VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Reventon a kryptik

https://forum.viry.cz:443/viewtopic.php?t=134995

Stránka 1 z 1

Reventon a kryptik

Napsal: 27 pro 2013 19:51
od Sairus
Dobry den
Prosim o radu , NOD 32 mi nachazi 2 viry : Win32/Reventon.AA
Win32/Kryptik.BRFG

Nejde to v nodu vylecit ani smazat prosim co s tim ?

Re: Reventon a kryptik

Napsal: 27 pro 2013 20:22
od Sairus
Operační paměť » C:\DOCUME~1\ALLUSE~1\DATAAP~1\qfelwa9.jss varianta infiltrace Win32/Reveton.AA trojský kůň Žádná akce


Operační paměť » C:\DOCUME~1\ALLUSE~1\DATAAP~1\qfelwa9.jss varianta infiltrace Win32/Kryptik.BRFG trojský kůň Žádná akce


a ten RSIT log nevim co po me chcete :)

Re: Reventon a kryptik

Napsal: 27 pro 2013 20:52
od Sairus
Aha tak to se omlouvam .... a tady to mate

Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2013-12-27 20:49:20
WIN_XP Service Pack 2
System drive C: has 32 GB (81%) free of 39 GB
Total RAM: 510 MB (32% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:49:43, on 27.12.2013
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Zrychleni Pocitace\PCSUService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\IProsetMonitor.exe
C:\Program Files\Intel\ASF Agent\ASFAgent.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrator\Dokumenty\Preberanie\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/?gws_rd=cr&ei=PCw4 ... 4ATo7ICYBg
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (file missing)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PCSpeedUp] C:\Program Files\Zrychleni Pocitace\PCSUNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-299502267-1482476501-1417001333-500\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ASF Agent (ASFAgent) - Intel Corporation - C:\Program Files\Intel\ASF Agent\ASFAgent.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Intel Corporation - C:\WINDOWS\system32\IProsetMonitor.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: PC Speed Up Service (PCSUService) - Unknown owner - C:\Program Files\Zrychleni Pocitace\PCSUService.exe

--
End of file - 4544 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\PC SpeedUp Service Deactivator.job
C:\WINDOWS\tasks\RegClean Pro_DEFAULT.job
C:\WINDOWS\tasks\RegClean Pro_UPDATES.job
C:\WINDOWS\tasks\Start Driver Reviver for MIREK-6967DE75F@Administrator(logon).job
C:\WINDOWS\tasks\Start Driver Reviver for User(logon).job
C:\WINDOWS\tasks\User_Feed_Synchronization-{138658CC-B73D-46A8-A177-5DEB2457FB43}.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a7ork4ji.default

prefs.js - "browser.startup.homepage" - "http://www.dalesearch.com/?babsrc=HP_ss ... 0&tsp=5007"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"=McAfee Mss Plugin
"Path"=C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll


C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a7ork4ji.default\searchplugins\
babylon.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2005-06-21 155648]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2005-06-21 126976]
"UserFaultCheck"=C:\WINDOWS\system32\dumprep 0 -u []
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-02-06 2021400]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-18 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-17 1667584]
"PCSpeedUp"=C:\Program Files\Zrychleni Pocitace\PCSUNotifier.exe [2012-06-05 188680]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2005-06-21 348160]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\DRIVERS DELL\SweetIMSetup.exe"="E:\DRIVERS DELL\SweetIMSetup.exe:*:Enabled:InHouseSDM Setup"
"C:\Program Files\PANDORA.TV\PanService\PandoraService.exe"="C:\Program Files\PANDORA.TV\PanService\PandoraService.exe:*:Enabled:PandoraService"
"C:\Program Files\PANDORA.TV\PanService\PanProcess.exe"="C:\Program Files\PANDORA.TV\PanService\PanProcess.exe:*:Enabled:PanProcess"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-12-27 20:49:20 ----D---- C:\rsit
2013-12-27 20:49:20 ----D---- C:\Program Files\trend micro
2013-12-27 17:50:15 ----D---- C:\Program Files\ESET
2013-12-27 17:50:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2013-12-11 16:59:17 ----A---- C:\WINDOWS\system32\FlashPlayerInstaller.exe
2013-12-11 15:48:53 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2013-12-27 20:49:22 ----D---- C:\WINDOWS\Temp
2013-12-27 20:49:20 ----RD---- C:\Program Files
2013-12-27 20:49:19 ----D---- C:\WINDOWS\Prefetch
2013-12-27 18:47:07 ----D---- C:\Program Files\Optimizer Pro
2013-12-27 18:09:11 ----A---- C:\WINDOWS\setuplog.txt
2013-12-27 18:06:00 ----D---- C:\Program Files\Zrychleni Pocitace
2013-12-27 17:59:05 ----SD---- C:\WINDOWS\Tasks
2013-12-27 17:58:56 ----D---- C:\WINDOWS
2013-12-27 17:57:45 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-12-27 17:52:10 ----SHD---- C:\WINDOWS\Installer
2013-12-27 17:51:56 ----HD---- C:\WINDOWS\inf
2013-12-27 17:51:56 ----D---- C:\WINDOWS\system32\drivers
2013-12-27 17:51:41 ----D---- C:\WINDOWS\system32\CatRoot2
2013-12-15 17:58:30 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-12-12 15:12:39 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2013-12-11 16:59:33 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-12-11 16:59:17 ----D---- C:\WINDOWS\system32

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-02-06 93336]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-18 39936]
R1 OMCI;OMCI; C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS [2001-08-22 13632]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-02-06 113448]
R2 NetAlrt;NetAlrt; \??\C:\WINDOWS\system32\drivers\NetAlrt.sys []
R2 PlatAlrt;PlatAlrt; \??\C:\WINDOWS\system32\drivers\PlatAlrt.sys []
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2007-11-16 165496]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-18 9600]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-06-22 807998]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-05-06 580992]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-18 20480]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-18 14848]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ASFAgent;ASF Agent; C:\Program Files\Intel\ASF Agent\ASFAgent.exe [2002-08-07 221184]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-02-06 727720]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\WINDOWS\system32\IProsetMonitor.exe [2012-11-20 120136]
R2 PCSUService;PC Speed Up Service; C:\Program Files\Zrychleni Pocitace\PCSUService.exe [2012-06-05 289544]
S2 PanService;PandoraService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [2012-09-28 625304]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-02-06 20680]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-09-06 235216]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-11 119408]

