Ahoj,
budu moc vděčný tomu, kdo mi zkontroluje log. Děkuji předem!
Logfile of random's system information tool 1.09 (written by random/random)
Run by Jan at 2014-04-14 20:18:58
Microsoft Windows 7 Ultimate
System drive C: has 37 GB (24%) free of 154 GB
Total RAM: 2937 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:19:38, on 14.4.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16912)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\TOSHIBA\HDMICtrlMan\HCMSoundChanger.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Opera\opera.exe
C:\Windows\system32\taskhost.exe
C:\Users\Jan\Desktop\RSIT.exe
C:\Program Files\trend micro\Jan.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Microsoft Office Outlook 2007.lnk = ?
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Autodesk Content Service - Unknown owner - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: WTService - Unknown owner - C:\Windows\system32\atwtusb.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 6301 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\Defraggler Volume C Task.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\bz0z25da.default
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\bz0z25da.default\extensions\
maps@ovi.com
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll [2012-11-13 3214392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-18 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-04-07 597816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HDMICtrlMan"=C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [2008-04-26 716800]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 137752]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 172568]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe [2009-07-20 484920]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"SDTray"=C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [2012-11-13 3825176]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-04-07 3854640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software]
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2008-04-29 417792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MacrokeyManager]
C:\Windows\system32\WTMKM.exe [2011-06-01 7144448]
C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Microsoft Office Outlook 2007.lnk - C:\Windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\outicon.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 228864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon]
SDWinLogon.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2014-04-14 20:18:59 ----D---- C:\Program Files\trend micro
2014-04-14 20:18:58 ----D---- C:\rsit
2014-04-07 18:05:37 ----A---- C:\Windows\avastSS.scr
2014-03-30 00:30:25 ----D---- C:\Program Files\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2014-04-14 20:19:18 ----D---- C:\Windows\Temp
2014-04-14 20:19:13 ----D---- C:\Windows\Prefetch
2014-04-14 20:18:59 ----RD---- C:\Program Files
2014-04-14 20:17:01 ----D---- C:\Users\Jan\AppData\Roaming\Media Player Classic
2014-04-14 20:16:57 ----D---- C:\Windows\inf
2014-04-14 20:16:56 ----HD---- C:\Windows
2014-04-11 21:34:45 ----D---- C:\Windows\system32\config
2014-04-11 21:31:30 ----D---- C:\Windows\System32
2014-04-11 21:31:30 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-04-11 21:24:23 ----A---- C:\Windows\win.ini
2014-04-11 18:52:07 ----SHD---- C:\System Volume Information
2014-04-09 07:15:57 ----D---- C:\Windows\system32\drivers\etc
2014-04-07 18:05:47 ----D---- C:\Windows\system32\Tasks
2014-04-07 18:05:37 ----A---- C:\Windows\system32\aswBoot.exe
2014-04-05 19:36:28 ----D---- C:\Users\Jan\AppData\Roaming\gtk-2.0
2014-04-05 12:49:37 ----D---- C:\Video
2014-04-03 22:43:43 ----D---- C:\Users\Jan\AppData\Roaming\uTorrent
2014-03-30 22:00:14 ----D---- C:\Program Files\SpeedFan
2014-03-30 19:58:16 ----D---- C:\Users\Jan\AppData\Roaming\ICQ
2014-03-29 17:26:24 ----D---- C:\Program Files\Opera Developer
2014-03-25 16:59:26 ----D---- C:\Users\Jan\AppData\Roaming\Mp3tag
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-04-07 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-04-07 180760]
R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2011-03-18 25240]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 23640]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-04-07 81768]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-04-07 776976]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-04-07 411552]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-12-19 56080]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-01-07 239168]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-04-07 67824]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-08-07 8704]
R3 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-04-07 67264]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\Windows\system32\DRIVERS\ATSwpDrv.sys [2008-06-04 146944]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2009-06-23 487936]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-08-02 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-08-02 208896]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-02-11 9036800]
R3 moufiltr;Tablet Mouse Filter Driver; C:\Windows\system32\DRIVERS\moufiltr.sys [2009-03-08 6144]
R3 NETw5s32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit; C:\Windows\system32\DRIVERS\NETw5s32.sys [2010-01-13 6755840]
R3 O2MDRDR;O2MDRDR; C:\Windows\system32\DRIVERS\o2media.sys [2008-04-15 51160]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 84992]
R3 vhidmini;Generic Virtual HID Driver; C:\Windows\system32\DRIVERS\walvhid.sys [2009-08-20 6144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-08-02 660480]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 adusbmdm6502;AnyDATA CDMA USB Modem Driver (PID 6502); C:\Windows\system32\DRIVERS\adusbmdm65.sys [2005-05-02 64896]
S3 adusbnmea6502;AnyDATA CDMA USB NMEA Port (PID 6502); C:\Windows\system32\DRIVERS\adusbser65.sys [2005-05-02 64896]
S3 adusbser6502;AnyDATA CDMA USB Serial Port (PID 6502); C:\Windows\system32\DRIVERS\adusbser65.sys [2005-05-02 64896]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-14 207360]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-14 980992]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-14 661504]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-04-07 50344]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
R2 WTService;WTService; C:\Windows\system32\atwtusb.exe [2011-04-27 871936]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-08-07 386560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-06-07 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11 257928]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-01-07 1044816]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-07 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivní kontrola
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Preventivní kontrola
Zdravim 
Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivní kontrola
OTL.Txt:
Kód: Vybrat vše
OTL logfile created on: 15.4.2014 10:07:36 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jan\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,87 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 48,69% Memory free
5,73 Gb Paging File | 3,88 Gb Available in Paging File | 67,62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 150,66 Gb Total Space | 35,53 Gb Free Space | 23,58% Space Free | Partition Type: NTFS
Drive D: | 145,97 Gb Total Space | 8,94 Gb Free Space | 6,13% Space Free | Partition Type: NTFS
Computer Name: JAN | User Name: Jan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2014.04.15 10:02:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe
PRC - [2014.04.07 18:05:32 | 003,854,640 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014.04.07 18:05:32 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.07.04 22:17:01 | 000,879,456 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2012.11.13 14:08:08 | 003,825,176 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2012.11.13 14:07:24 | 000,168,384 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2012.11.13 14:07:20 | 001,369,624 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2012.11.13 14:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2011.04.27 17:23:10 | 000,871,936 | ---- | M] () -- C:\Windows\System32\atwtusb.exe
PRC - [2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.02.02 15:08:16 | 000,018,656 | ---- | M] () -- C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
PRC - [2009.07.20 15:29:00 | 000,484,920 | ---- | M] (Conexant Systems, Inc.) -- C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe
PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2008.04.26 16:57:06 | 000,716,800 | ---- | M] (TOSHIBA Corporation.) -- C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
PRC - [2008.04.17 11:39:02 | 000,667,648 | ---- | M] (TOSHIBA Corporation.) -- C:\Program Files\TOSHIBA\HDMICtrlMan\HCMSoundChanger.exe
PRC - [2007.07.24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2014.01.25 18:46:36 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013.07.04 22:17:32 | 000,312,832 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstoggdec.dll
MOD - [2013.07.04 22:17:32 | 000,158,208 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
MOD - [2013.07.04 22:17:32 | 000,101,888 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwebmdec.dll
MOD - [2013.07.04 22:17:32 | 000,073,728 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwavparse.dll
MOD - [2013.07.04 22:17:32 | 000,067,072 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdirectsound.dll
MOD - [2013.07.04 22:17:32 | 000,062,976 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdecodebin2.dll
MOD - [2013.07.04 22:17:32 | 000,057,344 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstautodetect.dll
MOD - [2013.07.04 22:17:32 | 000,038,912 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwaveform.dll
