]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 117248]
S3 ha20x2k;Creative 20X HAL Driver; C:\Windows\system32\drivers\ha20x2k.sys [2010-07-07 1567832]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 RTL8168;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2012-07-31 690832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\Antispyware - SUPER\SASCORE64.EXE [2012-07-11 140672]
R2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2011-10-13 1113696]
R2 ACT2_Service;Ashampoo Core Tuner 2 Service; C:\Program Files (x86)\Ashampoo - Core Tuner 2\ACT2Service.exe [2011-08-22 1421216]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 afcdpsrv;Služba Acronis Nonstop Backup; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2012-10-01 3246040]
R2 AHDDC2;Ashampoo HDD Control 2 Service; C:\Program Files (x86)\Ashampoo - Hardisk Control\AHDDC2_Service.exe [2012-07-30 1518504]
R2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\Program Files (x86)\Internet T-Mobile\Web'n'walk Manager\ameisvc.exe [2012-08-22 123320]
R2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [2013-02-25 374496]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-02-25 110816]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-02-25 86752]
R2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2013-02-25 565472]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2013-01-24 3724472]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2010-02-12 286720]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-03-15 877856]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-03-15 1266464]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-01-16 76888]
R2 Správce výběru OS;Aktivátor Správce výběru OS Acronis; C:\Program Files (x86)\Manager - Acronis\Disk Director\OSS\reinstall_svc.exe [2010-07-07 2156952]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-13 253656]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-01-24 158928]
S3 DfSdkS;Defragmentation-Service; C:\Program Files (x86)\Ashampoo - Hardisk Control\DfSdkS64.exe [2009-08-24 544768]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-08 115608]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-02-25 543144]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-09-30 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S4 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12; C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2012-01-12 87336]
S4 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-09-30 79360]
S4 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-09-30 79360]
S4 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2012-01-12 75048]
S4 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2012-01-12 296232]
S4 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2011-03-01 130976]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2010-08-19 386344]
S4 SafeIPS;SafeIPS; C:\Program Files (x86)\Safe IP\SafeIPs.exe [2013-02-10 3808960]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]

-----------------EOF-----------------
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Kontrola Logu - Konflikt - Podezřeni Na Virus

#12 Příspěvek od Márty84 »

Zkus Kasperskeho znovu nainstalovat, a pak pomoci CCleaneru odinstalovat.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Lilly [FR]

Re: Kontrola Logu - Konflikt - Podezřeni Na Virus

#13 Příspěvek od Lilly [FR] »

- Budu muset stahnout znovu trial verzi a odinstalovat aviru, a udělat pro jistotu bod obnovy, že bych se tady zitra ozvala, dneska nemam, už sil provadět takove operace, jsem hrozně unavena :o :)
- To by byl teda zazrak, kdyby to pomohlo......
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Kontrola Logu - Konflikt - Podezřeni Na Virus

#14 Příspěvek od Márty84 »

Obcas se stane, ze se neco pri odinstalaci pokazi. A ten bod obnovy tomu nasadil korunu. Takze by to mohlo pomoct. Kdyz ne, budem na to muset jit hrubou silou a tomu bych se rad vyhnul.

Jasne, zitra je taky den. Tak dobrou noc :)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Lilly [FR]

Re: Kontrola Logu - Konflikt - Podezřeni Na Virus

#15 Příspěvek od Lilly [FR] »

:( Promiň Marty, odpovidam ti pozdě, stalo se mi neštesti, zkolaboval mi cely systém a, už mi nenastartoval, přestali mi fungovat ovladače na klavesnici, myšku a ztratila se mi 780 Gb zaloha s operačnim systém 7, aplikace, programy a pc hry, selhalo ovladani na prohližeče firefox a explorer nereagovali na moje kliknuti....

:( Brečela jsem cely den jako male ditě, tak mi to bylo lito a veděla jsem, už předem, že mě s tim čeka spousta práce, bez zalohy jsem v nesnázích.

:arrow: Na soukromni nadstandartní středni škole jsem dostala do patku zvláštní volno a profesor, který mě ma rad mi byl ochoten s tim pomoct, teda jenom poradit co mam dělat
:arrow: Ma znamosti.Takže dneska mam doma počitač z alzy, pc technik a specialista z laboratoře mi v žadnym případě nedoporučuji pro přiště instalovat do moji pc sestavy, žadne produkty z KASPERSKY ANTIVIRUS A INTERNET SECURITY

:arrow: Pro moji pc sestavu je označen jako VIRUS /Způsobil cely konflikt, pomalost a bordel v registrech, odinstaloval aj to co nemusel odinstalovat/ Pokud se KASPERSKY neodinstaluje řadnym způsobem je prostě problém, nedoporučuje se vykonávat bod obnovy s nainstalovanym kasperskym a doporučuje, abych si davala bacha i na aviru, která taky, vyžaduje řadny způsob odinstalace jen s tim rozdílem, že vůči je moji pc sestavě kvalitnejši a spolehliva.

:arrow: Data a systém jsou pryč, :wacko: :hide: :hide: :123: nejradši bych se :68:

:arrow: Takže mam celu pc sestavu pročištenu od prachu a tentokrát systém, data a soubory nainstaluji na SSD disk za 2 - 3 dny to snad stihnu, pak bych sem hodila novy log a podivame se spolem nato....Krasny večer zatím :worship: Marty
Nahoru
Zamčeno

Zpět na „Sekce pouze pro Vzorné návštěvníky“