-----------------EOF-----------------

Re: Reventon a kryptik

Napsal: 27 pro 2013 21:24
od Sairus
OTL logfile created on: 27.12.2013 21:05:24 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

509,99 Mb Total Physical Memory | 181,71 Mb Available Physical Memory | 35,63% Memory free
864,74 Mb Paging File | 524,06 Mb Available in Paging File | 60,60% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 38,23 Gb Total Space | 31,14 Gb Free Space | 81,45% Space Free | Partition Type: NTFS

Computer Name: MIREK-6967DE75F | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.12.27 21:02:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
PRC - [2013.12.11 15:49:34 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.11.20 22:29:24 | 000,120,136 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\IPROSetMonitor.exe
PRC - [2012.06.05 08:39:42 | 000,289,544 | ---- | M] () -- C:\Program Files\Zrychleni Pocitace\PCSUService.exe
PRC - [2009.02.06 14:23:36 | 000,727,720 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009.02.06 14:23:12 | 002,021,400 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2004.08.18 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2002.08.07 05:34:26 | 000,221,184 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\ASF Agent\ASFAgent.exe


========== Modules (All) ==========

MOD - [2013.12.27 21:02:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
MOD - [2013.12.15 13:50:38 | 000,237,568 | ---- | M] (http://tortoisesvn.net) -- C:\Documents and Settings\All Users\Data aplikací\qfelwa9.jss
MOD - [2013.12.11 15:49:37 | 000,272,496 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\browser\components\browsercomps.dll
MOD - [2013.12.11 15:49:34 | 003,459,696 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\gkmedias.dll
MOD - [2013.12.11 15:49:34 | 000,302,192 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\freebl3.dll
MOD - [2013.12.11 15:49:34 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
MOD - [2013.12.11 15:49:30 | 003,363,952 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013.12.11 15:49:30 | 000,130,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozglue.dll
MOD - [2013.12.11 15:49:30 | 000,017,008 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozalloc.dll
MOD - [2013.12.11 15:49:28 | 001,776,240 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nss3.dll
MOD - [2013.12.11 15:49:27 | 000,393,328 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssckbi.dll
MOD - [2013.12.11 15:49:27 | 000,092,272 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssdbm3.dll
MOD - [2013.12.11 15:49:21 | 000,153,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\softokn3.dll
MOD - [2013.12.11 15:49:19 | 022,031,984 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xul.dll
MOD - [2012.11.20 22:29:24 | 000,120,136 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\IPROSetMonitor.exe
MOD - [2012.06.05 08:39:42 | 000,289,544 | ---- | M] () -- C:\Program Files\Zrychleni Pocitace\PCSUService.exe
MOD - [2012.01.16 21:06:32 | 000,577,621 | ---- | M] () -- C:\Program Files\Zrychleni Pocitace\Sqlite3.dll
MOD - [2011.02.19 23:03:12 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp100.dll
MOD - [2011.02.19 00:40:50 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr100.dll
MOD - [2010.03.18 17:15:26 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\msvcr100.dll
MOD - [2010.03.18 17:15:26 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\msvcp100.dll
MOD - [2009.03.08 04:39:48 | 011,063,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ieframe.dll
MOD - [2009.03.08 04:34:58 | 000,914,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll
MOD - [2009.03.08 04:34:56 | 001,206,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll
MOD - [2009.03.08 04:34:48 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\webcheck.dll
MOD - [2009.03.08 04:32:48 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advpack.dll
MOD - [2009.03.08 04:32:22 | 001,985,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iertutil.dll
MOD - [2009.02.06 14:30:04 | 000,220,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\updater.dll
MOD - [2009.02.06 14:30:02 | 000,274,520 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiUpdate.dll
MOD - [2009.02.06 14:30:02 | 000,150,920 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnUpdate.dll
MOD - [2009.02.06 14:28:28 | 000,105,600 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnMailPlugins.dll
MOD - [2009.02.06 14:28:28 | 000,011,952 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eplgHooks.dll
MOD - [2009.02.06 14:28:26 | 000,097,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiMailPlugins.dll
MOD - [2009.02.06 14:25:28 | 000,171,520 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnScan.dll
MOD - [2009.02.06 14:25:26 | 000,307,480 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiScan.dll
MOD - [2009.02.06 14:24:06 | 000,410,480 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEpfw.dll
MOD - [2009.02.06 14:24:04 | 000,896,640 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEpfw.dll
MOD - [2009.02.06 14:23:36 | 000,727,720 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
MOD - [2009.02.06 14:23:12 | 002,021,400 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
MOD - [2009.02.06 14:22:30 | 000,113,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEmon.dll
MOD - [2009.02.06 14:22:30 | 000,105,600 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEmon.dll
MOD - [2009.02.06 14:21:50 | 000,109,720 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnDmon.dll
MOD - [2009.02.06 14:21:48 | 000,101,480 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiDmon.dll
MOD - [2009.02.06 14:20:32 | 000,171,520 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnAmon.dll
MOD - [2009.02.06 14:20:30 | 000,142,680 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiAmon.dll
MOD - [2009.01.07 18:20:36 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\normaliz.dll
MOD - [2009.01.07 18:20:22 | 001,497,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll
MOD - [2009.01.07 18:20:22 | 001,022,976 | ---- | M] (Společnost Microsoft) -- C:\WINDOWS\system32\browseui.dll
MOD - [2009.01.07 18:20:22 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2006.12.20 06:53:50 | 001,093,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\ESET\ESET NOD32 Antivirus\mfc80u.dll
MOD - [2006.12.20 06:53:48 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\ESET\ESET NOD32 Antivirus\msvcr80.dll
MOD - [2006.12.20 06:53:48 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\ESET\ESET NOD32 Antivirus\msvcp80.dll
MOD - [2005.08.05 16:58:08 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
MOD - [2005.06.21 23:44:12 | 000,348,160 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.dll
MOD - [2005.06.21 23:43:38 | 000,118,784 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hccutils.dll
MOD - [2004.08.18 13:00:00 | 008,388,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2004.08.18 13:00:00 | 002,927,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll
MOD - [2004.08.18 13:00:00 | 001,852,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcGenral.dll
MOD - [2004.08.18 13:00:00 | 001,707,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netshell.dll
MOD - [2004.08.18 13:00:00 | 001,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2004.08.18 13:00:00 | 001,236,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msxml3.dll
MOD - [2004.08.18 13:00:00 | 001,134,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuaueng.dll
MOD - [2004.08.18 13:00:00 | 001,083,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\esent.dll
MOD - [2004.08.18 13:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004.08.18 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
MOD - [2004.08.18 13:00:00 | 000,993,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msgina.dll
MOD - [2004.08.18 13:00:00 | 000,990,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2004.08.18 13:00:00 | 000,982,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2004.08.18 13:00:00 | 000,806,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2004.08.18 13:00:00 | 000,726,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2004.08.18 13:00:00 | 000,720,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsasrv.dll
MOD - [2004.08.18 13:00:00 | 000,713,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sxs.dll