MOD - [2013.07.04 22:17:31 | 000,835,584 | ---- | M] () -- C:\Program Files\Opera\gstreamer\gstreamer.dll
MOD - [2013.07.04 22:17:31 | 000,096,256 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstcoreplugins.dll
MOD - [2013.07.04 22:17:31 | 000,094,208 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioresample.dll
MOD - [2013.07.04 22:17:31 | 000,093,696 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioconvert.dll
MOD - [2012.11.13 14:06:32 | 000,158,624 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2012.11.13 14:06:30 | 000,108,960 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2012.11.13 14:06:28 | 000,554,400 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
MOD - [2012.11.13 14:06:28 | 000,528,288 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\JSDialogPack150.bpl
MOD - [2012.11.13 14:06:28 | 000,416,160 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2006.10.26 22:30:42 | 000,065,312 | ---- | M] () -- C:\Program Files\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
MOD - [2006.10.26 14:56:46 | 000,757,008 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL
[color=#E56717]========== Services (SafeList) ==========[/color]
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDWSCService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDUpdateService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDScannerService)
SRV - [2014.04.07 18:05:32 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014.03.11 22:03:28 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.06.07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.01.07 22:41:01 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012.01.07 21:42:26 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011.04.27 17:23:10 | 000,871,936 | ---- | M] () [Auto | Running] -- C:\Windows\System32\atwtusb.exe -- (WTService)
SRV - [2011.02.02 15:08:16 | 000,018,656 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.07.24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2014.04.07 18:05:38 | 000,067,264 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\aswStm.sys -- (aswStm)
DRV - [2014.04.07 18:05:37 | 000,776,976 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014.04.07 18:05:37 | 000,411,552 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2014.04.07 18:05:37 | 000,180,760 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014.04.07 18:05:37 | 000,081,768 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2014.04.07 18:05:37 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014.04.07 18:05:37 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013.12.19 15:11:31 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.01.07 20:56:17 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.03.18 18:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\System32\speedfan.sys -- (speedfan)
DRV - [2010.01.13 17:36:40 | 006,755,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5s32.sys -- (NETw5s32)
DRV - [2009.08.20 20:38:24 | 000,006,144 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\walvhid.sys -- (vhidmini)
DRV - [2009.07.14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009.07.14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009.07.14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.14 00:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009.07.14 00:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32)
DRV - [2009.06.23 02:27:14 | 000,487,936 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2009.03.08 21:15:14 | 000,006,144 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\moufiltr.sys -- (moufiltr)
DRV - [2008.06.04 04:09:00 | 000,146,944 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV)
DRV - [2008.04.15 04:13:14 | 000,051,160 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2media.sys -- (O2MDRDR)
DRV - [2007.11.09 06:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2007.08.07 07:26:14 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2005.05.02 14:55:34 | 000,064,896 | ---- | M] (AnyDATA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\adusbser65.sys -- (adusbser6502)
DRV - [2005.05.02 14:55:34 | 000,064,896 | ---- | M] (AnyDATA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\adusbser65.sys -- (adusbnmea6502)
DRV - [2005.05.02 14:55:34 | 000,064,896 | ---- | M] (AnyDATA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\adusbmdm65.sys -- (adusbmdm6502)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\giveio.sys -- (giveio)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1481942134-3799304495-3899917968-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-1481942134-3799304495-3899917968-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1481942134-3799304495-3899917968-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1481942134-3799304495-3899917968-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1481942134-3799304495-3899917968-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..extensions.enabledAddons: maps%40ovi.com:5.9.2.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014.04.07 18:05:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2012.06.13 18:10:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jan\AppData\Roaming\Mozilla\Extensions
[2014.03.24 22:51:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\bz0z25da.default\extensions
[2012.06.13 18:13:25 | 000,000,000 | ---D | M] (Nokia Maps 3D browser plugin) -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\bz0z25da.default\extensions\maps@ovi.com
[2012.03.05 16:40:50 | 000,000,003 | ---- | M] () (No name found) -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\bz0z25da.default\extensions\maps@ovi.com\plugins\package.XPI
[2014.03.30 00:30:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014.03.30 00:30:38 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2014.04.09 07:15:57 | 000,444,830 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.123fporn.info
O1 - Hosts: 15276 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe (Conexant Systems, Inc.)
O4 - HKLM..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe (TOSHIBA Corporation.)
O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office Outlook 2007.lnk = C:\Windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\outicon.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-1481942134-3799304495-3899917968-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{04EDE873-1BAF-4A88-96B2-39B432B40CD3}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{82bc132b-3959-11e1-8d54-001e68b755ed}\Shell - "" = AutoRun
O33 - MountPoints2\{82bc132b-3959-11e1-8d54-001e68b755ed}\Shell\AutoRun\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{82bc132b-3959-11e1-8d54-001e68b755ed}\Shell\configure\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{82bc132b-3959-11e1-8d54-001e68b755ed}\Shell\install\command - "" = F:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean.exe)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\Windows\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2014.04.15 10:02:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe
[2014.04.14 20:18:59 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.04.14 20:18:58 | 000,000,000 | ---D | C] -- C:\rsit
[2014.04.07 18:05:37 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014.03.30 00:30:25 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2014.04.15 10:11:13 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.04.15 10:03:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.04.15 10:02:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe
[2014.04.15 10:00:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.04.14 20:17:47 | 000,781,383 | ---- | M] () -- C:\Users\Jan\Desktop\RSIT.exe
[2014.04.14 19:17:36 | 000,020,576 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.04.14 19:17:36 | 000,020,576 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.04.11 21:31:30 | 000,669,220 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2014.04.11 21:31:30 | 000,654,552 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014.04.11 21:31:30 | 000,140,806 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2014.04.11 21:31:30 | 000,121,424 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014.04.11 21:23:57 | 2309,652,480 | -HS- | M] () -- C:\hiberfil.sys
[2014.04.10 22:57:10 | 000,095,744 | ---- | M] () -- C:\Users\Jan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014.04.10 22:28:46 | 000,000,428 | ---- | M] () -- C:\Windows\tasks\Defraggler Volume C Task.job
[2014.04.09 07:15:57 | 000,444,830 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2014.04.07 18:05:38 | 000,067,264 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswStm.sys
[2014.04.07 18:05:37 | 000,776,976 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014.04.07 18:05:37 | 000,411,552 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014.04.07 18:05:37 | 000,271,264 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014.04.07 18:05:37 | 000,180,760 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014.04.07 18:05:37 | 000,081,768 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014.04.07 18:05:37 | 000,067,824 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014.04.07 18:05:37 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014.04.07 18:05:37 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014.04.05 19:36:28 | 000,013,205 | ---- | M] () -- C:\Users\Jan\.recently-used.xbel
[2014.04.03 22:34:10 | 001,154,027 | ---- | M] () -- C:\Users\Jan\Desktop\ARCHITEKTURA_ Ludvík Kysela - Neviditelný pes.mht
[2014.04.03 22:32:21 | 001,163,294 | ---- | M] () -- C:\Users\Jan\Desktop\Kudy na Třeboň_ Jak wehrmacht prověřoval obranu jižních Čech - iDNES.cz.mht
[2014.03.19 01:36:13 | 000,444,830 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20140409-071557.backup
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2014.04.15 10:11:13 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.04.14 20:17:47 | 000,781,383 | ---- | C] () -- C:\Users\Jan\Desktop\RSIT.exe
[2014.04.05 19:36:28 | 000,013,205 | ---- | C] () -- C:\Users\Jan\.recently-used.xbel
[2014.04.03 22:34:10 | 001,154,027 | ---- | C] () -- C:\Users\Jan\Desktop\ARCHITEKTURA_ Ludvík Kysela - Neviditelný pes.mht
[2014.04.03 22:32:21 | 001,163,294 | ---- | C] () -- C:\Users\Jan\Desktop\Kudy na Třeboň_ Jak wehrmacht prověřoval obranu jižních Čech - iDNES.cz.mht
[2014.01.06 17:15:37 | 000,000,096 | ---- | C] () -- C:\Windows\cdrom32.ini
[2014.01.06 17:15:37 | 000,000,096 | ---- | C] () -- C:\Windows\cdrom16.ini
[2014.01.06 17:15:37 | 000,000,032 | ---- | C] () -- C:\Windows\server16.ini
[2014.01.06 17:15:36 | 000,000,397 | ---- | C] () -- C:\Windows\dxflib32.ini
[2014.01.06 17:14:36 | 000,000,027 | ---- | C] () -- C:\Windows\crash81.INI
[2013.11.27 21:33:23 | 000,000,008 | ---- | C] () -- C:\Windows\System32\PROTOCOL.INI
[2013.11.27 21:26:31 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2013.04.12 18:50:30 | 000,000,473 | ---- | C] () -- C:\Windows\wininit.ini
[2013.03.19 19:39:09 | 000,180,760 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013.03.19 19:39:08 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2012.12.25 14:57:22 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2012.12.25 02:48:09 | 000,022,856 | ---- | C] () -- C:\Windows\System32\Photoshop Elements.ini
[2012.12.25 02:48:09 | 000,015,605 | ---- | C] () -- C:\Windows\System32\PhotoImpact XL SE.ini
[2012.12.25 02:48:09 | 000,010,513 | ---- | C] () -- C:\Windows\System32\Windows7.ini
[2012.12.25 02:48:09 | 000,010,251 | ---- | C] () -- C:\Windows\System32\Vista.ini
[2012.12.25 02:48:09 | 000,009,868 | ---- | C] () -- C:\Windows\System32\XP_2000.ini
[2012.12.25 02:48:09 | 000,000,969 | ---- | C] () -- C:\Windows\System32\Corel Draw Essential X5.ini
[2012.12.25 02:48:09 | 000,000,963 | ---- | C] () -- C:\Windows\System32\Corel Draw Essential 4.ini
[2012.12.25 02:48:09 | 000,000,833 | ---- | C] () -- C:\Windows\System32\MKProfile.ini
[2012.12.25 02:48:04 | 007,144,448 | ---- | C] () -- C:\Windows\System32\WTMKM.exe
[2012.12.25 02:48:02 | 000,045,056 | ---- | C] () -- C:\Windows\System32\InstallService.exe
[2012.12.25 02:47:59 | 004,109,824 | ---- | C] () -- C:\Windows\System32\Control Panel_Betteryless.exe
[2012.12.25 02:47:59 | 000,147,456 | ---- | C] () -- C:\Windows\System32\Calibration.exe
[2012.12.25 02:47:58 | 000,871,936 | ---- | C] () -- C:\Windows\System32\atwtusb.exe
[2012.12.25 02:47:56 | 000,835,072 | ---- | C] () -- C:\Windows\RmTablet.exe
[2012.12.25 02:47:55 | 000,010,708 | ---- | C] () -- C:\Windows\System32\aiptbl.ini
[2012.01.08 16:12:32 | 000,095,744 | ---- | C] () -- C:\Users\Jan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.08 15:19:25 | 000,000,017 | ---- | C] () -- C:\Users\Jan\AppData\Local\resmon.resmoncfg
[color=#E56717]========== ZeroAccess Check ==========[/color]
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010.07.27 16:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[color=#E56717]========== LOP Check ==========[/color]
[2012.01.08 02:20:44 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Autodesk
[2014.01.25 18:57:21 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\AVAST Software
[2012.08.02 15:43:53 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\DAEMON Tools Lite
[2013.01.07 20:53:07 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Dev-Cpp
[2012.04.20 12:23:49 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\fltk.org
[2012.01.24 01:57:43 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\GHISLER
[2014.04.05 19:36:28 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\gtk-2.0
[2014.03.30 19:58:16 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\ICQ
[2014.03.25 16:59:26 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Mp3tag
[2012.01.07 20:16:07 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Opera
[2014.01.16 01:18:44 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Opera Software
[2014.04.03 22:43:43 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\uTorrent
[2012.01.23 16:24:28 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\WinBatch
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Custom Scans ==========[/color]
[color=#A23BEC]< >[/color]
[2009.07.14 06:53:46 | 000,032,528 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2012.01.08 01:42:56 | 000,000,428 | ---- | C] () -- C:\Windows\Tasks\Defraggler Volume C Task.job
[2012.01.29 17:19:47 | 000,000,950 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.01.29 17:19:50 | 000,000,954 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.04.04 14:22:53 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[color=#A23BEC]< >[/color]
[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[color=#A23BEC]< MD5 for: AUTOCHK.EXE >[/color]
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\System32\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color]
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[color=#A23BEC]< MD5 for: CRYPTSVC.DLL >[/color]
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\System32\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
[2012.11.13 14:07:52 | 003,906,584 | ---- | M] (Safer-Networking Ltd.) MD5=E4A0900CF535888DDD85B10040CA3E34 -- C:\Program Files\Spybot - Search & Destroy 2\explorer.exe
[color=#A23BEC]< MD5 for: HAL.DLL >[/color]
[2009.07.14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\System32\hal.dll
[2009.07.14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
[color=#A23BEC]< MD5 for: IASTORV.SYS >[/color]
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[color=#A23BEC]< MD5 for: ISAPNP.SYS >[/color]
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\drivers\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\isapnp.sys
[color=#A23BEC]< MD5 for: LSASS.EXE >[/color]
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\System32\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe
[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009.07.14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\System32\drivers\ndis.sys
[2009.07.14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys
[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
[color=#A23BEC]< MD5 for: NVRAID.SYS >[/color]
[2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\System32\drivers\nvraid.sys
[2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvraid.sys
[color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color]
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
[color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[color=#A23BEC]< MD5 for: SMSS.EXE >[/color]
[2009.07.14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\System32\smss.exe
[2009.07.14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe
[color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color]
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[color=#A23BEC]< MD5 for: TCPIP.SYS >[/color]
[2011.04.25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.09.29 18:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2011.04.25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2011.09.29 18:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2011.09.29 17:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\System32\drivers\tcpip.sys
[2011.09.29 17:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2011.09.29 18:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011.04.25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2011.04.25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[color=#A23BEC]< MD5 for: WS2_32.DLL >[/color]
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\System32\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
[color=#A23BEC]< >[/color]
[color=#A23BEC]< %systemroot%*.* /U /s >[/color]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[2002.07.02 12:47:24 | 000,026,763 | ---- | M] () -- C:\CUTPBO.EXE
[1997.09.09 22:13:04 | 000,044,032 | ---- | M] () -- C:\DEM2TGA.EXE
[2003.06.18 14:03:00 | 000,032,768 | ---- | M] () -- C:\TGA2ASE.exe
[2001.07.16 08:04:58 | 000,057,344 | ---- | M] () -- C:\WaveToLip.exe
[2004.06.06 01:56:54 | 000,040,960 | ---- | M] () -- C:\WSSFileConverter.exe
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]
[color=#A23BEC]< %APPDATA%\*. >[/color]
[2012.01.08 01:09:10 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Adobe
[2012.01.08 02:20:44 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Autodesk
[2014.01.25 18:57:21 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\AVAST Software
[2012.12.25 14:57:22 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Corel
[2012.08.02 15:43:53 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\DAEMON Tools Lite
[2013.01.07 20:53:07 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Dev-Cpp
[2012.04.20 12:23:49 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\fltk.org
[2012.01.24 01:57:43 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\GHISLER
[2014.04.05 19:36:28 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\gtk-2.0
[2014.03.30 19:58:16 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\ICQ
[2012.01.07 20:35:50 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Macromedia
[2012.09.10 16:35:24 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Malwarebytes
[2009.07.14 09:48:45 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Media Center Programs
[2014.04.14 20:17:01 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Media Player Classic
[2013.12.05 18:42:29 | 000,000,000 | --SD | M] -- C:\Users\Jan\AppData\Roaming\Microsoft
[2012.06.13 18:10:14 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Mozilla
[2014.03.25 16:59:26 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Mp3tag
[2012.01.07 20:16:07 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Opera
[2014.01.16 01:18:44 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Opera Software
[2012.01.24 03:38:02 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\PSpad
[2013.05.13 10:51:24 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Skype
[2014.04.03 22:43:43 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\uTorrent