MOD - [2004.08.18 13:00:00 | 000,702,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2004.08.18 13:00:00 | 000,683,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2004.08.18 13:00:00 | 000,662,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasdlg.dll
MOD - [2004.08.18 13:00:00 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dbghelp.dll
MOD - [2004.08.18 13:00:00 | 000,624,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netcfgx.dll
MOD - [2004.08.18 13:00:00 | 000,611,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comctl32.dll
MOD - [2004.08.18 13:00:00 | 000,600,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll
MOD - [2004.08.18 13:00:00 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll
MOD - [2004.08.18 13:00:00 | 000,581,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2004.08.18 13:00:00 | 000,577,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2004.08.18 13:00:00 | 000,557,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdoclc.dll
MOD - [2004.08.18 13:00:00 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2004.08.18 13:00:00 | 000,515,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll
MOD - [2004.08.18 13:00:00 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2004.08.18 13:00:00 | 000,423,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samsrv.dll
MOD - [2004.08.18 13:00:00 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2004.08.18 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netlogon.dll
MOD - [2004.08.18 13:00:00 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usp10.dll
MOD - [2004.08.18 13:00:00 | 000,395,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcss.dll
MOD - [2004.08.18 13:00:00 | 000,385,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\themeui.dll
MOD - [2004.08.18 13:00:00 | 000,359,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsvc.dll
MOD - [2004.08.18 13:00:00 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winhttp.dll
MOD - [2004.08.18 13:00:00 | 000,345,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hnetcfg.dll
MOD - [2004.08.18 13:00:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2004.08.18 13:00:00 | 000,342,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\localspl.dll
MOD - [2004.08.18 13:00:00 | 000,338,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\zipfldr.dll
MOD - [2004.08.18 13:00:00 | 000,332,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll
MOD - [2004.08.18 13:00:00 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscui.dll
MOD - [2004.08.18 13:00:00 | 000,321,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scesrv.dll
MOD - [2004.08.18 13:00:00 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\duser.dll
MOD - [2004.08.18 13:00:00 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\termsrv.dll
MOD - [2004.08.18 13:00:00 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2004.08.18 13:00:00 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kerberos.dll
MOD - [2004.08.18 13:00:00 | 000,283,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pdh.dll
MOD - [2004.08.18 13:00:00 | 000,278,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2004.08.18 13:00:00 | 000,278,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2004.08.18 13:00:00 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oakley.dll
MOD - [2004.08.18 13:00:00 | 000,265,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\h323.tsp
MOD - [2004.08.18 13:00:00 | 000,253,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icm32.dll
MOD - [2004.08.18 13:00:00 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbc32.dll
MOD - [2004.08.18 13:00:00 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mswsock.dll
MOD - [2004.08.18 13:00:00 | 000,246,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapisrv.dll
MOD - [2004.08.18 13:00:00 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll
MOD - [2004.08.18 13:00:00 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\es.dll
MOD - [2004.08.18 13:00:00 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasapi32.dll
MOD - [2004.08.18 13:00:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2004.08.18 13:00:00 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcomn.dll
MOD - [2004.08.18 13:00:00 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\unimdm.tsp
MOD - [2004.08.18 13:00:00 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasppp.dll
MOD - [2004.08.18 13:00:00 | 000,198,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netman.dll
MOD - [2004.08.18 13:00:00 | 000,196,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\certcli.dll
MOD - [2004.08.18 13:00:00 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msutb.dll
MOD - [2004.08.18 13:00:00 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\activeds.dll
MOD - [2004.08.18 13:00:00 | 000,190,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schedsvc.dll
MOD - [2004.08.18 13:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2004.08.18 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
MOD - [2004.08.18 13:00:00 | 000,182,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipsecsvc.dll
MOD - [2004.08.18 13:00:00 | 000,181,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapi32.dll
MOD - [2004.08.18 13:00:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME
MOD - [2004.08.18 13:00:00 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll
MOD - [2004.08.18 13:00:00 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\w32time.dll
MOD - [2004.08.18 13:00:00 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll
MOD - [2004.08.18 13:00:00 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasmans.dll
MOD - [2004.08.18 13:00:00 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2004.08.18 13:00:00 | 000,170,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srsvc.dll
MOD - [2004.08.18 13:00:00 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\credui.dll
MOD - [2004.08.18 13:00:00 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll
MOD - [2004.08.18 13:00:00 | 000,148,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll
MOD - [2004.08.18 13:00:00 | 000,146,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2004.08.18 13:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schannel.dll
MOD - [2004.08.18 13:00:00 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll
MOD - [2004.08.18 13:00:00 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntshrui.dll
MOD - [2004.08.18 13:00:00 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\adsldpc.dll
MOD - [2004.08.18 13:00:00 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc_os.dll
MOD - [2004.08.18 13:00:00 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dssenh.dll
MOD - [2004.08.18 13:00:00 | 000,134,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shsvcs.dll
MOD - [2004.08.18 13:00:00 | 000,132,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\upnp.dll
MOD - [2004.08.18 13:00:00 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wkssvc.dll
MOD - [2004.08.18 13:00:00 | 000,129,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msv1_0.dll
MOD - [2004.08.18 13:00:00 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2004.08.18 13:00:00 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\stobject.dll
MOD - [2004.08.18 13:00:00 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2004.08.18 13:00:00 | 000,119,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umpnpmgr.dll
MOD - [2004.08.18 13:00:00 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstlsapi.dll
MOD - [2004.08.18 13:00:00 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastls.dll
MOD - [2004.08.18 13:00:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2004.08.18 13:00:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dhcpcsvc.dll
MOD - [2004.08.18 13:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
MOD - [2004.08.18 13:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2004.08.18 13:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscdll.dll
MOD - [2004.08.18 13:00:00 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32spl.dll
MOD - [2004.08.18 13:00:00 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\actxprxy.dll
MOD - [2004.08.18 13:00:00 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winscard.dll
MOD - [2004.08.18 13:00:00 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srvsvc.dll
MOD - [2004.08.18 13:00:00 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psbase.dll
MOD - [2004.08.18 13:00:00 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll
MOD - [2004.08.18 13:00:00 | 000,094,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcint.dll
MOD - [2004.08.18 13:00:00 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wlnotify.dll
MOD - [2004.08.18 13:00:00 | 000,090,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\trkwks.dll
MOD - [2004.08.18 13:00:00 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mprapi.dll
MOD - [2004.08.18 13:00:00 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2004.08.18 13:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll
MOD - [2004.08.18 13:00:00 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll
MOD - [2004.08.18 13:00:00 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browser.dll
MOD - [2004.08.18 13:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetpp.dll
MOD - [2004.08.18 13:00:00 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolss.dll
MOD - [2004.08.18 13:00:00 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscms.dll
MOD - [2004.08.18 13:00:00 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll
MOD - [2004.08.18 13:00:00 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\raschap.dll
MOD - [2004.08.18 13:00:00 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\notepad.exe
MOD - [2004.08.18 13:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2004.08.18 13:00:00 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll
MOD - [2004.08.18 13:00:00 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browselc.dll
MOD - [2004.08.18 13:00:00 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll
MOD - [2004.08.18 13:00:00 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2004.08.18 13:00:00 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasman.dll
MOD - [2004.08.18 13:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptsvc.dll
MOD - [2004.08.18 13:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll
MOD - [2004.08.18 13:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cabinet.dll
MOD - [2004.08.18 13:00:00 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastapi.dll
MOD - [2004.08.18 13:00:00 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\atl.dll
MOD - [2004.08.18 13:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
MOD - [2004.08.18 13:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clusapi.dll
MOD - [2004.08.18 13:00:00 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ndptsp.tsp
MOD - [2004.08.18 13:00:00 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll
MOD - [2004.08.18 13:00:00 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\authz.dll
MOD - [2004.08.18 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2004.08.18 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll
MOD - [2004.08.18 13:00:00 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2004.08.18 13:00:00 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsapi.dll
MOD - [2004.08.18 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
MOD - [2004.08.18 13:00:00 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\regapi.dll
MOD - [2004.08.18 13:00:00 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdigest.dll
MOD - [2004.08.18 13:00:00 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cnbjmon.dll
MOD - [2004.08.18 13:00:00 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msprivs.dll
MOD - [2004.08.18 13:00:00 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpmon.dll
MOD - [2004.08.18 13:00:00 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rtutils.dll
MOD - [2004.08.18 13:00:00 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll
MOD - [2004.08.18 13:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\audiosrv.dll
MOD - [2004.08.18 13:00:00 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sens.dll
MOD - [2004.08.18 13:00:00 | 000,038,912 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
MOD - [2004.08.18 13:00:00 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wups.dll
MOD - [2004.08.18 13:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ncobjapi.dll
MOD - [2004.08.18 13:00:00 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ssdpapi.dll
MOD - [2004.08.18 13:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pstorsvc.dll
MOD - [2004.08.18 13:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
MOD - [2004.08.18 13:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kmddsp.tsp
MOD - [2004.08.18 13:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptdll.dll
MOD - [2004.08.18 13:00:00 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winipsec.dll
MOD - [2004.08.18 13:00:00 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mspatcha.dll
MOD - [2004.08.18 13:00:00 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidphone.tsp
MOD - [2004.08.18 13:00:00 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\batmeter.dll
MOD - [2004.08.18 13:00:00 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\profmap.dll
MOD - [2004.08.18 13:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfdisk.dll
MOD - [2004.08.18 13:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shfolder.dll
MOD - [2004.08.18 13:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfos.dll
MOD - [2004.08.18 13:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll
MOD - [2004.08.18 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
MOD - [2004.08.18 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcbcp.dll
MOD - [2004.08.18 13:00:00 | 000,024,064 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\system32\dmserver.dll
MOD - [2004.08.18 13:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2004.08.18 13:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ersvc.dll
MOD - [2004.08.18 13:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll
MOD - [2004.08.18 13:00:00 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.drv
MOD - [2004.08.18 13:00:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wshtcpip.dll
MOD - [2004.08.18 13:00:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll
MOD - [2004.08.18 13:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemprox.dll
MOD - [2004.08.18 13:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2004.08.18 13:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\seclogon.dll
MOD - [2004.08.18 13:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\midimap.dll
MOD - [2004.08.18 13:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll
MOD - [2004.08.18 13:00:00 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2004.08.18 13:00:00 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\nddeapi.dll
MOD - [2004.08.18 13:00:00 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\powrprof.dll
MOD - [2004.08.18 13:00:00 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipconf.tsp
MOD - [2004.08.18 13:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winrnr.dll
MOD - [2004.08.18 13:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usbmon.dll
MOD - [2004.08.18 13:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pjlmon.dll
MOD - [2004.08.18 13:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
MOD - [2004.08.18 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
MOD - [2004.08.18 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll
MOD - [2004.08.18 13:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uniplat.dll
MOD - [2004.08.18 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
MOD - [2004.08.18 13:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll
MOD - [2004.08.18 13:00:00 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icaapi.dll
MOD - [2004.08.18 13:00:00 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasadhlp.dll
MOD - [2004.08.18 13:00:00 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlsapi.dll
MOD - [2004.08.18 13:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauserv.dll
MOD - [2004.08.18 13:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sensapi.dll
MOD - [2004.08.18 13:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msidle.dll
MOD - [2004.08.18 13:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmi.dll
MOD - [2004.08.18 13:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc.dll
MOD - [2004.08.18 13:00:00 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll
MOD - [2004.08.18 13:00:00 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icmp.dll
MOD - [2004.08.17 15:49:30 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdmaud.drv
MOD - [2002.08.08 01:25:52 | 000,466,944 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\ASF Agent\ASFCfgsv.dll
MOD - [2002.08.07 05:34:26 | 000,221,184 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\ASF Agent\ASFAgent.exe