[2012.01.23 16:24:28 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\WinBatch
[2012.01.07 20:33:47 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\WinRAR
[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]
[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /3 >[/color]
[color=#A23BEC]< %systemroot%\system32\*.* /3 >[/color]
[2014.04.14 19:17:36 | 000,020,576 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.04.14 19:17:36 | 000,020,576 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[2002.07.02 12:47:24 | 000,026,763 | ---- | M] () -- C:\CUTPBO.EXE
[1997.09.09 22:13:04 | 000,044,032 | ---- | M] () -- C:\DEM2TGA.EXE
[2003.06.18 14:03:00 | 000,032,768 | ---- | M] () -- C:\TGA2ASE.exe
[2001.07.16 08:04:58 | 000,057,344 | ---- | M] () -- C:\WaveToLip.exe
[2004.06.06 01:56:54 | 000,040,960 | ---- | M] () -- C:\WSSFileConverter.exe
[color=#A23BEC]< >[/color]
[color=#A23BEC]< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >[/color]
[color=#A23BEC]< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >[/color]
[color=#A23BEC]< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >[/color]
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
[color=#A23BEC]< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >[/color]
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
[color=#A23BEC]< >[/color]
[color=#A23BEC]< type c:\boot.ini >> test.txt /c >[/color]
[color=#A23BEC]< %SystemDrive%\PhysicalMBR.bin /md5 >[/color]
[2014.04.15 10:11:13 | 000,000,512 | ---- | M] () MD5=232174B04B15FB31F37152973BD9AD85 -- C:\PhysicalMBR.bin
[color=#A23BEC]< >[/color]
[color=#A23BEC]< *crack* /s >[/color]
[2005.03.08 12:30:56 | 000,092,827 | ---- | M] () -- \Program Files\Corel\CorelDRAW Essentials 4\Custom Data\Bumpmap\Cracks.cpt
[2008.09.22 18:44:20 | 000,017,870 | ---- | M] () -- \Program Files\Corel\CorelDRAW Essentials 4\Custom Data\Canvas\cracks2c.bmp
[2005.03.08 12:31:08 | 000,010,560 | ---- | M] () -- \Program Files\Corel\CorelDRAW Essentials 4\Custom Data\Tiles\CRACKS2M.CPT
[2010.10.04 23:50:56 | 000,062,238 | ---- | M] () -- \Program Files\GIMP-2.0\share\gimp\2.0\patterns\cracked.pat
[2007.05.31 10:42:04 | 000,041,019 | ---- | M] () -- \Škola C\SŠ\Ivt\server2go_a2\server\php\ext\php_crack.dll
[2012.02.18 01:05:51 | 000,000,696 | ---- | M] () -- \Users\Jan\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fcdn.crackberry.com%2Fthemes%2Fcrackberry3%2Ffavicon.png
[2013.11.02 01:25:05 | 000,000,732 | ---- | M] () -- \Users\Jan\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fi.crackedcdn.com%2Fphpimages%2Farticle%2F6%2F1%2F0%2F90610_v1.png
[2014.04.08 16:46:10 | 000,000,895 | ---- | M] () -- \Users\Jan\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fupload.wikimedia.org%2Fwikipedia%2Fcommons%2Fa%2Fa9%2FASR_cracks_concrete_step_barrier_FHWA_2006.png
[2013.02.14 16:16:14 | 000,000,613 | ---- | M] () -- \Users\Jan\AppData\Roaming\uTorrent\Grand_Theft_Auto_IV_Crack_Only-Razor1911.torrent
[color=#A23BEC]< *keygen* /s >[/color]
[color=#A23BEC]< *AntiWPA* /s >[/color]
[color=#A23BEC]< *loader* /s >[/color]
[2013.11.28 00:25:52 | 000,043,839 | ---- | M] () -- \Buldozer\Data\bmp_vez_loader.pac
[2013.11.28 00:10:48 | 000,043,839 | ---- | M] () -- \Buldozer\HWTL\Data\bmp_vez_loader.pac
[2011.02.03 20:53:33 | 000,134,368 | ---- | M] () -- \Program Files\Autodesk\AutoCAD Civil 3D 2012\AcAutoLoader.arx
[2011.03.15 05:58:23 | 000,010,568 | ---- | M] () -- \Program Files\Autodesk\AutoCAD Civil 3D 2012\AcAutoLoaderRes.dll
[2011.02.28 20:36:26 | 000,071,592 | ---- | M] () -- \Program Files\Autodesk\AutoCAD Civil 3D 2012\AcMapLoader.arx
[2011.02.28 20:36:26 | 000,007,592 | ---- | M] () -- \Program Files\Autodesk\AutoCAD Civil 3D 2012\AcMapLoaderRes.dll
[2011.02.03 20:52:48 | 000,328,416 | ---- | M] () -- \Program Files\Autodesk\AutoCAD Civil 3D 2012\AdDownloaderCore.dll
[2011.03.18 09:12:04 | 000,022,368 | ---- | M] () -- \Program Files\Autodesk\AutoCAD Civil 3D 2012\AeccXBuildingSiteLoader.dll
[2011.03.18 09:11:54 | 000,164,192 | ---- | M] () -- \Program Files\Autodesk\AutoCAD Civil 3D 2012\AeccXLandLoader.dll
[2011.03.18 09:12:04 | 000,056,672 | ---- | M] () -- \Program Files\Autodesk\AutoCAD Civil 3D 2012\AeccXPipeLoader.dll
[2011.03.18 09:11:58 | 000,079,200 | ---- | M] () -- \Program Files\Autodesk\AutoCAD Civil 3D 2012\AeccXRoadwayLoader.dll
[2011.03.18 09:12:00 | 000,063,328 | ---- | M] () -- \Program Files\Autodesk\AutoCAD Civil 3D 2012\AeccXSurveyLoader.dll
[2011.03.18 09:11:44 | 000,033,632 | ---- | M] () -- \Program Files\Autodesk\AutoCAD Civil 3D 2012\AeccXUiLandLoader.dll
[2011.03.18 09:11:46 | 000,023,904 | ---- | M] () -- \Program Files\Autodesk\AutoCAD Civil 3D 2012\AeccXUiPipeLoader.dll
[2011.03.18 09:11:50 | 000,024,416 | ---- | M] () -- \Program Files\Autodesk\AutoCAD Civil 3D 2012\AeccXUiRoadwayLoader.dll
[2011.03.18 09:11:52 | 000,023,904 | ---- | M] () -- \Program Files\Autodesk\AutoCAD Civil 3D 2012\AeccXUiSurveyLoader.dll
[2011.03.18 09:12:02 | 000,021,344 | ---- | M] () -- \Program Files\Autodesk\AutoCAD Civil 3D 2012\AeccXUtilitiesLoader.dll
[2011.02.19 02:32:30 | 000,024,456 | ---- | M] () -- \Program Files\Autodesk\AutoCAD Civil 3D 2012\AecLoader.arx
[2011.02.19 02:32:26 | 000,069,512 | ---- | M] () -- \Program Files\Autodesk\AutoCAD Civil 3D 2012\AecXBaseLoader.dll
[2011.02.19 02:32:08 | 000,069,512 | ---- | M] () -- \Program Files\Autodesk\AutoCAD Civil 3D 2012\AecXDisplayPropsDataLoader.dll
[2011.02.19 02:32:12 | 000,069,512 | ---- | M] () -- \Program Files\Autodesk\AutoCAD Civil 3D 2012\AecXDtlLoader.dll
[2011.02.19 02:32:24 | 000,068,488 | ---- | M] () -- \Program Files\Autodesk\AutoCAD Civil 3D 2012\AecXDynPropsLoader.dll
[2011.02.19 02:32:04 | 000,069,512 | ---- | M] () -- \Program Files\Autodesk\AutoCAD Civil 3D 2012\AecXExtendedDataLoader.dll
[2011.02.19 02:32:08 | 000,069,512 | ---- | M] () -- \Program Files\Autodesk\AutoCAD Civil 3D 2012\AecXGuiBaseLoader.dll
[2011.02.19 02:32:06 | 000,069,512 | ---- | M] () -- \Program Files\Autodesk\AutoCAD Civil 3D 2012\AecXToolClassLoader.dll
[2011.02.19 02:32:26 | 000,069,512 | ---- | M] () -- \Program Files\Autodesk\AutoCAD Civil 3D 2012\AecXUIBaseLoader.dll
[2011.02.28 20:38:08 | 000,266,152 | ---- | M] () -- \Program Files\Autodesk\AutoCAD Civil 3D 2012\EmbeddedSQLiteLoader.dll
[2010.11.23 22:35:32 | 000,003,208 | ---- | M] () -- \Program Files\Autodesk\AutoCAD Civil 3D 2012\AdExchange\loader.gif
[2012.01.07 22:44:43 | 000,000,390 | ---- | M] () -- \Program Files\Autodesk\AutoCAD Civil 3D 2012\Help\contexthelp\APPAUTOLOADER.htm
[2014.04.07 18:05:32 | 000,072,480 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2010.02.07 23:40:00 | 000,000,543 | ---- | M] () -- \Program Files\GIMP-2.0\etc\gtk-2.0\gdk-pixbuf.loaders
[2009.12.15 19:58:18 | 000,017,056 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2009.12.15 19:58:20 | 000,018,592 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2009.12.15 19:58:24 | 000,026,272 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2009.12.15 19:58:26 | 000,012,960 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2009.12.15 19:58:28 | 000,017,568 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2009.12.15 19:58:56 | 000,019,616 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2009.12.15 19:59:04 | 000,015,008 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2009.12.15 19:59:06 | 000,019,104 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2009.12.15 19:59:10 | 000,017,056 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2009.12.15 19:59:14 | 000,012,448 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2009.12.15 19:59:16 | 000,016,544 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2009.12.15 19:59:20 | 000,016,544 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2009.12.15 19:59:22 | 000,011,936 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2009.12.15 19:59:24 | 000,013,984 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2009.12.15 19:59:28 | 000,028,320 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2009.05.01 21:42:00 | 000,009,880 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2012.06.19 23:48:58 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7M\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2012.06.19 23:48:58 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7M\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2012.06.19 23:48:58 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7M\imApp\theme\MUICoreLib\xtraLoader.swf
[2012.06.19 23:49:12 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7M\Xtraz\icq\content\profile_lightboxs\preloader.html
[2011.05.17 12:04:32 | 000,011,776 | ---- | M] () -- \ProgramData\Autodesk\C3D 2012\csy\Data\Reports\Net\Lisploader.dll
[2011.05.17 12:04:32 | 000,026,112 | ---- | M] () -- \ProgramData\Autodesk\C3D 2012\csy\Data\Reports\Net\Lisploader.pdb
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2011.05.17 12:04:32 | 000,011,776 | ---- | M] () -- \Users\All Users\Autodesk\C3D 2012\csy\Data\Reports\Net\Lisploader.dll
[2011.05.17 12:04:32 | 000,026,112 | ---- | M] () -- \Users\All Users\Autodesk\C3D 2012\csy\Data\Reports\Net\Lisploader.pdb
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.05.02 19:59:00 | 000,000,301 | ---- | M] () -- \Users\Jan\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fstaticpics.allegro.pl%2Fpublic%2Fuploaded%2F56%2Fhelp%2FAloader_i.png
[2012.07.17 14:18:16 | 000,009,051 | ---- | M] () -- \Users\Jan\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\loader.gif
[2012.07.17 14:18:16 | 000,016,119 | ---- | M] () -- \Users\Jan\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.jpg
[2012.07.17 14:18:16 | 000,018,434 | ---- | M] () -- \Users\Jan\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.png
[2012.07.17 14:18:16 | 000,009,283 | ---- | M] () -- \Users\Jan\AppData\Roaming\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\ImageInfoLoader.js
[2012.07.17 14:18:16 | 000,001,898 | ---- | M] () -- \Users\Jan\AppData\Roaming\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\NewsLoader.js
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2009.07.14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2012.01.07 21:35:39 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2012.01.07 21:35:39 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2012.01.07 21:35:39 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2009.07.14 06:56:40 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009.07.14 06:56:40 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winload.exe.mui_3bc5b827
[2009.07.14 06:56:40 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winresume.exe.mui_ff8b5358
[2012.01.07 21:47:47 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2012.01.07 21:47:47 | 000,507,568 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed_winload.exe_75835076
[2012.01.07 21:47:47 | 000,442,920 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed_winresume.exe_85cd1215
[2009.07.14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.13 19:54:50 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 04:29:12 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009.07.14 03:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 09:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 09:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2009.07.14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[color=#A23BEC]< *minodlogin* /s >[/color]
[color=#A23BEC]< *tnod* /s >[/color]
[2012.01.07 22:46:10 | 000,000,496 | ---- | M] () -- \Program Files\Autodesk\AutoCAD Civil 3D 2012\Help\contexthelp\TOPOCR_1_EDITNODE_C.htm
[2012.01.07 22:46:10 | 000,000,496 | ---- | M] () -- \Program Files\Autodesk\AutoCAD Civil 3D 2012\Help\contexthelp\TOPOCR_1_EDITNODE_P.htm
[2012.01.07 22:46:10 | 000,000,496 | ---- | M] () -- \Program Files\Autodesk\AutoCAD Civil 3D 2012\Help\contexthelp\TOPOCR_1_EDITNODE_R.htm
[color=#A23BEC]< *AutoKMS* /s >[/color]
[color=#A23BEC]< *activator* /s >[/color]
[color=#A23BEC]< *serial* /s >[/color]
[2008.07.31 16:41:44 | 000,002,502 | ---- | M] () -- \Program Files\Common Files\Autodesk Shared\AdLM\R4\cs-CZ\Webdepot\RTSerialNumberHelp.html
[2007.04.20 23:57:18 | 000,005,540 | ---- | M] () -- \Program Files\Common Files\Autodesk Shared\GIS\ImportExport\9.1\tcl_library\grammar_fa\tests\fa_serial.test
[2007.04.20 23:57:20 | 000,007,945 | ---- | M] () -- \Program Files\Common Files\Autodesk Shared\GIS\ImportExport\9.1\tcl_library\struct\graph\tests\deserialize.test
[2007.04.20 23:57:20 | 000,004,341 | ---- | M] () -- \Program Files\Common Files\Autodesk Shared\GIS\ImportExport\9.1\tcl_library\struct\graph\tests\serialize.test
[2012.09.13 12:25:40 | 000,000,989 | ---- | M] () -- \Program Files\Opera Next\profile\icons\http%3A%2F%2Fwww.ceskatelevize.cz%2Fspecialy%2Fvypadas-skvele%2F204522160520017%2Fserial01.png
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009.06.08 11:38:48 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.12.05 15:35:46 | 000,000,277 | ---- | M] () -- \Users\Jan\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fassets.summon.serialssolutions.com%2F510fb04da61f866b8900.png
[2012.01.12 23:06:16 | 000,000,958 | ---- | M] () -- \Users\Jan\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fgetvideoartwork.com%2Fgallery%2Fmain.php%3Fg2_view=core.DownloadItem&g2_itemId=78679&g2_serialNumb.png
[2012.01.23 16:32:58 | 000,000,774 | ---- | M] () -- \Users\Jan\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fiserialy.sk%2F.png
[2012.01.18 14:28:13 | 000,000,877 | ---- | M] () -- \Users\Jan\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fokresni-prebor.serialovysvet.cz%2Fwp-content%2Fthemes%2Fmodblog%2Ffavicon.png
[2012.04.21 22:00:45 | 000,000,389 | ---- | M] () -- \Users\Jan\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.serial-online.cz%2Ffavicon.png
[2012.01.07 23:51:41 | 000,000,581 | ---- | M] () -- \Users\Jan\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.serialzone.cz%2Ffavicon.png
[2012.01.23 16:32:58 | 000,000,052 | ---- | M] () -- \Users\Jan\AppData\Local\Opera\Opera\icons\iserialy.sk.idx
[2010.11.05 18:13:25 | 000,771,174 | ---- | M] () -- \Video\Dr. Horrible’s Sing-Along Blog – 01×01 Act I _ serialy.kinotip.cz - online seriály zdarma.mht
[2009.06.10 15:14:16 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.08 11:38:48 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2009.07.14 06:43:53 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\39e53f507d9cbc5c10a2f47c4b0d09dd\System.Runtime.Serialization.ni.dll
[2012.01.08 03:06:33 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\8dba8803fad87c39c0afbdce6c19fdd0\System.Runtime.Serialization.ni.dll
[2009.07.14 06:43:05 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d57d865568209a71d63739fa448ed6df\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.01.07 22:03:23 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\fa42950143908bea4f88f3b9fd693e94\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.01.08 03:34:26 | 000,310,272 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\d0ff3383438d688a0118d0fa19ed1dc4\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.01.08 03:34:49 | 002,625,024 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\e9f8a45b1063d6c6a62718c88a5623d1\System.Runtime.Serialization.ni.dll
[2012.01.07 22:28:57 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.01.07 22:25:53 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.01.07 22:28:57 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2012.01.07 22:25:51 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 15:14:16 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:14:06 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2010.06.15 03:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 03:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2009.07.13 19:38:14 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2009.07.13 19:39:44 | 000,009,728 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2009.07.14 04:09:30 | 000,010,240 | ---- | M] () -- \Windows\System32\drivers\en-US\serial.sys.mui
[2009.07.14 00:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009.07.14 00:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2009.07.14 04:10:04 | 000,005,120 | ---- | M] () -- \Windows\System32\en-US\serialui.dll.mui
[2009.07.14 04:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 04:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2012.01.07 21:35:26 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 06:56:40 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b_serialui.dll.mui_7d29d2a3
[2009.07.14 04:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 03:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2009.07.13 19:54:22 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2009.07.14 04:28:14 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2009.07.14 03:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2009.07.14 03:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 03:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2009.07.14 03:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 15:14:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2009.06.08 11:38:48 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2009.07.14 00:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2009.06.10 15:14:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c002c1170ca9a88f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.13 19:38:14 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 04:10:04 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.06.08 11:38:48 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2009.07.13 19:39:44 | 000,009,728 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c48c78a9ad8ff996\serial.sys.mui
[2009.07.14 04:09:30 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_07e2c405948a55f4\serial.sys.mui
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009.07.14 00:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[color=#A23BEC]< *w7lxe* /s >[/color]
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:55B41E6A
< End of report >
Re: Preventivní kontrola
Extras.Txt
Kód: Vybrat vše
OTL Extras logfile created on: 15.4.2014 10:07:36 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jan\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,87 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 48,69% Memory free
5,73 Gb Paging File | 3,88 Gb Available in Paging File | 67,62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 150,66 Gb Total Space | 35,53 Gb Free Space | 23,58% Space Free | Partition Type: NTFS
Drive D: | 145,97 Gb Total Space | 8,94 Gb Free Space | 6,13% Space Free | Partition Type: NTFS
Computer Name: JAN | User Name: Jan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = OperaStable] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-1481942134-3799304495-3899917968-1001\SOFTWARE\Classes\<extension>]
.html [@ = OperaStable] -- Reg Error: Key error. File not found
[color=#E56717]========== Shell Spawning ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[color=#E56717]========== Firewall Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[color=#E56717]========== Authorized Applications List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0199F7C1-FCC5-4C2B-956F-B4FFD6F4506B}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{01AD1AAE-622A-40AF-82D8-D3F9A5DF2B9E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{04CFAAD3-66D5-43A9-A0AE-9BC833F1D2F3}" = rport=445 | protocol=6 | dir=out | app=system |
"{0614B654-E84F-423F-BC17-2461C6726423}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{06863F76-7045-4733-9E0E-8C93C41D9398}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{0AAE37DE-6478-435E-A359-1A27A44E24AC}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{0B481394-C51C-4824-895E-DC6FE758A8B1}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{0C8321A1-0D19-492A-A265-2F49F2D9420E}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{0CC4A12D-E3C3-4908-9E32-AC2B3CA381DE}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{0F4A1138-EEA6-483A-8C79-5B857BD61039}" = lport=2869 | protocol=6 | dir=in | app=system |