Re: Reventon a kryptik

Napsal: 27 pro 2013 21:25
od Sairus
========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013.12.11 16:59:34 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.12.11 15:49:31 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.09.06 18:29:38 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe -- (McComponentHostService)
SRV - [2012.11.20 22:29:24 | 000,120,136 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\system32\IPROSetMonitor.exe -- (Intel(R)
SRV - [2012.09.28 09:25:54 | 000,625,304 | ---- | M] (Pandora.TV) [Auto | Stopped] -- C:\Program Files\PANDORA.TV\PanService\PandoraService.exe -- (PanService)
SRV - [2012.06.05 08:39:42 | 000,289,544 | ---- | M] () [Auto | Running] -- C:\Program Files\Zrychleni Pocitace\PCSUService.exe -- (PCSUService)
SRV - [2009.02.06 14:27:06 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009.02.06 14:23:36 | 000,727,720 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2002.08.07 05:34:26 | 000,221,184 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\ASF Agent\ASFAgent.exe -- (ASFAgent)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2009.02.06 14:24:24 | 000,093,336 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2009.02.06 14:23:18 | 000,106,208 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009.02.06 14:19:52 | 000,113,448 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2002.05.07 16:06:36 | 000,023,744 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\platalrt.sys -- (PlatAlrt)
DRV - [2002.05.07 16:05:56 | 000,039,680 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netalrt.sys -- (NetAlrt)
DRV - [2001.08.22 08:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (OMCI)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-299502267-1482476501-1417001333-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/?gws_rd=cr&ei=PCw4 ... 4ATo7ICYBg
IE - HKU\S-1-5-21-299502267-1482476501-1417001333-500\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-299502267-1482476501-1417001333-500\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-299502267-1482476501-1417001333-500\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.dalesearch.com/?q={searchTer ... 0&tsp=5007
IE - HKU\S-1-5-21-299502267-1482476501-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "DaleSearch"
FF - prefs.js..browser.search.selectedEngine: "DaleSearch"
FF - prefs.js..browser.startup.homepage: "http://www.dalesearch.com/?babsrc=HP_ss ... 0&tsp=5007"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013.12.27 17:50:20 | 000,000,000 | ---D | M]

[2013.08.30 12:03:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Extensions
[2013.09.29 17:39:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a7ork4ji.default\extensions
[2013.09.16 18:30:18 | 000,006,499 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a7ork4ji.default\searchplugins\babylon.xml
[2013.12.11 15:48:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.12.11 15:49:37 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.12.27 19:11:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\browser\extensions
[2013.12.27 19:12:52 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2004.08.18 13:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll File not found
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u File not found
O4 - HKU\S-1-5-21-299502267-1482476501-1417001333-500..\Run: [PCSpeedUp] C:\Program Files\Zrychleni Pocitace\PCSUNotifier.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-299502267-1482476501-1417001333-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DC2BB087-777D-47DB-918F-8D76D60DB213}: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.01.24 10:08:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
System Restore Service not available.

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: winmgmt - C:\WINDOWS\system32\wbem\winmgmt.exe (Microsoft Corporation)

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: WinMgmt - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: WinMgmt - Service
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.12.27 21:01:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
[2013.12.27 20:49:20 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.12.27 20:49:20 | 000,000,000 | ---D | C] -- C:\rsit
[2013.12.27 18:17:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\ESET
[2013.12.27 17:56:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ESET
[2013.12.27 17:50:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\ESET
[2013.12.27 17:50:15 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013.12.27 17:50:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2013.12.15 13:50:38 | 000,237,568 | ---- | C] (http://tortoisesvn.net) -- C:\Documents and Settings\All Users\Data aplikací\qfelwa9.jss
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2013.12.27 21:10:11 | 000,000,360 | ---- | M] () -- C:\WINDOWS\tasks\PC SpeedUp Service Deactivator.job
[2013.12.27 21:06:25 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.12.27 21:02:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
[2013.12.27 21:01:07 | 000,000,482 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{138658CC-B73D-46A8-A177-5DEB2457FB43}.job
[2013.12.27 20:59:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.12.27 18:09:11 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.12.27 18:06:04 | 000,000,316 | ---- | M] () -- C:\WINDOWS\tasks\Start Driver Reviver for User(logon).job
[2013.12.27 18:05:17 | 095,025,368 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\j64wl4h1.fee
[2013.12.27 18:05:09 | 095,025,368 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\9awlefq.fee
[2013.12.27 18:04:15 | 000,000,316 | ---- | M] () -- C:\WINDOWS\tasks\Start Driver Reviver for MIREK-6967DE75F@Administrator(logon).job
[2013.12.27 18:04:01 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\9awlefq.odd
[2013.12.27 18:04:00 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\j64wl4h1.odd
[2013.12.27 18:03:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.12.27 21:06:25 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.12.27 17:59:05 | 000,000,316 | ---- | C] () -- C:\WINDOWS\tasks\Start Driver Reviver for User(logon).job
[2013.12.25 05:10:36 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\j64wl4h1.odd
[2013.12.25 05:10:32 | 095,025,368 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\j64wl4h1.fee
[2013.12.15 13:51:58 | 000,000,387 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\9awlefq.reg
[2013.12.15 13:51:04 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\9awlefq.odd
[2013.12.15 13:50:41 | 095,025,368 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\9awlefq.fee
[2013.09.16 18:23:04 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.01.24 10:56:22 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013.01.24 10:55:11 | 000,093,480 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.01.24 10:11:56 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013.01.24 10:04:03 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

========== ZeroAccess Check ==========


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009.01.07 18:20:22 | 001,497,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2004.08.18 13:00:00 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004.08.18 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.09.16 18:29:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Babylon
[2013.01.25 08:40:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Carambis
[2013.01.25 08:34:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\GHISLER
[2013.09.16 18:25:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\OpenCandy
[2013.09.16 18:36:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Optimizer Pro
[2013.09.16 18:31:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Systweak
[2013.09.16 18:29:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Babylon
[2013.09.29 17:39:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DriverReviver.exe
[2013.12.27 17:50:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2013.02.12 19:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ReviverSoft
[2013.12.12 15:12:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP

========== Purity Check ==========



========== Custom Scans ==========

========== Drive Information ==========

Physical Drives
---------------

Error accessing drive info (0)
Error accessing drive info (0)

Partitions
---------------

Error accessing partition info (0)
Error accessing partition info (0)
[2013.09.16 18:36:31 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Administrator\Data aplikací
[2013.01.24 10:55:50 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Administrator\Okolní síť
[2013.01.24 10:55:50 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Administrator\Okolní tiskárny
[2013.01.24 10:03:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Administrator\Šablony
[2013.12.27 18:40:34 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Data aplikací
[2013.01.24 10:55:51 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Šablony
[2013.02.13 19:44:54 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information

========== Base Services ==========
SRV - [2004.08.18 13:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2004.08.18 13:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2004.08.18 13:00:00 | 000,382,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2004.08.18 13:00:00 | 000,077,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2004.08.18 13:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2004.08.18 13:00:00 | 000,110,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2004.08.18 13:00:00 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2004.08.18 13:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
No service found with a name of EapHost
SRV - [2004.08.18 13:00:00 | 000,134,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2004.08.18 13:00:00 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2004.08.18 13:00:00 | 000,150,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2004.08.18 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2004.08.18 13:00:00 | 000,024,064 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2004.08.18 13:00:00 | 000,225,280 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2004.08.18 13:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2004.08.18 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2004.08.18 13:00:00 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2004.08.18 13:00:00 | 000,247,296 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\mswsock.dll -- (Nla)
SRV - [2004.08.18 13:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2004.08.18 13:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2004.08.18 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2004.08.18 13:00:00 | 000,089,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2004.08.18 13:00:00 | 000,174,080 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2004.08.18 13:00:00 | 000,395,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs)
SRV - [2004.08.18 13:00:00 | 000,435,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2004.08.18 13:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2004.08.18 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2004.08.18 13:00:00 | 000,081,408 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2004.08.18 13:00:00 | 000,096,768 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver)
SRV - [2004.08.18 13:00:00 | 000,134,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2004.08.18 13:00:00 | 000,170,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2004.08.18 13:00:00 | 000,190,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2004.08.18 13:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2004.08.18 13:00:00 | 000,246,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2004.08.18 13:00:00 | 000,295,936 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2004.08.18 13:00:00 | 000,134,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2004.08.18 13:00:00 | 000,290,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2004.08.18 13:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2004.08.18 13:00:00 | 000,330,240 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
SRV - [2004.08.18 13:00:00 | 000,333,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc)
SRV - [2004.08.18 13:00:00 | 000,077,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
No service found with a name of winmgmt
SRV - [2004.08.18 13:00:00 | 000,683,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)
No service found with a name of Dot3Svc
SRV - [2004.08.18 13:00:00 | 000,359,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2004.08.18 13:00:00 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)

Re: Reventon a kryptik

Napsal: 27 pro 2013 21:28
od Sairus
< >
[2013.01.24 10:05:18 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2013.01.24 10:20:40 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2013.02.12 19:51:50 | 000,000,316 | ---- | C] () -- C:\WINDOWS\Tasks\Start Driver Reviver for MIREK-6967DE75F@Administrator(logon).job
[2013.08.30 12:13:09 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013.09.16 18:31:20 | 000,000,360 | ---- | C] () -- C:\WINDOWS\Tasks\PC SpeedUp Service Deactivator.job
[2013.09.17 07:48:41 | 000,000,280 | ---- | C] () -- C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job
[2013.09.17 07:48:41 | 000,000,288 | ---- | C] () -- C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job
[2013.11.23 16:20:52 | 000,000,482 | -H-- | C] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{138658CC-B73D-46A8-A177-5DEB2457FB43}.job
[2013.12.27 17:59:05 | 000,000,316 | ---- | C] () -- C:\WINDOWS\Tasks\Start Driver Reviver for User(logon).job

< MD5 for: ACPI.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:acpi.sys
[2004.08.18 13:00:00 | 000,188,288 | ---- | M] (Microsoft Corporation) MD5=FA2FBCDA96D2385F773B059FE5A125A6 -- C:\WINDOWS\system32\drivers\acpi.sys

< MD5 for: AFD.SYS >
[2004.08.18 13:00:00 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=5AC495F4CB807B2B98AD2AD591E6D92E -- C:\WINDOWS\system32\dllcache\afd.sys
[2004.08.18 13:00:00 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=5AC495F4CB807B2B98AD2AD591E6D92E -- C:\WINDOWS\system32\drivers\afd.sys

< MD5 for: AGP440.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.18 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2004.08.18 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\autochk.exe
[2004.08.18 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004.08.18 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CMD.EXE >
[2004.08.18 13:00:00 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=4E5BE66CD70D52637589E9C3E2C1696D -- C:\WINDOWS\system32\cmd.exe
[2004.08.18 13:00:00 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=4E5BE66CD70D52637589E9C3E2C1696D -- C:\WINDOWS\system32\dllcache\cmd.exe

< MD5 for: CRYPTSVC.DLL >
[2004.08.18 13:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\cryptsvc.dll
[2004.08.18 13:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: CSRSS.EXE >
[2004.08.18 13:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=490E6E57E54FAF5F23F658EA188405A1 -- C:\WINDOWS\system32\csrss.exe
[2004.08.18 13:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=490E6E57E54FAF5F23F658EA188405A1 -- C:\WINDOWS\system32\dllcache\csrss.exe

< MD5 for: EVENTLOG.DLL >
[2004.08.18 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004.08.18 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2004.08.18 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\explorer.exe
[2004.08.18 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: FASTFAT.SYS >
[2004.08.18 13:00:00 | 000,143,360 | ---- | M] (Microsoft Corporation) MD5=3117F595E9615E04F05A54FC15A03B20 -- C:\WINDOWS\system32\dllcache\fastfat.sys
[2004.08.18 13:00:00 | 000,143,360 | ---- | M] (Microsoft Corporation) MD5=3117F595E9615E04F05A54FC15A03B20 -- C:\WINDOWS\system32\drivers\fastfat.sys

< MD5 for: HAL.DLL >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2004.08.18 13:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys

< MD5 for: I8042PRT.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:i8042prt.sys
[2004.08.18 13:00:00 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=0F42DE9909B5DBF2C48DD1A79D491AF5 -- C:\WINDOWS\system32\drivers\i8042prt.sys

< MD5 for: ISAPNP.SYS >
[2004.08.18 13:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: KBDCLASS.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:kbdclass.sys
[2004.08.18 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=6F877BF8DC01A550CD666F3BEDB2213C -- C:\WINDOWS\system32\drivers\kbdclass.sys