"{116AA6DF-DAC6-4C8B-BC6E-B650BD5E2243}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{163B76DE-E3BB-405D-9E5B-B6B2F9718DE1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{204A2FF1-1133-47FF-874B-7D6D5A67906F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{20E291F3-D359-48D9-8CC6-78BF56A55768}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{25AEE458-F795-4595-936F-E208912E955B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{298A4E0F-5742-420C-BC06-556C6E6C8AAD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2E727B45-C3D3-45C6-A692-2A638CE7112B}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{31EF3DF5-00AA-45B7-AA89-D6251D384C31}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{32C45186-F53A-4D62-8E53-292A8657C1AF}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{342DB2AF-66FE-42E2-AA06-D33B257CEE39}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{34E005E5-1BF2-479F-B2E6-24DCBA6C1576}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{363A351F-F0FC-4626-A55E-89B07125F157}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{37345304-929D-4102-9469-743B423BCF48}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{3923FC54-7B36-4795-AD93-3211DDAEB294}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3C532B89-A729-4D62-9964-2E9AD06DBCFF}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{482E425B-EC2E-4C09-A10C-94C848423AFB}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{4B360100-5913-4639-93E4-7BA8A2D9EFE6}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4CE93C54-F9B1-499F-926A-8D0CDA52DDC1}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{4D36BC07-496D-41E0-B476-9BFECCB8E663}" = rport=2869 | protocol=6 | dir=out | app=system |
"{4D8829FB-5759-44C5-909E-E5FD24E2E3EC}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{4DA29708-3399-45C2-BC86-CEAED5AEDB51}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{4E2B8608-FA10-483E-880D-B8DB25DB5DFC}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{545F0751-4CBF-4A3E-A891-11C264387737}" = rport=2869 | protocol=6 | dir=out | app=system |
"{58A1BF2E-4FF0-47F7-8A6E-EB843CA100BE}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{58B110DE-60FA-4CA4-8BD2-A22FBC8F4013}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{58B86AF5-5102-4311-98D4-8906142D0A45}" = rport=2869 | protocol=6 | dir=out | app=system |
"{5D355932-C6A4-486F-B231-A5E00A216281}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5D873E25-5703-40B8-8633-5754E388C66B}" = rport=2869 | protocol=6 | dir=out | app=system |
"{6045AFDF-018C-4399-B807-2A943CC7C81D}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{62FBAA31-57EB-4DC0-ABC9-F44C22E3839D}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{6973D295-ADC6-4520-90A4-0D69DCF6EE59}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{6AEF5351-FF54-4E7F-9C47-6882834F9DEE}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{6D5C41EE-06EB-473B-AF1B-A53BA6D7290F}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{7069611B-AA68-4516-B291-EF91FA3E1061}" = lport=2869 | protocol=6 | dir=in | app=system |
"{72E72ADE-E2E9-4708-B89B-8707FA7DC9B1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7311FC3F-7309-401B-AB92-C3B25D7BA1DD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{75163740-4667-4DB9-8549-F4B0C8B1AA2B}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{7949E846-B00C-4B03-B31A-350E6E23CF09}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7B2D9921-6A23-4571-9057-742EC16FBD18}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7D1F3532-F4A5-4A1A-8D31-2FDDED0AF196}" = lport=138 | protocol=17 | dir=in | app=system |
"{7DF27ACF-F816-473F-847E-4BC328463DE3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7DF3FB3A-296A-4EFC-B097-E5EC623471C8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{8307F5B1-985E-4066-8966-924D95BA013F}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{84B6AD31-B62D-4B41-B307-711E466DE87C}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{87AC38AA-D68D-4310-9438-11D8750D408D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8DFEA0B4-A76D-4C36-A7B2-E1E8C53A9610}" = lport=10243 | protocol=6 | dir=in | app=system |
"{94F9FDE2-398E-4795-A4A5-D9EE3EF54595}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{97252ABC-B1D5-4608-A000-83F3CB45B531}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{98926625-E682-4328-AB58-3C73806B84D2}" = lport=445 | protocol=6 | dir=in | app=system |
"{98FF0D58-5ABC-4165-AF24-A1265961A680}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{99D56BF4-EF59-45D6-9BD1-F5410DE9A555}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9C93074C-FA4C-4DC4-8B59-3E5A91A0CBDB}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{A3EEA616-B37B-416C-BBBB-CCEF6866FB3D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A51CC0CA-C437-4A75-8BED-138E26049708}" = rport=2869 | protocol=6 | dir=out | app=system |
"{A93603D1-34A1-4591-89FD-7D8F11412487}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A9C61D67-BAA1-4293-BFD6-725EAC01CE12}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{AF089239-7823-4E26-8707-D1E3EFD182F4}" = rport=10243 | protocol=6 | dir=out | app=system |
"{B8887E89-F546-45C7-BBA5-C0B00E24F407}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{B913BCEE-3769-4F73-87E3-0BC6520688E2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BA9CC265-2E93-41F0-BC83-380D4E611CF1}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{BD897010-A1DC-447C-B505-7E04373B6BE3}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{BF4DA5F2-ED0C-4BEC-B77E-5EE6FD3A577F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BFCA10A9-2224-4980-A2D3-8E494DE70380}" = rport=137 | protocol=17 | dir=out | app=system |
"{C00D9D51-E6E1-42BF-A94A-3BF598A75922}" = rport=138 | protocol=17 | dir=out | app=system |
"{C21EB430-F1C5-48CC-BFC6-E883027114B2}" = rport=2869 | protocol=6 | dir=out | app=system |
"{C41D8AF7-2C04-4913-91B9-744ABD5E898C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C44D02BF-E04B-4228-9F7B-1CA471FCDDCC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C8C2705D-8EAB-40CC-909B-0712712A5E6F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C8E598C5-460D-435C-A741-1D892E9B077E}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{C9D17DED-9F81-4625-A5EB-2795B459442E}" = rport=139 | protocol=6 | dir=out | app=system |
"{CDFCF0EE-5962-4D10-873D-43447CBCDCD8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D96ED9FC-21D4-402F-B64F-21E6C2211CBD}" = lport=137 | protocol=17 | dir=in | app=system |
"{D994F716-9AA4-4ADE-BA9B-C3E129FAAFC9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{DB076587-7997-46A1-A0DF-E063EDE179E7}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{E4CB7FB9-305F-4222-8254-026FFA385F47}" = rport=2869 | protocol=6 | dir=out | app=system |
"{E96368EA-993E-4891-9331-5D16DC4C5E21}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E96E77CD-80EC-4696-A7BE-BD972E2FA8FE}" = rport=2869 | protocol=6 | dir=out | app=system |
"{EB84D03A-9C67-4F98-84F7-8A18FB490B21}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{ED97EA19-7CB8-4150-A2C1-117DBF09DA43}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EE1ACE70-0211-454B-8FC0-546190589208}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EEEEB33C-2C40-4C56-89C1-BD7E656B6068}" = lport=139 | protocol=6 | dir=in | app=system |
"{EFF6348A-F038-4498-8096-47CF73BB1BBE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F13E477B-07A2-477C-AC54-93A6E46FA414}" = rport=2869 | protocol=6 | dir=out | app=system |
"{F2A1A1CF-FBC3-4517-A676-107AF2F3B930}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F617E2F3-B32F-4776-9FFB-F83DD5D49260}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F9089D81-4C5E-4C3D-912B-06BA3CA34C83}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0CBF648E-B613-43E4-8AD4-096D98E90C63}" = protocol=17 | dir=in | app=c:\program files\opera next\opera.exe |
"{0DB041F4-378D-4AF5-8D5C-0999411E2922}" = protocol=17 | dir=in | app=c:\program files\icq7m\icq.exe |
"{0ED9C5EC-AFC7-4EEA-AB7D-F974F1B734FD}" = protocol=6 | dir=in | app=c:\hry\bohemia interactive\arma cold war assault\coldwarassault.exe |
"{0EF14528-E72D-400E-AED6-F717C0D432F1}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{1D0848AF-B2A6-4386-AE6D-E921CD2A33EA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{23350D4A-F738-4FF6-8C34-A8CE7F28B7A9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{24735667-55C9-456A-BB8A-E1B9D13C7A2F}" = protocol=6 | dir=in | app=c:\program files\icq7m\icq.exe |
"{2B58C8A5-4CBC-4CB9-AF5E-B144D9114718}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{2EB34A00-DA46-4520-A528-C55B60A7A304}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{31F81164-0C60-44F3-A36C-4CDEEE559CE1}" = protocol=6 | dir=in | app=c:\windows\system32\supdsvc.exe |
"{341272E7-3AF4-45E1-9172-2795E80EEE3B}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{37AB4461-71D5-44BD-995C-0F3093F64533}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{3875AE34-2762-4711-8A0F-D29866C8095E}" = protocol=6 | dir=in | app=c:\program files\opera next\opera.exe |
"{3A993837-A79D-4749-B230-C746E816CA02}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{40AE8AE4-07EA-4A0F-A368-10D9054DC8E4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4418EE3B-7EFD-4562-85FB-4FB5A3A5D1C1}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{45AEF790-AF97-443F-86DB-B23E36B95FF9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{46E620E5-0FC7-4949-98B9-425BDAA90877}" = protocol=17 | dir=in | app=c:\windows\system32\supdsvc.exe |
"{4B8D75DC-DABC-4793-94DC-B6BC6214144A}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{4CB9F395-03A0-40B4-AA33-79E80F4D9288}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{5AB83A81-B42D-41B9-A0DB-348F0ECF3E6F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5D31387B-4516-416F-A6C0-200B698626DD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6164A2FE-3A9A-4C9F-957A-464AC9E111DD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{62AEAED6-5AB7-4685-901F-F989F8F32964}" = protocol=6 | dir=in | app=c:\program files\icq7m\icq.exe |
"{656B2BDD-2608-4A08-A6C5-2B216531B754}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{69AD8F3F-BF48-4933-A84F-BFD263E0E1AA}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{7DB3F9EB-8622-4DA5-953A-AEEA695BE172}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{811964F0-7082-418F-A29E-FFDD18F1BBEF}" = protocol=6 | dir=in | app=c:\program files\opera next\pluginwrapper\opera_plugin_wrapper.exe |
"{8431A885-6B92-46E5-8BE4-E891CFA33734}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{85A0515E-2409-4BC3-A1E6-68E7930F9D8E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{89EEDD9E-DD6A-4F1F-AA32-F2B94A9A9EC3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8F169D11-D787-461E-A255-BFAB2452D879}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8F8623E3-EA1C-44DC-B58A-6BADAC3D2767}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{90A1AD4F-F37D-4489-98F4-9737F33ED9FC}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{90C76121-A1B0-4616-A0BC-41BD033E8463}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{926CFE68-BA87-40FB-A283-60A507F241C5}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{959CEC4D-532D-472B-BEDD-8530B0B40DCE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9696A3C1-0D3E-4D6D-90B4-E1DBD021F820}" = protocol=17 | dir=in | app=c:\program files\icq7m\icq.exe |
"{97E49334-6215-41AE-9036-46B01F4EFEA3}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{9946D4CF-EC91-47A0-9CF4-0F45D4858947}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{99F2B824-2E9C-43F6-9BD3-4B8983493CA0}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{9BB5A1F6-6D64-4363-9D93-899558E0D012}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9E8721FA-7DFD-4318-BBF0-D3B902669F6B}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{A126688D-9FBB-4EAE-9578-4624B5748C48}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AF67D78A-60A3-4B66-9866-530743048C14}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{AFC8EA25-AEB5-4140-B9BB-60C337AD6539}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B73616C5-0387-4475-A239-74B36E98643E}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{BB8E1A14-FF37-46BD-947C-F908268D032E}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{BD8D90CC-8563-4552-9F9A-299916E2F275}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{BDDAB259-6547-4278-9CE0-B0705938C68C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BFE848D2-33EF-4362-A749-A545723176C4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C0C95676-532A-42F5-BC64-9D6BFBC51058}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C918FD9C-5A47-43BE-8083-8661ECCA13E9}" = protocol=17 | dir=in | app=c:\hry\bohemia interactive\arma cold war assault\coldwarassault.exe |
"{CB53F170-3845-40D2-879E-2FE96B5D5074}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{DCA63D0F-C611-40CC-8036-ADC5BB412C22}" = protocol=17 | dir=in | app=c:\hry\bohemia interactive\arma cold war assault\coldwarassault_server.exe |
"{DD99F9C6-E728-41F7-AC32-F82A59A9CE13}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{DF125E3C-691A-4CC7-9023-C78DD67B3AD6}" = protocol=6 | dir=in | app=c:\hry\bohemia interactive\arma cold war assault\coldwarassault_server.exe |
"{EA09CD41-CFAF-4DE7-82A8-3080C5A084E7}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{EAA50190-6055-4444-8757-F26DEAA7DE59}" = protocol=6 | dir=out | app=system |
"{F8227085-8778-4AF2-BE6B-675AD217FEC8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F9899639-349F-4AC3-B0FF-A6BF6A07AC41}" = protocol=17 | dir=in | app=c:\program files\opera next\pluginwrapper\opera_plugin_wrapper.exe |
"{FB363A27-E3A4-4263-AF7B-21BFC737CC3F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"TCP Query User{203FB542-C697-4F4D-A651-C2F4AD02A331}C:\program files\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\program files\totalcmd\totalcmd.exe |
"TCP Query User{349DD7A5-6368-4CD2-BE41-0FA37FD33A8E}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{8F97B5BC-EE34-4848-B0C3-E5BCDC9D7CE1}C:\windows\system32\dpnsvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dpnsvr.exe |
"TCP Query User{9046E000-0DFD-4EAF-85E6-34FF416EAA29}C:\windows\system32\dpnsvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dpnsvr.exe |
"TCP Query User{9E87CA25-759D-452C-8DA4-4CB504B273DB}D:\instalace\operation flashpoint\flashpointresistance.exe" = protocol=6 | dir=in | app=d:\instalace\operation flashpoint\flashpointresistance.exe |
"TCP Query User{A5DD27EF-00DA-4BC8-A3C1-1DF3EBF16651}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{FFCA1F47-28A9-44F9-BD6D-66F9A399B156}C:\hry\bohemia interactive\arma cold war assault\coldwarassault.exe" = protocol=6 | dir=in | app=c:\hry\bohemia interactive\arma cold war assault\coldwarassault.exe |
"UDP Query User{1A0F35FD-8CA8-4CB5-8DE8-296CE8627DE7}C:\windows\system32\dpnsvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dpnsvr.exe |
"UDP Query User{3CBCEA91-DBF4-4791-B6D0-B4BDD6BF4649}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{8B8C3445-28EB-4EE4-AF24-0327BD66E31C}C:\windows\system32\dpnsvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dpnsvr.exe |
"UDP Query User{8C63411C-3A45-49B9-B4A7-C7697DDBA575}D:\instalace\operation flashpoint\flashpointresistance.exe" = protocol=17 | dir=in | app=d:\instalace\operation flashpoint\flashpointresistance.exe |
"UDP Query User{F8FACF5A-AF6E-4884-9546-B1D814C896A4}C:\hry\bohemia interactive\arma cold war assault\coldwarassault.exe" = protocol=17 | dir=in | app=c:\hry\bohemia interactive\arma cold war assault\coldwarassault.exe |
"UDP Query User{F9C85905-40E3-4EEC-B7C0-D8526A1EB04F}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{FFCFBBD0-D541-4685-AB04-2D8E604BD500}C:\program files\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\program files\totalcmd\totalcmd.exe |
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4
"_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"{07B62101-7EBD-434A-94B1-B38063BE5516}" = CorelDRAW Essentials 4 - PHOTO-PAINT
"{084DED0B-890F-450F-93C7-111EF464D909}" = AudioEdit Deluxe
"{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}" = Autodesk Content Service
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0ED4216F-3540-4D6B-8199-1C8DDEA3924B}" = CorelDRAW Essentials 4 - Lang DE
"{19AC095C-3520-4999-AA15-93B6D0248A50}" = CorelDRAW Essentials 4 - Content
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 51
"{34A9406E-1994-4C20-AC72-04CFA2B24545}" = CorelDRAW Essentials 4 - Lang EN
"{3576C335-958D-4D60-A812-F68F9A2796AF}" = CorelDRAW Essentials 4 - Lang IT
"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{5500BB35-1C21-4328-9F16-F894B860FADE}" = CorelDRAW Essentials 4 - Lang NL
"{5783F2D7-A000-0405-0002-0060B0CE6BBA}" = AutoCAD Civil 3D 2012 - česky
"{5783F2D7-A000-0405-1002-0060B0CE6BBA}" = Jazykový balíček pro aplikaci AutoCAD Civil 3D 2012 - čeština
"{65420DC9-306E-4371-905F-F4DC3B418E52}" = Autodesk Material Library Base Resolution Image Library 2012
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76E852ED-1B06-4BC8-9D6A-625DB95FB7E5}" = CorelDRAW Essentials 4 - IPM - No VBA
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{7B4D193B-D76D-308B-8B12-5D9BB1CBCE6C}" = Microsoft Visual Basic Power Packs 3.0
"{83437081-8186-4F63-BD39-4BE8A691E055}" = Hidden & Dangerous 2
"{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}" = Autodesk Material Library 2012
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00B2-0405-0000-0000000FF1CE}" = Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007
"{9043B9A0-9505-405B-8202-E7167A38A89C}" = CorelDRAW Essentials 4
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{A2DE62D8-EF1B-36CB-B461-B1E221ED8608}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABD8B955-1C69-4AF3-949B-13CD587C175F}" = CorelDRAW Essentials 4 - Lang BR
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Czech
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B9FA9F15-A1F3-4DB1-AD49-0B9351843FAA}" = CorelDRAW Essentials 4 - Draw
"{BA9319FE-BCEF-4C99-8039-F464648D046E}" = CorelDRAW Essentials 4 - Lang FR
"{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4 - ICA
"{C682F3F0-00A6-4379-B083-4F3273624D7B}" = CorelDRAW Essentials 4 - Lang ES
"{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"{EB24DAD4-A794-4122-8D82-68C147748DE3}" = dlgv32 Pro (Global Mapper) 5
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F16841F6-5F0F-4DBE-B318-63CEB916F21D}" = CorelDRAW Essentials 4 - Filters
"{F81AB80B-5BB7-4E36-8BA5-E07541CE1BFC}" = HDMI Control Manager
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Arma Cold War Assault" = Arma Cold War Assault Uninstall
"AudioEdit Deluxe" = AudioEdit Deluxe
"AutoCAD Civil 3D 2012 - česky" = AutoCAD Civil 3D 2012 - česky
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5051&SUBSYS_1179" = HDAUDIO Soft Data Fax Modem with SmartCP
"DAEMON Tools Lite" = DAEMON Tools Lite
"Defraggler" = Defraggler
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"InstallShield_{83437081-8186-4F63-BD39-4BE8A691E055}" = Hidden & Dangerous 2
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 8.1.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Mozilla Firefox 28.0 (x86 cs)" = Mozilla Firefox 28.0 (x86 cs)
"Mp3tag" = Mp3tag v2.55a
"OpenAL" = OpenAL
"Opera 12.16.1860" = Opera 12.16
"Opera 21.0.1432.24" = Opera Developer 21.0.1432.24
"PSPad editor_is1" = PSPad editor
"RailCAD v.3.2_is1" = RailCAD verze 3.2 pro AutoCAD 200x
"Recuva" = Recuva
"RmTablet" = Tablet Driver With Macrokey Manager
"SpeedFan" = SpeedFan (remove only)
"ST6UNST #1" = Operation Flashpoint P3D Texture Swap Utility
"STANDARD" = Microsoft Office Standard 2007
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = WinRAR 4.20 (32-bit)
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
[ Application Events ]
Error - 11.4.2014 15:25:49 | Computer Name = Jan | Source = Outlook | ID = 35
Description = Nelze určit, zda se zásobník nachází v oboru procházení (chyba=0x8007041d).