< MD5 for: LSASS.EXE >
[2004.08.18 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2004.08.18 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2004.08.18 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2004.08.18 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2004.08.18 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004.08.18 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: NTFS.SYS >
[2004.08.18 13:00:00 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\WINDOWS\system32\dllcache\ntfs.sys
[2004.08.18 13:00:00 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\WINDOWS\system32\drivers\ntfs.sys

< MD5 for: NTKRNLPA.EXE >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:ntkrnlpa.exe
[2004.08.18 13:00:00 | 002,059,008 | ---- | M] (Microsoft Corporation) MD5=E86DD06F2B8F919DDF23F78A3BF2AA23 -- C:\WINDOWS\system32\ntkrnlpa.exe

< MD5 for: NTOSKRNL.EXE >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:ntoskrnl.exe
[2004.08.18 13:00:00 | 002,183,168 | ---- | M] (Microsoft Corporation) MD5=12C80E46DCEC9B82473D1B1B9DA1F16B -- C:\WINDOWS\system32\ntoskrnl.exe

< MD5 for: REGEDIT.EXE >
[2004.08.18 13:00:00 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=CB5A91928D94224E7E30EE277B45E8A3 -- C:\WINDOWS\regedit.exe
[2004.08.18 13:00:00 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=CB5A91928D94224E7E30EE277B45E8A3 -- C:\WINDOWS\system32\dllcache\regedit.exe

< MD5 for: SCECLI.DLL >
[2004.08.18 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004.08.18 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SERVICES.EXE >
[2004.08.18 13:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\system32\dllcache\services.exe
[2004.08.18 13:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\system32\services.exe

< MD5 for: SMSS.EXE >
[2004.08.18 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\dllcache\smss.exe
[2004.08.18 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SPOOLSV.EXE >
[2004.08.18 13:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=21B6FAA88044A41640E03EBB68BE93E8 -- C:\WINDOWS\system32\dllcache\spoolsv.exe
[2004.08.18 13:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=21B6FAA88044A41640E03EBB68BE93E8 -- C:\WINDOWS\system32\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2004.08.18 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004.08.18 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2004.08.18 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2004.08.18 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\drivers\tcpip.sys

< MD5 for: USER32.DLL >
[2004.08.18 13:00:00 | 000,577,024 | ---- | M] (Microsoft Corporation) MD5=1B4CCC59980DA34E75F20E42B283B027 -- C:\WINDOWS\system32\dllcache\user32.dll
[2004.08.18 13:00:00 | 000,577,024 | ---- | M] (Microsoft Corporation) MD5=1B4CCC59980DA34E75F20E42B283B027 -- C:\WINDOWS\system32\user32.dll

< MD5 for: USERINIT.EXE >
[2004.08.18 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004.08.18 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WIN32K.SYS >
[2004.08.18 13:00:00 | 001,835,904 | ---- | M] (Microsoft Corporation) MD5=F935B816A5B3D08E519D9EEBD65A6672 -- C:\WINDOWS\system32\dllcache\win32k.sys
[2004.08.18 13:00:00 | 001,835,904 | ---- | M] (Microsoft Corporation) MD5=F935B816A5B3D08E519D9EEBD65A6672 -- C:\WINDOWS\system32\win32k.sys

< MD5 for: WINLOGON.EXE >
[2005.08.05 16:58:08 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=427E6DED3A2369D3432A683EB489EE14 -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WINSRV.DLL >
[2004.08.18 13:00:00 | 000,290,816 | ---- | M] (Microsoft Corporation) MD5=E4E57FBA176F2752527B1D53A663D2D7 -- C:\WINDOWS\system32\dllcache\winsrv.dll
[2004.08.18 13:00:00 | 000,290,816 | ---- | M] (Microsoft Corporation) MD5=E4E57FBA176F2752527B1D53A663D2D7 -- C:\WINDOWS\system32\winsrv.dll

< MD5 for: WS2_32.DLL >
[2004.08.18 13:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2004.08.18 13:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\ws2_32.dll

< MD5 for: WSCRIPT.EXE >
[2004.08.18 13:00:00 | 000,114,688 | ---- | M] (Microsoft Corporation) MD5=8570AC76924CE5444AB664462DE8FFE5 -- C:\WINDOWS\system32\dllcache\wscript.exe
[2004.08.18 13:00:00 | 000,114,688 | ---- | M] (Microsoft Corporation) MD5=8570AC76924CE5444AB664462DE8FFE5 -- C:\WINDOWS\system32\wscript.exe

< >

< %systemroot%\system32\logevent.dll /md5 >

< %systemroot%\system32\sceclt.dll /md5 >

< %systemroot%\system32\ntelogon.dll /md5 >

< %systemroot%\system32\consrv.dll /md5 >

< >

< %systemroot%\system32\logevent.dll /md5 /64 >

< %systemroot%\system32\sceclt.dll /md5 /64 >

< %systemroot%\system32\ntelogon.dll /md5 /64 >

< %systemroot%\system32\consrv.dll /md5 /64 >

< >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.12.27 21:06:25 | 000,000,512 | ---- | M] () MD5=E7C786B09AAADFB6BFA4A309301AF6A3 -- C:\PhysicalMBR.bin

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013.12.11 15:49:34 | 000,275,568 | ---- | M] (Mozilla Corporation) MD5=077D59BA0FD4007E841B6C670862B065 -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %systemroot%\system32\Spool\prtprocs\*.* /s >

< %systemroot%\system32\drivers\*.sys /10 >

< %systemroot%\system32\drivers\*.sys /X >
[2004.08.18 13:00:00 | 003,440,660 | ---- | M] () -- C:\WINDOWS\system32\drivers\gm.dls
[2004.08.18 13:00:00 | 000,000,646 | ---- | M] () -- C:\WINDOWS\system32\drivers\gmreadme.txt
[2002.05.07 16:06:16 | 000,019,968 | ---- | M] () -- C:\WINDOWS\system32\drivers\netamsg.dll
[2002.05.07 16:06:36 | 000,019,968 | ---- | M] () -- C:\WINDOWS\system32\drivers\platmsg.dll

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.* /10 >
[2013.12.27 18:09:11 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\*.* /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\config\*.sav >
[2013.01.24 10:43:06 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2013.01.24 10:43:06 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2013.01.24 10:43:06 | 000,454,656 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< >