Error - 11.4.2014 15:25:49 | Computer Name = Jan | Source = Outlook | ID = 35
Description = Nelze určit, zda se zásobník nachází v oboru procházení (chyba=0x8007041d).
Error - 11.4.2014 15:25:49 | Computer Name = Jan | Source = Outlook | ID = 35
Description = Nelze určit, zda se zásobník nachází v oboru procházení (chyba=0x8007041d).
Error - 11.4.2014 15:25:49 | Computer Name = Jan | Source = Outlook | ID = 35
Description = Nelze určit, zda se zásobník nachází v oboru procházení (chyba=0x8007041d).
Error - 11.4.2014 15:25:49 | Computer Name = Jan | Source = Outlook | ID = 35
Description = Nelze určit, zda se zásobník nachází v oboru procházení (chyba=0x8007041d).
Error - 11.4.2014 15:25:49 | Computer Name = Jan | Source = Outlook | ID = 35
Description = Nelze určit, zda se zásobník nachází v oboru procházení (chyba=0x8007041d).
Error - 11.4.2014 15:25:50 | Computer Name = Jan | Source = Outlook | ID = 35
Description = Nelze určit, zda se zásobník nachází v oboru procházení (chyba=0x8007041d).
Error - 11.4.2014 15:25:50 | Computer Name = Jan | Source = Outlook | ID = 35
Description = Nelze určit, zda se zásobník nachází v oboru procházení (chyba=0x8007041d).
Error - 11.4.2014 15:25:50 | Computer Name = Jan | Source = Outlook | ID = 35
Description = Nelze určit, zda se zásobník nachází v oboru procházení (chyba=0x8007041d).
Error - 11.4.2014 15:25:55 | Computer Name = Jan | Source = Outlook | ID = 35
Description = Nelze určit, zda se zásobník nachází v oboru procházení (chyba=0x80070015).
[ OSession Events ]
Error - 13.5.2012 7:20:46 | Computer Name = Jan | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 61800
seconds with 0 seconds of active time. This session ended with a crash.
Error - 29.3.2013 7:19:23 | Computer Name = Jan | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 505822
seconds with 720 seconds of active time. This session ended with a crash.
Error - 9.7.2013 3:40:23 | Computer Name = Jan | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 63432
seconds with 60 seconds of active time. This session ended with a crash.
Error - 3.9.2013 15:47:55 | Computer Name = Jan | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 357192
seconds with 480 seconds of active time. This session ended with a crash.
Error - 4.11.2013 19:54:52 | Computer Name = Jan | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 9196
seconds with 3840 seconds of active time. This session ended with a crash.
Error - 4.11.2013 19:56:56 | Computer Name = Jan | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 111
seconds with 60 seconds of active time. This session ended with a crash.
Error - 15.11.2013 10:41:31 | Computer Name = Jan | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 6224
seconds with 3300 seconds of active time. This session ended with a crash.
Error - 15.11.2013 10:42:04 | Computer Name = Jan | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 25
seconds with 0 seconds of active time. This session ended with a crash.
Error - 16.11.2013 13:28:42 | Computer Name = Jan | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 10207
seconds with 6420 seconds of active time. This session ended with a crash.
Error - 16.11.2013 13:56:29 | Computer Name = Jan | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1657
seconds with 1140 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 31.12.2012 16:52:47 | Computer Name = Jan | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR2.
Error - 31.12.2012 16:52:47 | Computer Name = Jan | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR2.
Error - 31.12.2012 16:53:41 | Computer Name = Jan | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR3.
Error - 31.12.2012 16:53:41 | Computer Name = Jan | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR3.
Error - 31.12.2012 16:53:42 | Computer Name = Jan | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR3.
Error - 31.12.2012 16:53:42 | Computer Name = Jan | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR3.
Error - 31.12.2012 17:09:45 | Computer Name = Jan | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR4.
Error - 31.12.2012 17:09:46 | Computer Name = Jan | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR4.
Error - 31.12.2012 17:09:46 | Computer Name = Jan | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR4.
Error - 31.12.2012 17:09:47 | Computer Name = Jan | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR4.
< End of report >
Re: Preventivní kontrola
Nedavejte logy do Code, spatne se to cte.
Jen takova mal technicka. Jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze 
Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivní kontrola
Tu jsem si samozřejmě zakoupil :))
MBAM nic nenašlo, udělal jsem Threat Scan, což je doufám kompletní scan, podle toho popisu u něj:
Malwarebytes Anti-Malware
http://www.malwarebytes.org
Scan Date: 15.4.2014
Scan Time: 11:25:37
Logfile: mbam-log.txt
Administrator: Yes
Version: 2.00.1.1004
Malware Database: v2014.04.15.04
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled
OS: Windows 7
CPU: x86
File System: NTFS
User: Jan
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 233729
Time Elapsed: 8 min, 4 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
MBAM nic nenašlo, udělal jsem Threat Scan, což je doufám kompletní scan, podle toho popisu u něj:
Malwarebytes Anti-Malware
http://www.malwarebytes.org
Scan Date: 15.4.2014
Scan Time: 11:25:37
Logfile: mbam-log.txt
Administrator: Yes
Version: 2.00.1.1004
Malware Database: v2014.04.15.04
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled
OS: Windows 7
CPU: x86
File System: NTFS
User: Jan
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 233729
Time Elapsed: 8 min, 4 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
Re: Preventivní kontrola
MBAM odinstalujte. Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivní kontrola
# AdwCleaner v3.023 - Report created 15/04/2014 at 21:27:18
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Ultimate (32 bits)
# Username : Jan - JAN
# Running from : C:\Users\Jan\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.7600.16912
-\\ Mozilla Firefox v28.0 (cs)
[ File : C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\bz0z25da.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [1100 octets] - [15/04/2014 21:26:21]
AdwCleaner[S0].txt - [1030 octets] - [15/04/2014 21:27:18]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1090 octets] ##########
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Ultimate (32 bits)
# Username : Jan - JAN
# Running from : C:\Users\Jan\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.7600.16912
-\\ Mozilla Firefox v28.0 (cs)
[ File : C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\bz0z25da.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [1100 octets] - [15/04/2014 21:26:21]
AdwCleaner[S0].txt - [1030 octets] - [15/04/2014 21:27:18]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1090 octets] ##########
Re: Preventivní kontrola
Je s tim pc nejaky problem, nebo jde ciste o prevenci? Odinstalujte Spybota, program je zastaraly. Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte
3.5. pro neaktivitu
http://forum.viry.cz/viewtopic.php?f=12&t=123975Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?