< c:\$Recycle.Bin|L,N,U,@;true;true;true /FN >

< c:\Windows\Installer|L,N,U,@;true;true;true /FN >

< >

< %systemroot%\Tasks\*.job >
[2013.12.27 20:59:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013.12.27 21:16:58 | 000,000,360 | ---- | M] () -- C:\WINDOWS\Tasks\PC SpeedUp Service Deactivator.job
[2013.12.17 13:20:31 | 000,000,280 | ---- | M] () -- C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job
[2013.09.17 07:48:41 | 000,000,288 | ---- | M] () -- C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job
[2013.12.27 18:04:15 | 000,000,316 | ---- | M] () -- C:\WINDOWS\Tasks\Start Driver Reviver for MIREK-6967DE75F@Administrator(logon).job
[2013.12.27 18:06:04 | 000,000,316 | ---- | M] () -- C:\WINDOWS\Tasks\Start Driver Reviver for User(logon).job
[2013.12.27 21:16:15 | 000,000,482 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{138658CC-B73D-46A8-A177-5DEB2457FB43}.job

< %systemroot%\*.* /U /s >
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[493 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]

< %systemroot%\*. /rp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >
[2013.12.27 18:05:09 | 095,025,368 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\9awlefq.fee
[2013.12.27 18:04:01 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\9awlefq.odd
[2013.12.15 13:51:58 | 000,000,387 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\9awlefq.reg
[2013.01.24 10:55:51 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\desktop.ini
[2013.12.27 18:05:17 | 095,025,368 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\j64wl4h1.fee
[2013.12.27 18:04:00 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\j64wl4h1.odd
[2013.12.15 13:50:38 | 000,237,568 | ---- | M] (http://tortoisesvn.net) -- C:\Documents and Settings\All Users\Data Aplikací\qfelwa9.jss

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >

< %ALLUSERSPROFILE%\Nabídka Start\*.lnk /x >
[2013.01.24 10:08:23 | 000,000,315 | -HS- | M] () -- C:\Documents and Settings\All Users\Nabídka Start\desktop.ini

< %ALLUSERSPROFILE%\Data Aplikácií\*.* >

< %ALLUSERSPROFILE%\Data Aplikácií\*.exe /s >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %APPDATA%\*. >
[2013.01.25 09:02:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Adobe
[2013.09.16 18:29:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Babylon
[2013.01.25 08:40:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Carambis
[2013.01.25 08:34:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\GHISLER
[2013.01.24 10:21:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Identities
[2013.01.25 09:02:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Macromedia
[2013.08.30 12:02:45 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
[2013.08.30 12:03:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla
[2013.09.16 18:25:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\OpenCandy
[2013.09.16 18:36:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Optimizer Pro
[2013.09.16 18:31:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Systweak

< %APPDATA%\*.* >
[2013.01.24 10:55:50 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\desktop.ini

< %APPDATA%\*.exe /s >
[2013.08.01 21:56:52 | 017,139,080 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\Administrator\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe

< %SYSTEMDRIVE%\*.exe >

< %systemroot%\system32|bak;true;false;false /fp >

< %PROGRAMFILES%|bak;true;false;false /fp >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2004.08.18 13:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2004.08.17 15:58:18 | 001,667,584 | ---- | M] (Microsoft Corporation)
"PCSpeedUp" = C:\Program Files\Zrychleni Pocitace\PCSUNotifier.exe -- [2012.06.05 08:39:44 | 000,188,680 | ---- | M] ()

========== Alternate Data Streams ==========

@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:373E1720

< End of report >

Re: Reventon a kryptik

Napsal: 27 pro 2013 22:08
od Sairus
# AdwCleaner v3.016 - Report created 27/12/2013 at 21:54:26
# Updated 23/12/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 2 (32 bits)
# Username : Administrator - MIREK-6967DE75F
# Running from : C:\Documents and Settings\Administrator\Plocha\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : pcsuservice

***** [ Files / Folders ] *****

File Found : C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a7ork4ji.default\searchplugins\Babylon.xml
File Found : C:\Documents and Settings\Administrator\Plocha\Optimizer Pro.lnk
File Found : C:\Documents and Settings\All Users\Plocha\RegClean Pro.lnk
File Found : C:\WINDOWS\system32\roboot.exe
File Found : C:\WINDOWS\Tasks\PC SpeedUp Service Deactivator.job
File Found : C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job
File Found : C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job
Folder Found C:\Documents and Settings\Administrator\Data aplikací\Babylon
Folder Found C:\Documents and Settings\Administrator\Data aplikací\OpenCandy
Folder Found C:\Documents and Settings\Administrator\Data aplikací\optimizer pro
Folder Found C:\Documents and Settings\Administrator\Data aplikací\Systweak
Folder Found C:\Documents and Settings\Administrator\Dokumenty\PCSpeedUp
Folder Found C:\Documents and Settings\All Users\Data aplikací\Babylon
Folder Found C:\Documents and Settings\All Users\Nabídka Start\Programy\optimizer pro
Folder Found C:\Documents and Settings\All Users\Nabídka Start\Programy\RegClean Pro
Folder Found C:\Program Files\optimizer pro
Folder Found C:\Program Files\RegClean Pro

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Optimizer Pro
Key Found : HKCU\Software\PIP
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\systweak
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Optimizer Pro_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RegClean Pro_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
Key Found : HKLM\Software\Speedchecker Limited
Key Found : HKLM\Software\systweak
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [pcspeedup]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [E:\DRIVERS DELL\SweetIMSetup.exe]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://www.dalesearch.com/?babsrc=NT_ss&mntrId ... 0&tsp=5007

-\\ Mozilla Firefox v25.0.1 (sk)

[ File : C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a7ork4ji.default\prefs.js ]

Line Found : user_pref("browser.newtab.url", "hxxp://www.dalesearch.com/?babsrc=NT_ss&mntrId ... 0&tsp=5007");
Line Found : user_pref("browser.search.defaultenginename", "DaleSearch");
Line Found : user_pref("browser.search.selectedEngine", "DaleSearch");
Line Found : user_pref("browser.startup.homepage", "hxxp://www.dalesearch.com/?babsrc=HP_ss&mntrId ... 0&tsp=5007");

*************************

AdwCleaner[R0].txt - [3744 octets] - [27/12/2013 21:54:26]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [3804 octets] ##########
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz